On Fri, 26 May 2000, Bert Freudenberg wrote:
> On Thu, 25 May 2000, Bijan Parsia wrote:
>
> > Writing files and opening sockets may be sufficient for a variety of
> > secondary attacks (as well as the obvious direct attacks). For example, if
> > you can write out a pre-compiled AppleScript to the "startup" folder, it
> > will get executed next startup.
>
> The latest (not yet official) Unix VM has a -secure option that restricts
> file prims to be able to read and write only in the image directory and
> subdirs (the so-called "file sandbox").
Cool! I suspected that this would be fairly straightforward.
Now, as soon as we can kill the need to run X even if Squeak is running
headless, I know several folks who will be delighted to adopt Squeak as
their server.
(This complaint---the need for X even if you aren't going to use
it---cropped up on comp.lang.smalltalk. From Tim's rumblings, however, I
suspect that's on the way.)
Cheers,
Bijan.
