1995-08-04 - Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)

Header Data

From: Ray Cromwell <rjc@clark.net>
To: rsalz@osf.org (Rich Salz)
Message Hash: 23fcd7ef984dd3a4f2c38bdec71b47c8acedc3e14aa39d6edac74a58241a3302
Message ID: <199508042152.RAA12471@clark.net>
Reply To: <9508042112.AA24506@sulphur.osf.org>
UTC Datetime: 1995-08-04 21:52:48 UTC
Raw Date: Fri, 4 Aug 95 14:52:48 PDT

Raw message

From: Ray Cromwell <rjc@clark.net>
Date: Fri, 4 Aug 95 14:52:48 PDT
To: rsalz@osf.org (Rich Salz)
Subject: Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
In-Reply-To: <9508042112.AA24506@sulphur.osf.org>
Message-ID: <199508042152.RAA12471@clark.net>
MIME-Version: 1.0
Content-Type: text/plain


> 
> >the interpreter is made "safe" is to take a fully working tcl interpreter
> >(with full priveleges) at run time, and use TclDeleteCommand() to remove
> >offending commands. Safe-TCL is not emasculated at compile time, but at
> >run time.
> 
> I have been told by folks at Sun that they are planning on doing it at
> compile-time as well as at run-time.  One of the concerns I conveyed
> was that I want to make it easy to "pull out" the safe code and give
> it a security audit.

  SafeTcl or Java? I wish SafeTcl was isolated into a separate library
with compiled-in safety so I could embed it into my applications. As it is
now, I have to just use normal Tcl and hack in the MakeInterpreterSafe()
function which removes dangerous commands.

-Ray





Thread