Dr. Frederick B. Cohen wrote:
On a closely related vein, Sun has announced that they are severely limiting some functions in HotJava - from Risks-17-45:
[ excerpts from Sun announcement deleted ]
I had a rather lengthy discussion with a gentleman from Sun at the CSI conference last Tuesday night, and this announcement follows many of the things we discussed very closely. This kind of consistency between what people say and what the company published is refreshing, and it restores my faith in Sun's desire to do things well. Of course there are still some problems left unresolved:
[ more of Sun announcement deleted ]
I do think that this response by Sun, regardless of the technical merits of the particulars, demonstrates a desire to improve protection and a willingness to listen. My compliments for that.
All of these security measures are implemented by Netscape in the current release. Specifically, Netscape Navigator 2.0beta2 includes all the applet security precautions detailed in the recent comp.lang.java posting. Netscape has been shipping the fixed applet security model for over a month(since 2.0Beta1), and Netscape and Sun continue to cooperate and work closely on applet security issues. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.