java security concerns
Aleph One
aleph1 at dfw.net
Mon Oct 9 22:36:21 PDT 1995
Iam sorry I dont fallow your logic. You find Postscript files
save because you can set up the interpreter to ignore Postscript commands
to write to files and execute programms (check the CIAC alerts), yet
you find Java applets insecure even when you can set up the same
restrictions and more under HotJava (and hopefully Netscape)?
That does not compute. Granted Java is certanly more complex than postscriptm
it a genereric programming language, and will be used by more people.
But that same concept aply.
Aleph One / aleph1 at dfw.net
http://underground.org/
KeyID 1024/948FD6B5
Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
On Tue, 10 Oct 1995, Perry E. Metzger wrote:
> Postscript is completely safe if the interpreter is emasculated, and
> most of them are. (It is a huge risk when run on a non-emasculated
> interpreter, but fortunately it is easy to castrate one of the things.)
>
> Java isn't like that, unfortunately. I wish it was simply a
> display-postscript like thing that built pretty pictures inside a
> confined window -- I could trust that to be done right if it was done
> carefully.
>
> Perry
>
More information about the cypherpunks-legacy
mailing list