Re: Re: metacard, internet and security

Mon, 14 Aug 2000 01:27:49 -0700 

I wrote

> > 2) solution based on limiting the runtime
> > The Navigator, MSIE or javascript have some internal limitations to
forbid
> > writing on the user's disk.
> > Would it be possible to have in metatalk some internal flag forbiding a
> > runtime to write on the user's disk but in the folder where the runtime
is ?

Scott Raney answered

> Something like this is already in there: Setting the "secureMode"
> property to true prevents accessing files or running subprocesses on
> the current system.  You can set it to true in a startup handler (once
> set to true, it can never be set back to false for that session), or
> on Windows and UNIX, by passing "-f" on the command line.

The good news with Metacard is that it is very powerfull :-)
The bad news with Metacard is that the documentation is quite cryptic for
unix-unliterate scripters who do not exactly know what a "file system" or a
"subprocess" look like :-(

The doc says : "When the secureMode is set to true, all access to the file
system and other system resources is disabled. Once set to true, it cannot
be reset back to false."

What does mean "all access to the file system ... is disabled" ? Does it
mean that you can neither read nor write from/to  your disk / local network
/ internet ?
Does it mean only that a "securemode" runtime cannot write to disk ?
Does it mean also that a "securemode" stack cannot be saved ?
Does it mean also that a "securemode" runtime cannot open an external stack
?
Does it mean also that a "securemode" runtime cannot read data from disk ?
Does it mean also that a "securemode" runtime cannot put into an url ?
Does it mean also that a "securemode" runtime cannot get an url ?

What does mean "all access to ... other system resources is disabled" ?
Does it mean that a "securemode" runtime cannot print ?
Does it mean also that a "securemode" runtime cannot send an email ?

What mean "Setting the secureMode property to true prevents ...running
subprocesses" ?
Does it mean that a "securemode" runtime cannot  use the "launch" or "open
process" command ?
Does it mean that a "securemode" runtime cannot open a substack ?

Regards, Claude


Archives: http://www.mail-archive.com/metacard%40lists.best.com/
Info: http://www.xworlds.com/metacard/mailinglist.htm
Please send bug reports to <[EMAIL PROTECTED]>, not this list.

Reply via email to