On Mon, 16 Dec 1996, Blake Coverett wrote:
This thread branch seems to be based on bad assumption. Why would one want to run ActiveX controls in a sandbox? If you need a sandbox, use a Java applet, if you need native code level access to the system use ActiveX.
To prevent ActiveX controls from formatting your hard drive while still being able to run native code to do fast DES cracking, why else? Sandbox!=Virtual CPU emulator. Sandboxes work at the supervisor/user CPU level deciding which calls are cool and which will result in a core dump. ...
Digitally signed code, a la ActiveX, is another approach to the same problem. If the digital signatures and infrastructure around them are sound, which they appear to be for ActiveX, this is also a useful solution. The built-in gotcha with this model is the all or nothing nature, either I trust the software publisher
Viruses can sneak into software. Given enough time you will see them sneak into compilers which will then happily create virus infected or trojan loaded controls which will be happily signed. I'll leave the test of that scenario up to your imagination. There were cases of viruses making their way to production distributed disks back a few years ago because people weren't watching carefully enough. Or you may find that shareware control authors won't bother to sign their controls, etc... Same situation. At some point trust or no trust, once your hard drive is wiped, so is the record of the signature that says "The last control you downloaded came from XYZ.com and was written by Vulis."
An equivalent Unix problem would be to allow an open-access guest account with the ability to transfer in and execute arbitrary binaries. While doing this securely may be possible in theory I don't think the state of the art is up to it today. (I sure wouldn't allow it on my system.)
Right, so if that's the case, why would you allow ActiveX controls to run on your system? It's the same problem whether signed or not as signatures only tell you the author's identity and not much else. =====================================Kaos=Keraunos=Kybernetos============== .+.^.+.| Ray Arachelian | "If you're gonna die, die with your|./|\. ..\|/..|sunder@sundernet.com|boots on; If you're gonna try, just |/\|/\ <--*-->| ------------------ |stick around; Gonna cry? Just move along|\/|\/ ../|\..| "A toast to Odin, |you're gonna die, you're gonna die!" |.\|/. .+.v.+.|God of screwdrivers"| --Iron Maiden "Die With Your Boots on"|..... ======================== http://www.sundernet.com =========================