[7873] in www-talk@info.cern.ch
Re: Hot Java is here! And it *rocks*
daemon@ATHENA.MIT.EDU (David.Halls@cl.cam.ac.uk)
Thu Apr 6 04:02:29 1995
Date: Tue, 4 Apr 1995 18:30:34 +0500
Errors-To: procmaster@www19.w3.org
Reply-To: David.Halls@cl.cam.ac.uk
From: David.Halls@cl.cam.ac.uk
To: Multiple recipients of list <www-talk@www10.w3.org>
>
> Of course I do those things. Sometimes. When I do I think carefully
> about where I'm getting them from, look at the source, and run them for
> a while under an account I keep for that purpose with no access to
> anything (the reason why I believe that even single user machines need
> multiuser security, but that's another argument). People actually do
> this. I recall a discussion on this very list a few months ago about a
> package who's installation script downloaded another script and
> executed it without warning. People noticed.
Okay. So requirements are:
1. A Safe environment (account). cf. Safe Tcl/Scheme/Python/HotJava etc.
2. Trust that the code is genuine. cf. public-key cryptography.
Now, can anyone explain why they would NEVER download applets or binaries/
bytecodes given these requirements? All I'm trying to say is that a Safe Node
system for getting and executing software is safer (yes, safer) than
current practice, so rabid instance on complete security seems a bit OTT,
though of course completely justified in its own right.
Dave.
