[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Another Netscape Bug (and possible security hole)



[email protected] wrote:
| On Fri, 22 Sep 1995, Adam Shostack wrote:

| > 	I keep hearing this thought.  Isn't Win95 with its
| > 'executables in email' much more dangerous than Java, which at least
| > tries to address security?
| 
| Is that the new MS-Word you're thinking of?  I hear that it lets you
| imbed macros containing executable code in documents.  That's got to
| be one of the most dangerous ideas ever cooked up.

	No, this is a seperate problem.  Its not auto-executing code
in Microsoft documents that worries me, so much as the ability to
include executables as clickable images in a mail message, with the
user having no control over what environment the program executes in.

	If strong fences make good neighbors, where are the fences in
my network neighborhood?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume