Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
Ray Cromwell
rjc at clark.net
Fri Aug 4 14:52:48 PDT 1995
>
> >the interpreter is made "safe" is to take a fully working tcl interpreter
> >(with full priveleges) at run time, and use TclDeleteCommand() to remove
> >offending commands. Safe-TCL is not emasculated at compile time, but at
> >run time.
>
> I have been told by folks at Sun that they are planning on doing it at
> compile-time as well as at run-time. One of the concerns I conveyed
> was that I want to make it easy to "pull out" the safe code and give
> it a security audit.
SafeTcl or Java? I wish SafeTcl was isolated into a separate library
with compiled-in safety so I could embed it into my applications. As it is
now, I have to just use normal Tcl and hack in the MakeInterpreterSafe()
function which removes dangerous commands.
-Ray
More information about the cypherpunks-legacy
mailing list