rjb at rz.uni-potsdam.de
Tue Jul 27 04:02:48 CDT 2004
>>what about a sandboxed enviroment, like a function to save a stack
>>and another to load. You cannot specify where to save for the
>>Dreamcard app will save it to it's own folder. This way we can save
>>stuff and load stuff, and there will be no harm in it. Also we
>>could only save and load stacks. maybe this handler could be
>>something like secureSave and secureLoad. The user could be
>>prompted and asked if he would allow to save or load from this app,
>>much like the Apple Keychain does.
>>What about this approach, it can be easily implemented without
>>altering Dreamcard code, this could be done in transcript level, no
>>need to put that on the engine itself.... it could be done in
>>couple hours and would make big time for us...
>Any changes to the behavior of secureMode must be done in the
>engine. If they are handled in script then a script can change the
>behavior, leaving the door open to hackers.
>An engine-level solution has been bandied about in Bugzilla:
>Until such a change is made at the engine level, I agree with
>Kevin's position of erring on the side of safety.
> Richard Gaskin
> Fourth World Media Corporation
While I agree with Richard, I am also somewhat concerned that this
omission may become sour grapes for the player. Capability to save is
so fundamental to operation of most programs that it is very likely
the first thing any player user will do (will have to do) is to
disable secure mode. That may thus become a support issue (why my
data is not saved?) aside from making the secureMode sort of useless.
PS A malicious person can include an external which I don't think can
be prevented from accessing disks and system.
More information about the use-livecode