The main advantage (to me) of having a single sandbox is that I do not
have to deny specific apps. Assume that company X suppied 20 ActiveX apps
that I use. Futher more assume that one of those apps has an exploitable
hole. Does ActiveX have the granularity to support disallowing THAT apps
(but no others from that company) if all the apps are signed by the same
authenticator (I admit to not reading the ActiveX doco, I plead no time)?
If so, it is a somewhat of a valuable addition, if not, it is pretty much
useless. As security is toast as soon as the first exploitable hole is
discovered for a large supplier (say Microsoft). My major concern is the
granularity of ActiveX and the support required to constantly update lists
of apps that have known exploits. Sounds potentially interesting for
controlled environments like intranet but worries me in more uncontrolled
environments like the internet. Until I get time to dig through the doco
concerning issues like this, I'll disallow it. I don't need the risk,
support headache, or worry, I have enough.
Of course on the flip side, a hole in my single sandbox would be no fun
either. However, I expect more pressure can/will be brought to bear on the
few browser suppliers to fix holes than can be brought on the hundreds to
thousands of ActiveX programmers. That is, the exploit will be repaired
sooner (especially if 'public' source available browsers hit the streets or
proxys are used for the traffic).
Dana Nowell Voice (603) 595-7480 EXT 28
Cornerstone Software Inc. FAX (603) 882-7313
Work: DanaNowell @
com Home: dana @
MIME attachments prefered, BINHEX and uuencode acceptable.
Why me I asked, Why not he replied. As usual, I speak only for myself.