- From: <David.Halls@cl.cam.ac.uk>
- Date: Tue, 4 Apr 1995 15:03:56 +0100 (BST)
- To: sarr@citi.umich.edu (Sarr Blumson)
- Cc: David.Halls@cl.cam.ac.uk, sarr@citi.umich.edu, www-talk@www10.w3.org
> > Of course I do those things. Sometimes. When I do I think carefully > about where I'm getting them from, look at the source, and run them for > a while under an account I keep for that purpose with no access to > anything (the reason why I believe that even single user machines need > multiuser security, but that's another argument). People actually do > this. I recall a discussion on this very list a few months ago about a > package who's installation script downloaded another script and > executed it without warning. People noticed. Okay. So requirements are: 1. A Safe environment (account). cf. Safe Tcl/Scheme/Python/HotJava etc. 2. Trust that the code is genuine. cf. public-key cryptography. Now, can anyone explain why they would NEVER download applets or binaries/ bytecodes given these requirements? All I'm trying to say is that a Safe Node system for getting and executing software is safer (yes, safer) than current practice, so rabid instance on complete security seems a bit OTT, though of course completely justified in its own right. Dave.
Received on Tuesday, 4 April 1995 14:10:17 UTC