From: "Perry E. Metzger" <perry@piermont.com>
Date: Mon, 9 Oct 95 17:09:28 PDT
To: Greg Miller <gmiller@grendel.ius.indiana.edu>
Subject: Re: Java
In-Reply-To: <Pine.3.89.9510091807.A8324-0100000@grendel.ius.indiana.edu>
Message-ID: <199510100009.UAA24675@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Greg Miller writes:
> 
> On Sun, 8 Oct 1995, Perry E. Metzger wrote:
> 
> > 
> > As long as people are mentioning Java, I just want to make the
> > prediction, one more time, that at some point someone is going to find
> > some devistating security holes in HotJava.
> 
> 	I'd like to make this prediction:  someone at some point in time 
> will find another serious security hole in SendMail.

And yet again, my clients will be largely safe because I've dealt, in
advance, with most of the possible threats from Sendmail. I can't do
that for Java. I will never be able to do that for Java. I don't think
you understand the problem here at all.

> 	What you need to ask yourself is "Do the benefits of Java 
> outweigh the security risks?"

And the answer, to me, is "no". Unfortunately, I can't stop it.

Perry