|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: hallam@ai.mit.edu To: adam@homeport.org, www-security@ns2.rutgers.edu Cc: hallam@ai.mit.edu Date: Sun, 25 Aug 96 14:11:04 -0400 Errors-To: owner-www-security@ns2.rutgers.edu >sigh. If the program runs under the user's control, then the path to >the netscape.lck must be hardcoded and fully qualified, such as >/usr/local/lib/netscape/netscape.lck Getting Netscape to understand security is an uphill struggle. When I broke the SSLv1 protovol ten minutes after he showed it to me I expected that Marc might have asked for advice before creating version 2... Mind you when I did offer advice about Kipp's random number generator it didn't help. Netscape's whole attitude to disabling Java and Javascript appears to be one of adamant refusal to consider doing the job properly. By this I mean writing a Netscape executable that does not have Java or Javascript at all. At present many corporate firewalls are set to block all content with type application/binary because this is what is used for Java and they wisely wish to let the Gosling hypothesis (that Java is safe) be tested for a year or five before they believe it. If Java gave a descriptive MIME type such as application/java then it would be possible both for firewalls to strip out dangerous executable code and for the Java virtual machine to be upgraded without negative impact. Hopefully the Redmont club will fix this. What I would want to do as a security officer is to ensure that only the clients *I* consider safe are used. That would mean checking at firewalls (internal and external) for User-Agent fields. Unless the client communicates the fact that Java and Javascript are disabled I measure the security risk of a client by its capabilities, not by what the user may have turned off. I know that I have a somewhat more extreeme view of security than some but then again the sites I have audited are somewhat more security concious than most. Mind you even I'm not as extreeme as one site that I work with where to reboot a machine within the firewall requires permission from a committee which takes about four hours to decide on average. Phill
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |