Firewalls: Re: Finjan Surfin Gate Review

Firewalls
(November 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Finjan Surfin Gate Review
From:	Peter da Silva <peter @ baileynm . com>
Date:	Fri, 7 Nov 1997 20:27:51 -0600 (CST)
To:	jerry @ us . esafe . com (Jerry Huyghe)
Cc:	sjbrown @ bellsouth . net, firewalls @ greatcircle . com
In-reply-to:	<A16760D9B223D111AB4E00805FCBCCA20267D8 @ c209-43-213-2 . esafe . com> from "Jerry Huyghe" at Nov 7, 97 02:17:18 pm

> Protection from vandal applets is a new technology which is still being
> defined...any thoughts?

Use the approach in HTML: don't allow the applets the ability to perform
dangerous acts. If you want to do more, then explicitly download and
install a plugin. That way you have control and you have to perform an
explicit install before you're exposed.

The only applet technology I know of that does this is the Tk plugin, which
actually removes all dangerous commands from the interpreter before running
the applet, so even if it's hostile it has no access to anything outside the
sandbox.

Follow-Ups:

Re: Finjan Surfin Gate Review
From: Adam Shostack <adam @ homeport . org>

References:

RE: Finjan Surfin Gate Review
From: Jerry Huyghe <jerry @ us . esafe . com>

Indexed By Date	Previous:	Re: Ever seen this in practice?? From: Chris Brenton <cbrenton @ sover . net>
Indexed By Date	Next:	IngresNet From: "Sam Thornton" <mr . dude @ cableinet . co . uk>
Indexed By Thread	Previous:	RE: Finjan Surfin Gate Review From: Jerry Huyghe <jerry @ us . esafe . com>
Indexed By Thread	Next:	Re: Finjan Surfin Gate Review From: Adam Shostack <adam @ homeport . org>