[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: java security concerns

Iam sorry I dont fallow your logic. You find Postscript files
save because you can set up the interpreter to ignore Postscript commands
to write to files and execute programms (check the CIAC alerts), yet
you find Java applets insecure even when you can set up the same
restrictions and more under HotJava (and hopefully Netscape)?
That does not compute. Granted Java is certanly more complex than postscriptm
it a genereric programming language, and will be used by more people.
But that same concept aply.

Aleph One / [email protected]
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

On Tue, 10 Oct 1995, Perry E. Metzger wrote:

> Postscript is completely safe if the interpreter is emasculated, and
> most of them are. (It is a huge risk when run on a non-emasculated
> interpreter, but fortunately it is easy to castrate one of the things.)
> Java isn't like that, unfortunately. I wish it was simply a
> display-postscript like thing that built pretty pictures inside a
> confined window -- I could trust that to be done right if it was done
> carefully.
> Perry