[Date Prev][Date Next][Thread Prev][Thread Next] [Search] [Date Index] [Thread Index]

Re: [MacPerl] unmounting from macperl



Though this is getting more and more off topic, I want to try and figure
out what oszarazi@cuug.ab.ca <???> is getting at. I invite oszarazi to
reply to me once more on this list, then we should probably move this
discussion to private e-mail.

At 8:06 PM 12/6/96, ??? wrote:
>> >Isn't "AppleScript" an incredibly large Security Hole??
>> >The idea of integrating anything in that way seems to be seriously
>> >contrary to all models of the Internet.

And I said:
>> Huh? I think I don't quite understand to what you are refering. AppleScript
>> is built in to the MacOS System 7.5.

To which oszarazi@cuug.ab.ca replied:
>Think about it.

Well, you might have to help me think about it :-/ . Without a few more
clues, I don't yet see your point. Maybe you could illustrate your point
with an example.

>> AppleScript is a marvelous and robust scripting language for driving
>> applications (including the Finder) on your own desktop. Matthias is
>> working to incorporate AppleScript into MacPerl for that reason.
>
>To introduce security holes onto people Macintoshii ;-)

I disagree. I believe that Matthias (if Matthias were not working
diligently on his thesis now, he would jump in and correct me here ;-) ) is
adding OSA capabilities to MacPerl to extend the control people have over
applications on their own computers. This is *good*.

   The Macintosh is famous for having pretty tight security built-in. In
order to allow anyone access to your machine through AppleScript (or any
OSA-compliant language) one must intentionally set up File Sharing to allow
this. One must not only turn File Sharing on, but one must choose to allow
others to link to programs on one's desktop. The security risk of this is
less through AppleScript than through more direct means -- someone else can
start by dragging your System Folder to the Trash.

   And I will repeat, none of this works (at present) over TCP/IP, only on
a local network.

>>    *JavaScript*...now that might be a security risk, but I think the people
>> at Sun (and Netscape) are trying to eliminate those features as rapidly as
>> possible.
>
>Colour me doubtful on that count.  If anything they've work towards the
>exact opposite.

You are probably right here -- we agree!

   Cheers,
   Clint

--
   Clint MacDonald | <cbbccm2@tthsc6.lubb.ttuhsc.edu>
   <http://www.grad.ttuhsc.edu/Grad/macdonald/>