1995-08-04 - Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
Header Data
From: Rich Salz <rsalz@osf.org>
To: perry@piermont.com
Message Hash: 69290f92328a5039eedfb36e01e7070e8c85019fbd901c38e204ed43b880d78e
Message ID: <9508042112.AA24506@sulphur.osf.org>
Reply To: N/A
UTC Datetime: 1995-08-04 21:14:33 UTC
Raw Date: Fri, 4 Aug 95 14:14:33 PDT
Raw message
From: Rich Salz <rsalz@osf.org>
Date: Fri, 4 Aug 95 14:14:33 PDT
To: perry@piermont.com
Subject: Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel)
Message-ID: <9508042112.AA24506@sulphur.osf.org>
MIME-Version: 1.0
Content-Type: text/plain
>the interpreter is made "safe" is to take a fully working tcl interpreter
>(with full priveleges) at run time, and use TclDeleteCommand() to remove
>offending commands. Safe-TCL is not emasculated at compile time, but at
>run time.
I have been told by folks at Sun that they are planning on doing it at
compile-time as well as at run-time. One of the concerns I conveyed
was that I want to make it easy to "pull out" the safe code and give
it a security audit.
/r$
Thread
Return to August 1995
- Return to “Phil Fraering <pgf@tyrell.net>”
- Return to “Ray Cromwell <rjc@clark.net>”
Return to “Rich Salz <rsalz@osf.org>”
- 1995-08-04 (Fri, 4 Aug 95 14:14:33 PDT) - Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel) - Rich Salz <rsalz@osf.org>
- 1995-08-04 (Fri, 4 Aug 95 14:52:48 PDT) - Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel) - Ray Cromwell <rjc@clark.net>
- 1995-08-04 (Fri, 4 Aug 95 15:48:23 PDT) - Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel) - Phil Fraering <pgf@tyrell.net>
- 1995-08-04 (Fri, 4 Aug 95 14:52:48 PDT) - Re: Java and Safe-TCL security (was Re: Java, Netscape, OpenDoc, and Babel) - Ray Cromwell <rjc@clark.net>