- From: Fisher Mark <FisherM@is3.indy.tce.com>
- Date: Mon, 06 Mar 95 05:56:00 PST
- To: "'Phillip M. Hallam-Baker'" <hallam@dxal18.cern.ch>, 'www-security' <www-security@ns2.rutgers.edu>, www-talk <www-talk@www10.w3.org>
One element of modern application programs that has so far pretty much been neglected in Web client development is the integrated scripting language. I see at least 3 uses for a Web scripting language: 1) Building extensions for current browsers; 2) A secure substitute for other CGI scripting languages; and 3) Adding intelligent agent capabilities to the Web. One possible base for this work would be Safe-Tcl, Nathaniel Borenstein's and Marshall Rose's email scripting extension for John Ousterhout's Tcl/Tk. Safe-Tcl uses a two-level interpreter, where the outer interpreter supports a carefully limited set of high-level capabilities. Safe-Tcl is designed such that: a) Modifications to the user's system have to be approved by the user in a reasonably high-level fashion; b) Email generated has to be approved by the user in, again, a reasonably high-level fashion; and c) "Excessive" use of system resources also has to be user-approved. An additional basic guideline for Web scripting would then be: d) Modifications to the Web server's system (POST or PUT) would have to be approved by the user in a reasonably high-level fashion. I think that (a)-(d) would suffice as constraints for (1) above (browser extensions). A secure substitute for CGI scripting languages ((2) above) for gateway purposes might be handled via the current CERN server's ability to run CGI scripts under a separate user ID that has no directory/file write permissions anywhere except perhaps to a directory for temporary files. If the gateways can be constructed as one-pass programs, then temporary files would not be needed by CGI scripts under OSes that support pipelining. Intelligent Web agents would: i) Be able to walk the Web on their own (travel from machine to machine); ii) Via a specific URL at each host, like "http://your.machine.com/Agent-Entry"; iii) Interacting with a specified user ID (like "webmaster@your.machine.com") who would have the approval authority from constraints (a)-(d) above. If the URL "http://your.machine.com/Agent-Entry" did not exist, no agent could enter that Web. If agents are permitted entry, capability (iii) along with constraints (a)-(d) should enable each site to formulate an appropriate policy for agent execution. "Spiders" could really walk the Web... I suggest the name "Spider" for this Safe-Tcl extension. ====================================================================== Mark Fisher Thomson Consumer Electronics fisherm@indy.tce.com Indianapolis, IN "Just as you should not underestimate the bandwidth of a station wagon traveling 65 mph filled with 8mm tapes, you should not overestimate the bandwidth of FTP by mail."
Received on Monday, 6 March 1995 05:55:42 UTC