Re: Mobile Code Security???

[Bennett Todd <bet () rahul net>]

1998-04-29-03:43:04 Todd Radermacher:
> I'm curious as to the groups opinion on Java, JavaScript, ActiveX ,
> or more generally - mobile code secuirty technologies.

I think they aren't too well off, as yet. Some of them are wildly
unacceptable, as they have no attempt at a ``security'' model; others
were designed and implemented by people who tried --- and failed -- to
define a workable security model. So far none of them have proven safe,
or anywhere near it.

So firewall policies seem to split into two camps: some shops attempt
to prohibit all applets from coming through, and others just try to keep
up with the security fixes in the browsers.

As has been pointed out many times, applet stripping remains an
unreliable heuristic process; in my opinion its big value is that if it
_usually_ works, it helps keep users' expectations in line with policy.

> Are methods for dealing with mobile code to become "standard"
> features in commerical firewalls?

Ahh, this is a question about the future! My favourite sort. Peering
into the crystal ball, I see applet features in firewalls ceasing to be
important within the next few years; whether it's by retrofitting kluges
like Janus[1], or by seriously integrating some old but not widely used
OS features (e.g. ACLs, Orange Book-style access control, Domain Type
Enforcement, ...) one way or another I think we're going to see improved
tools for locking mozillas into boxes on the desktop.

-Bennett

[1] <URL:http://www.cs.berkeley.edu/~daw/janus/>