RE: Hypothetical design question

["Dave Paris" <dparis () w3works com>]

The problem with "restricting malicious things" is that the same action can
be veiwed as desirable or malicious, depending on intent.  Intent is an
intangible.  Computing systems tend to deal poorly with intangibles.

If I type 'rm -fr /', my intention is to prepare a machine for a new OS
load, prior to a reformat.  If an intruder types 'rm -fr /', his intentions
are *likely* (can't say for sure without directly asking the intruder!) to
be somewhat more malicious.

The OS has no way of determining who the "real" user is and which intention
is desirable and which isn't.  If you try to enumerate a list of
"potentially malicious code" that shouldn't be run from Application X you'll
be at it for the rest of your life; a never-ending, never-winning battle.
:-(

Kind Regards,
-dsp

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of Nick Lothian
Sent: Wednesday, January 28, 2004 5:16 PM
To: [EMAIL PROTECTED]
Subject: RE: [SC-L] Hypothetical design question

[...]

On the other hand, the operating system/email client still needs to allow
one-click execution of attachments - it should just restrict them from doing
malicious things.

Nick