Firewalls: Re: FW: Security Risk: FW/JAVA/ActiveX

Firewalls
(January 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: FW: Security Risk: FW/JAVA/ActiveX
From:	Richard Reno <rreno @ carsinfo . com>
Date:	Wed, 22 Jan 1997 19:10:08 -0400 (EDT)
To:	"william.wells" <william . wells @ damark . com>
Cc:	FIREWALLS <firewalls @ GreatCircle . COM>
In-reply-to:	<9701220021 . AA04988 @ damark . com>


On Tue, 21 Jan 1997, william.wells wrote:

> 
> >From what I can tell, ActiveX and Microsoft's implementation of Java (which
> I've heard doesn't have a "sandbox"), effectively means that Microsoft could
> have complete accessibility should we elect to "honor" Microsoft's lack of
> concern for a company's desire to control their own destiny. It also seems
> that opening the firewall to Microsoft also opens the firewall to any other
> company which wants to write unfriendly applets/components.
> 
> 

It is true that there is no "sandbox" for ActiveX controls which is one 
of the big differences between using Java applets and VBscipts.  However 
Microsoft has nothing to do with the sandbox for the applet.  The sandbox 
is provided by the browser if we are talking about an applet that comes 
in with a web page.  So if you are concerned about this use Netscape not 
IE.  If you are talking about a Java application then it is a different 
matter.   
	Richard W. Reno

References:

FW: Security Risk: FW/JAVA/ActiveX
From: "william.wells" <william . wells @ damark . com>

Indexed By Date	Previous:	Re: NT or UNIX From: PaLaN <palan @ dataprep . com . my>
Indexed By Date	Next:	Re: NT 4.0 Bug From: Todd Graham Lewis <lists @ reflections . mindspring . com>
Indexed By Thread	Previous:	Re: FW: Security Risk: FW/JAVA/ActiveX From: johnl @ sealabs . com (John Labovitz)
Indexed By Thread	Next:	Re: WIN'95 FLAW -Respuesta From: Jahir Molina <jmolina @ gtelco . com>