1995-12-08 - Re: Anyone know of a white paper on security?

Header Data

From: Adam Shostack <adam@homeport.org>
To: jfricker@vertexgrp.com (John Fricker)
Message Hash: 5f66a66a4e462e94fbb0ff10c1f512d9058e883f2837eb62ff737702d0dcb034
Message ID: <199512081937.OAA03591@homeport.org>
Reply To: <199512081938.LAA01395@vertex.vertexgroup.com>
UTC Datetime: 1995-12-08 19:32:20 UTC
Raw Date: Fri, 8 Dec 95 11:32:20 PST

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Fri, 8 Dec 95 11:32:20 PST
To: jfricker@vertexgrp.com (John Fricker)
Subject: Re: Anyone know of a white paper on security?
In-Reply-To: <199512081938.LAA01395@vertex.vertexgroup.com>
Message-ID: <199512081937.OAA03591@homeport.org>
MIME-Version: 1.0
Content-Type: text


John Fricker wrote:
|     The question I'm seeking to answer is : 
| 
| What criteria should be used to determine whether a scripting
| language such as Java, LiveScript, etc. is secure? 
| 
| There are obvious issues such as access to the file system but has
| anyone thought this all the way through and codified a white paper? 

	First you need to decide what you mean by secure.  Then you
need to prove your code is correct, and conforms to the spec.  Any
high school student could do it.  :)




-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume





Thread