At the moment there is an open door to anyone who knows, or cares to learn
about J.
'Testing' fwrite 'tmp/this.txt'
At a minimum, we could make the directories write protected from the
account running the interpreter.
On Thu, Jun 2, 2022, 2:21 PM Raul Miller <[email protected]> wrote:
> On Tue, May 31, 2022 at 7:57 PM 'robert therriault' via Programming
> <[email protected]> wrote:
> > 1) The functionality of the J Playground is increasing and this allows
> it to be used in a wider range of situations within the wiki, especially
> with the inclusion of add-ons available through the interface. Use of the
> playground will benefit from labs or video demos to provide access to the
> full functionality. Security issues are most likely to be through
> infiltration into the community and gaining trust to create malicious code
> within the wiki or the J playground. We will need to be aware of this as
> the community grows.
>
> After thinking about this:
>
> Note that the context here was "j specific hacks". As long as we are a
> small group of people, we are not particularly interesting in the
> context of any major conflicts.
>
> That said, we have no special immunity to problems of the larger
> group(s) which we belong to. (For example, the wasm J implementation
> would still be vulnerable to generic wasm problems. And, these are
> likely to crop up as web assembly becomes more widely deployed and
> used.)
>
> Generally speaking, it's good to have fallback plans for disasters --
> offline backups, for example, and online or near-online failover
> machines, are common techniques used to mitigate security issues in
> many computing contexts. And, for critical information, and/or
> important historical records, having hardcopy is important. (Even
> without "security issues", we can see that technical equipment has a
> limited life time, and that people often like to change the interfaces
> which would have been necessary to interpret those records.)
>
> Overall, I guess this winds up being kind of boring (except, rarely,
> when it's not).
>
> FYI,
>
> --
> Raul
> ----------------------------------------------------------------------
> For information about J forums see http://www.jsoftware.com/forums.htm
>
----------------------------------------------------------------------
For information about J forums see http://www.jsoftware.com/forums.htm
