Chris Rasch wrote:
>I don't know about the practical appropriateness of javascript
>(from a user interface standpoint, it's easy to abuse, and it appears to
>currently have security issues that one would have to be careful to work
>around, see
>http://slashdot.org/askslashdot/99/08/10/049200.shtml)
Very few of the opinions expressed there evidenced any direct personal
knowledge of Javascript or of the security issues that were alluded to. I
think the bugtraq article referred to was very poorly written and improperly
ascribed to Javascript (and by implication Netscape) a number of well known
security problems that belong strictly to Microsft IE. These problems result
directly from Microsoft's "barn door" approach to granting privileges to
downloaded executables.
---------------------------------------
Jim Self
Manager and Chief Developer
VMTH Computer Services, UC Davis
(http://www.vmth.ucdavis.edu/us/jaself)
