Security and Javascript

• Previous message (by thread): Security and Javascript
• Next message (by thread): Security and Javascript
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Matthias Kirschner <mk at fsfe.org> writes:
> 3) From a security point you are lost as soon as you give an adversary
> the opportunity to control your system. 

Well, javascript is run a restricted environment. I don't see how you'd
be lost by running javascript. Also many universities let their students
run code on their systems but I don't consider they have "lost".

> 4) Only non-active web content can guarantee that you keep control over
> your equipment. 

There are security issues also in the code that parses this non-active
content. Javascript is replacing a lot of things that used to be
separate plugins with poor security track record.

• Previous message (by thread): Security and Javascript
• Next message (by thread): Security and Javascript
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]