RE: Re: Java sandboxing not used much

["Alun Jones" <alun () texis com>]

> -----Original Message-----
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of Bill Cheswick
> Sent: Thursday, March 11, 2004 2:04 PM
>
> User client-level applications should come with recommended 
> sandbox.conf
> files that will contain them appropriately.  There's already 
> a shortage
> of systems and network security people, and this stuff should be as
> easy as possible.  

Ah, but that has its own problem, as everyone relies on the sample files,
and certain settings are known to be the same - like having everyone's
Windows system installed at "C:\WINDOWS", using sample configuration files
unchanged is often as much a source of security problems as it is a means of
reducing confusion.

Alun.
~~~~
-- 
Texas Imperial Software   | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place   | [EMAIL PROTECTED]
Cedar Park TX 78613-1419  | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.