java security concerns

Perry E. Metzger perry at piermont.com
Mon Oct 9 22:48:05 PDT 1995



Aleph One writes:
> Iam sorry I dont fallow your logic. You find Postscript files
> save because you can set up the interpreter to ignore Postscript commands
> to write to files and execute programms (check the CIAC alerts), yet
> you find Java applets insecure even when you can set up the same
> restrictions and more under HotJava (and hopefully Netscape)?
> That does not compute.

Yes it does.

To (perhaps over)simplify my point, the Java interpreter cannot be
stripped of all i/o capabilities and still remain useful. I can
physically remove all the "dangerous" calls from a Postscript
interpreter and still have it be useful.

Perry






More information about the cypherpunks-legacy mailing list