From owner-freebsd-hackers  Sat Apr 29 14:11:57 1995
Return-Path: hackers-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id OAA15517
          for hackers-outgoing; Sat, 29 Apr 1995 14:11:57 -0700
Received: from time.cdrom.com (time.cdrom.com [192.216.223.46])
          by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id OAA15511
          for <hackers@FreeBSD.org>; Sat, 29 Apr 1995 14:11:55 -0700
Received: from localhost (localhost [127.0.0.1]) by time.cdrom.com (8.6.11/8.6.9) with SMTP id OAA15436; Sat, 29 Apr 1995 14:10:19 -0700
X-Authentication-Warning: time.cdrom.com: Host localhost didn't use HELO protocol
To: roberto@blaise.ibp.fr (Ollivier Robert)
cc: andreas@knobel.gun.de, hackers@FreeBSD.org
Subject: Re: Hot Java.. 
In-reply-to: Your message of "Sat, 29 Apr 1995 22:52:21 +0200."
             <199504292052.WAA16223@blaise.ibp.fr> 
Date: Sat, 29 Apr 1995 14:10:18 -0700
Message-ID: <15434.799189818@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: hackers-owner@FreeBSD.org
Precedence: bulk

> > Java has an interpreted language built in, so you can download scripts
> > that actually _interact_ with the user locally.  I don't think you
> 
> That should open a big can of worms too (aka security holes)...

This is certainly not news to Sun, and they have some mechanisms for
dealing with it.  You can also disallow local execution if you wish,
using it instead as a straight brower.

Dataflow analysis and variant command sets/privilege levels for
interpreted languages is the future.

					Jordan