Reality of Language Security 
Author Message
 Reality of Language Security



 |>  | [...]
 |>  |>The fact is that Java's security is superior to most any
 |>  |>language out there, thanks in large part to final, [...]
 |
 | [...] I've worked extensively on .NET, and it also has more
 | richly architected/designed security facilities than Java.

Dave, could you explain what you meant by this?  I looked at the
.NET security model and it seems to be a copy of Java's only less
simple and less powerful.  For example, it looks to be based on a
stack walk instead of a security context (ie, not possible to
check security from other threads or at other times after the
original call).

MS to block internet apps by default in .NET:
  http://www.*-*-*.com/

It seems that Microsoft is not sure of the .NET security system.
This of course is in contrast to Java where safe execution of
untrusted code has been turned on since Day 1 and ever since, but
still better then Smalltalk and C/C++ with absolutely no security
whatsoever for code downloaded from the internet.

Jam (address rot13 encoded)



Wed, 04 Aug 2004 00:53:15 GMT  
 Reality of Language Security



Quote:

> MS to block internet apps by default in .NET:
>   http://www.theregister.co.uk/content/4/24089.html

> It seems that Microsoft is not sure of the .NET security system.

To give them their due I think MS probably are confident of their .NET
security system, but correctly surmise that hardly anyone will believe them.
It would be true to form for Microsoft to be over confident of their
security.


Wed, 04 Aug 2004 04:22:30 GMT  
 Reality of Language Security

: MS to block internet apps by default in .NET:
:   http://www.theregister.co.uk/content/4/24089.html

: It seems that Microsoft is not sure of the .NET security system.
: This of course is in contrast to Java where safe execution of
: untrusted code has been turned on since Day 1 and ever since [...]

Not everywhere.  Java apps presented a security risk in the early days -
because of JVM bugs - of which there were quite a few.  As a result
some folks turned Java off.  Others turn Java off for good measure,
if they are not toally confident that JVM bugs will not arise.

Java will probably benefit if it continues to remain one of the few
ubiquitous secure environments for executing untrusted code from the net.
--
__________



Wed, 04 Aug 2004 18:17:20 GMT  
 
 [ 3 post ] 

 Relevant Pages 

1. virtual REALITY - more REALITY

2. TUTORIALS: automated graphics, virtual reality, visual languages

3. VRML - Virtual Reality Markup Language??

4. Paper announcement: Language-Based Information-Flow Security

5. APL97 vision now reality

6. SmallTalk, Self, etc. used in Virtual Reality

7. Anonymous:Reality check

8. Virtual Reality Programming

9. Virtual Reality

10. virtual reality type app, help!

11. FREE VISUAL FIVEWIN !!! - A reality

12. ODBC 32 bits RDD for Clipper: A reality !!!

 

 
Powered by phpBB® Forum Software