Re: idea

[der Mouse <mouse () rodents-montreal org>]

> To use the real-life example, an unpatched Windows [...]  Even if I
> do not connect the machine to any network, the moment I open any
> document that the machine itself did not create, I expose it to all
> sorts of macros, scripts and embedded content which can hose or
> exploit my applications.

Quite.  A good argument against providing extension languages with the
capability of modifying...well, pretty much anything outside the file
the code is embedded in, and arguasbly even that.

> The same weaknesses apply to operating systems and applications
> generally.

Only if they insist on executing code from sources such as "documents"
from elsewhere, giving it capabilities like writing files (or
semi-equivalent capabilities such as modifying the windows registry).

I, for example, do not "open" "documents"; I display and/or edit files,
and the display and editor programs do not provide any kind of
live-content support to the files in question.  (I do occasionally run
PostScript or PDF code, but when such programs come from untrusted
sources I tell the PS/PDF engine to disable the primitives for writing
files and the like.)  This is not to say that programs are bug-free,
only that outright bugs provide any way for such things to execute
content.

I fully expect that evolutionary pressures will end up killing off live
content, or at least live content that provides support for making
non-transient state changes such as writing files.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse () rodents-montreal org
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.