Shawn's Comment:
> The smarter solution would have been to remove the dangerous capabilities
> of
> their scripting language. Is that so difficult for some to understand?
>
[Veitch, Michael]
Sure is a very black and white picture you paint, is it safe to
assume that you don't do much scripting work? How do you remove "dangerous"
features from a script language, are you going to ask any companies like MS,
Sun, IBM etc to remove many standard practices that allows a programmer to
perform actions such as programmatically pressing F7 etc. Hopefully you'll
agree that this function should remain.
Well thanks for letting me maintain one standard method of
programming. Ha ha ha, I could now use this standard method of programming
to crash your workstations or servers*. Is it a fault of the scripting
language, it most certainly is NOT.
Most of us realise, it is necessary to have various software
products in place that acts at the various tiers in order to reduce/stop
these scripts/exe before they do something they were never intended to do
(including exploiting issues with the underlying OS).
Blaming anybody but the people that create scripts/exe to exploit
vulnerabilities is pointless (judging by what I have read, those of you who
feel strongly about this issue could replace by the word pointless with
stupid).
Why not get $issed at the people who write the programs that cause
us these headaches and even the people that propagate them **.
* A simple script version of the Command line vulnerability issue in
NT/W2k can be created using only keystrokes and run via a script or from
any office product. I believe that it should work in Java as well. Not
really a major issue, it does highlight the point that the language is not
the only issue here (although I believe if properly constructed in could be
a real killer).
** The people that propagate these "viruses/scripts" are also to
blame, lack of knowledge is no excuse, hey, aren't these people the real
reason why MS these additional security features!
Mike
"The script is mightier than the sword" - and more cost effective !
_________________________________________________________________
List posting FAQ: http://www.swinc.com/resource/exch_faq.htm
Archives: http://www.swynk.com/sitesearch/search.asp
To unsubscribe: mailto:[EMAIL PROTECTED]
Exchange List admin: [EMAIL PROTECTED]
