Re: Spyglass HTML Validator 1.0 Availability

> > I am not even gonna get into the security questions of JavaScript
> > except to note that this too is gonna be hard to ignore).
> Have there been security problems with JavaScript? I thought JavaScript
> was pretty innocuous, seeing as how it's just human-readable statements
> interpreted by the UA that only affect the display. Are you not
> thinking of Java programs?

There have been security problems with both. JavaScript is worse in
that it doesn't start with a security model; Java at least had
a good low-level security model, though the higher-level
"security manager" was an afterthought. Both Netscape (JavaScript)
and Microsoft (Word Macros, Win NT permissions) seem to
need to hire some more paranoid security review people ;)

    Albert Lunde            

Received on Friday, 18 October 1996 13:12:03 UTC