At 2:29 PM 9/25/96 -0700, Kent Crispin wrote:
>carl @
hdshq .
com allegedly said:
>>
>[good stuff about filtering deleted]
>> I see no reason that such filtering cannot be implemented in
>> any server which is acting as a proxy for internal clients.
>>
>> It makes no sense to put filtering on a server to block content
>> originating at that machine, since you can more simply just
>> avoid using applets or scripts when you create your site content.
>>
>>
>
>There are circumstances where it makes a good deal of sense for a
>server to disallow java. In particular, if you allow others to
>create content on your web site, you may want to prevent them from
>adding their own applets. Imagine a disgruntled employee making use
>of a java security hole to delete others files unbenownst to them,
>for example.
Good point, I didn't think of the case where the server is secure
but the content is generated by (potentially) less trusted folks.
Guess it shows I have never worked for an ISP!
Carl V Claunch
Hitachi Data Systems
|
|
