[prev in list] [next in list] [prev in thread] [next in thread]
List: e-lang
Subject: [e-lang] Pola and GUI operations
From: David Wagner <daw () cs ! berkeley ! edu>
Date: 2002-12-18 18:51:06
[Download RAW message or body]
Alan Karp wrote:
>1. Is it possible for a rogue program to make the system think an
>operation was performed explicitly by a person when in fact the
>operation was done programmatically?
It is a crucial security requirement for all security systems (not just
capability systems) that this should not be possible. Trusted path,
and all that. If you find any such instances, they should probably be
fixed without asking any other questions.
This is, IMHO, one of the major reasons why Javascript has such a terrible
security record. It was designed specifically to violate this principle.
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic