>>>Since February, 1994, firewalls have been "safely permeable" for World Wide
>>>Web (WWW) clients via an application level proxy. Proxy support is built
>>
>>"Safely"? I don't think so. There was some talk a while ago on this
>
>The trojan horse problem, discussed on this list previously, is a separate
>issue and as far as I can tell, unsolvable except by denying access
>altogether.
Unsolvable from the library/protocol level, yes.
>>I think there's (likely) nothing wrong with your proxy; but people
>>need to realize that running a proxied mosaic is scarcely safer than
>>running without a firewall.
>
>That is a major overstatement of the problem.
Well, OK, but your implication that proxies make you safe is also a
major overstatement; I was concerned that, in your attempt to make
your (valid) point that proxies are good, you were going to go too
far, which would wind up in trusting people getting burned. I believe
you stated that using a proxy meant you didn't compromise your
firewall at all.
>Cello, etc. Those PC and Mac environments which are the majority of
>machines, don't have the *same* environment problems mentioned above.
True. And they probably have fewer holes, and more obscure; there's
probably nothing so egregious as the system() calls. But you can be
sure there are some.
/===========================================================================\
|John (Francis) Stracke | My opinions are my own. |
|InSoft, Inc. |==================================================|
|Mechanicsburg, PA | But this one goes to 11x. |
|francis @
insoft .
com | |
\===========================================================================/
References:
|
|
