[REBOL] Re: IOS Security model
From: bry::itnisk::com at: 23-Sep-2004 11:37
okay reading this:
All local file accesses are restricted to local directories,
have been specified in advance. Any attempt to access files outside of the
specified sandbox areas will pause the program and inform the user of the
situation. The user is given the choice of terminating the program
It's pretty clear that no further capability based security has been added other
than that which rebol provides anyway. The description sounds sort of
problematic to me, is this going to be the same user that opens .exe files in
outlook and clicks open when asked if they really want to do that?
From a minimal requirements perspective I'd think there would be possibilities
to have administration of multiple IOS accounts by a corporate administrator who
could set it to always fail if the sandbox was violated, with error logging.
Also I suppose allowing extra capabilities to various reblets beforehand.
The reason why I brought this up was because of the other thread on plugin
security, I'd hoped that IOS had a rich capabilities system and it could somehow
be adapted to the plugin.