- From: Andrew Layman <andrewl@microsoft.com>
- Date: Mon, 22 May 2000 15:36:23 -0700
- To: "'Michael Condry'" <Michael.Condry@eng.sun.com>, xml-dist-app@w3.org, connolly@w3.org
Is there something specific about XML schemas that raises a security issue? Dan: If there is, this should be brought to the attention of the schemas WG, no? Thanks in advance, Andrew Layman -----Original Message----- From: Michael Condry [mailto:Michael.Condry@eng.sun.com] Sent: Monday, May 22, 2000 11:40 AM To: xml-dist-app@w3.org; connolly@w3.org Subject: Re: XML Protocols Shakedown I made an earlier email comment about a "Lack of Sandbox". The point is the lack of ability to contain things with an application level protocol that allows an general execution engine (by the schema). This is nothing to do with the Java Sandbox. We can contain the message with HTTPs. but that does not contain what can result from having the action resulting from the data in the message as defined from the schema. Yes, yes, yes if we restrict the schema but that is not being discussed yet. With a general schema we can create the AIDS of viruses copy everyone credit cards and distribute them over ILOVEYOU.pl....
Received on Monday, 22 May 2000 18:37:07 UTC