is there a best anti-viral program for Revolution?
Richard Gaskin
ambassador at fourthworld.com
Wed May 25 14:05:21 EDT 2005
Dar Scott wrote:
>
> On May 25, 2005, at 10:45 AM, Richard Gaskin wrote:
>
>> We already have a secureMode property, and a spec has been provided
>> for a requested secureFolder property to help secureMode be useful.
>
> I guess I don't know how to use this properly.
>
> Do I type this into the message box?
>
> shell( "revolution -f somestack.rev" )
>
> Is a separate copy of Revolution then run?
SecureMode is documented -- it's a global which governs whether the
engine will have access to file I/O, AppleScript, shell, etc.
> Also, I thought this still allows access to files and network
> communication. One of the problems with the Java sandbox is that it
> allows to much.
Yes, net access is allowed in secureMode, but not file I/O (the
secureFolder request would allow file I/O restricted to a specified
directory and limit the amount of data that could be written there).
So while secureMode addresses viruses it doesn't currently address
spyware. However, if I understand it correctly the scope of such
spyware is severely limited with secureMode on, effectively to those
things in memory during the current session.
>> Looking at RevOnline it appears that the concept of "trusted" sites
>> has already been implemented -- is it not documented?
>
> Where are you looking?
The v2.5 docs describe a host of security and encryption options,
including secure sockets, and watching messages shows calls named
rvoSecureStatus, rvoSecureCancel, and ulIsSecure.
Not sure what they do, but since Rev is aware of security concerns and
RevOnline premiered when secure sockets premiered it would seem
reasonable that they use secure sockets to validate channels.
--
Richard Gaskin
Fourth World Media Corporation
__________________________________________________
Rev tools and more: http://www.fourthworld.com/rev
More information about the use-livecode
mailing list