1996-12-16 - Re: Securing ActiveX.

Header Data

From: Nelson Minar <nelson@media.mit.edu>
To: cypherpunks@toad.com
Message Hash: 51061f83731cb126b2ea4a3c7130c91aaffebdebde7ebde80bb5cfcba9051abe
Message ID: <cpa7mmi2jsc.fsf@hattrick.media.mit.edu>
Reply To: <Pine.SUN.3.91.961216123313.15110L-100000@beast.brainlink.com>
UTC Datetime: 1996-12-16 22:42:41 UTC
Raw Date: Mon, 16 Dec 1996 14:42:41 -0800 (PST)

Raw message

From: Nelson Minar <nelson@media.mit.edu>
Date: Mon, 16 Dec 1996 14:42:41 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Securing ActiveX.
In-Reply-To: <Pine.SUN.3.91.961216123313.15110L-100000@beast.brainlink.com>
Message-ID: <cpa7mmi2jsc.fsf@hattrick.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain

On Sat, 14 Dec 1996 ichudov@algebra.com wrote:
>I do not understand how one can secure ActiveX.

Me neither! But the approach of requiring code signatures so you can
at least break the fingers of whomever damaged your machine does have
some merit.

sunder@brainlink.com (Ray Arachelian) writes:
> Simple.  Check out Windows NT, under NT you can write/run programs as 
> services which log in as an account.  When you do this, that service 
> program is limited to the security restrictions of that account.

This is kind of like running servers in Unix as another user in a
chrooted partition? That doesn't work, either.