On Sun, 13 Aug 2000, opus.species wrote:
> As most people on this list i downloaded and tested the portal of
> Sivakatirswami.
> That's a great job !
> Until now, the "computer based training" solutions where based on java (cf
> toolbook) or shockwave or flash. It was difficult to program and/or heavy to
> download.
> Sivakatirswami's solution is light, powerful and elegant.
>
> But we have now to consider the security...
>
> A *.mc app can do anything : destroy all the data of a computer, use a
> computer to destroy all the data on a network, ...
Just like any email message sent to a person using an unpatched
version of Microsoft Outlook! Indeed, the latest exploits don't even
require you to *read* the message, let alone open an attachment...
> We have to protect our customers against :
> - downloading a utility and misusing it
> - downloading a bugged and dangerous mc file
> - downloading some mc-based virus
If you're even in the least bit concerned about this, you'd have to
include "don't use any Microsoft products, including their OSs" to
your list ;-)
> I can think of 2 kind of solutions :
>
> 1) solution based on signature
> The programmer put his signature in his runtime and in his stacks. When
> opening a stack, the runtime checks if the stack has the right signature.
> The process could be a "compress+encrypt" function built in the engine and a
> "decompress+decrypt" function build in the runtime.
I'm not sure what this gets you: all this guarantees is that people
know where the files originated, not what they do.
> 2) solution based on limiting the runtime
> The Navigator, MSIE or javascript have some internal limitations to forbid
> writing on the user's disk.
> Would it be possible to have in metatalk some internal flag forbiding a
> runtime to write on the user's disk but in the folder where the runtime is ?
Something like this is already in there: Setting the "secureMode"
property to true prevents accessing files or running subprocesses on
the current system. You can set it to true in a startup handler (once
set to true, it can never be set back to false for that session), or
on Windows and UNIX, by passing "-f" on the command line.
Regards,
Scott
********************************************************
Scott Raney [EMAIL PROTECTED] http://www.metacard.com
MetaCard: You know, there's an easier way to do that...
Archives: http://www.mail-archive.com/metacard%40lists.best.com/
Info: http://www.xworlds.com/metacard/mailinglist.htm
Please send bug reports to <[EMAIL PROTECTED]>, not this list.