Reply-To: perry@piermont.com X-Reposting-Policy: redistribute only with permission Date: Fri, 28 Jul 1995 10:10:59 -0400 From: "Perry E. Metzger" <perry@imsi.com> ... I exagerate only slightly. I don't believe Java to be secure, in spite of the claims. Its too complicated, and it operates in an environment who's correct operation is required for it to remain secure. Good system design says that you want a system's failure mode to produce a secure result, but thats not what Java does. Perry How would you make Java secure or create a secure Javalike language? (Secure to your satisfaction, of course). I don't even play a security consultant on TV, but would removing hooks into X-windows (if it has them; I don't know if it does, although Ray mentioned something about how it could open multiple windows with graphics in them, I think) be a good start? What sort of interface does it have to the filesystem? I would guess that a secure language would have its own filesystem mapped to a file of fixed size in the normal filesystem, so that it couldn't cause disaster by filling your hard disk. Does it have that? Phil