Hi,
since "Running unsigned applications like this will be blocked in a future
release..." wouldn't it be good to have a version of Jmol that has no access to
the users computer thereby trying to reinstate a sandbox as for the unsigned
applet? May be just 'download-like' capabilities via a file dialog.
Alex
----- Ursprüngliche Mail -----
> Von: "Robert Hanson" <hans...@stolaf.edu>
> An: "Jmol Developers" <jmol-developers@lists.sourceforge.net>
> Gesendet: Montag, 25. November 2013 16:09:12
> Betreff: [Jmol-developers] Security and Jmol file reading
>
>
>
>
>
>
> Generally Jmol only reads files that it can make sense of, so I don't
> imagine that's a real problem, but in the case of the signed applet
> and the load() FUNCTION, as in:
>
> print load("xxxx")
>
> Jmol doesn't try to parse the file. I'd like to propose some
> limitation of this. Perhaps -- specifically for the applet and
> specifically for "file:" protocol:
>
>
> 1) no root files: file:/xxxx.xxx
>
> 2) no files w/o extension: file:/wherever/xxxx
>
> 3) no files with "/." in their path: file:/wherever/.xxxx.xxx,
> file:/wherever/.hidden/x.x
>
>
> Does that sound adequate?
>
> Bob
>
>
>
>
>
> --
>
> Robert M. Hanson
> Larson-Anderson Professor of Chemistry
> St. Olaf College
> Northfield, MN
> http://www.stolaf.edu/people/hansonr
>
>
> If nature does not answer first what we want,
> it is better to take what answer we get.
>
> -- Josiah Willard Gibbs, Lecture XXX, Monday, February 5, 1900
>
>
> ------------------------------------------------------------------------------
> Shape the Mobile Experience: Free Subscription
> Software experts and developers: Be at the forefront of tech
> innovation.
> Intel(R) Software Adrenaline delivers strategic insight and
> game-changing
> conversations that shape the rapidly evolving mobile landscape. Sign
> up now.
> http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
> _______________________________________________
> Jmol-developers mailing list
> Jmol-developers@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/jmol-developers
>
------------------------------------------------------------------------------
Rapidly troubleshoot problems before they affect your business. Most IT
organizations don't have a clear picture of how application performance
affects their revenue. With AppDynamics, you get 100% visibility into your
Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro!
http://pubads.g.doubleclick.net/gampad/clk?id=84349351&iu=/4140/ostg.clktrk
_______________________________________________
Jmol-developers mailing list
Jmol-developers@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jmol-developers
