Web-Dedicated Metacard
Chipp Walters
chipp at chipp.com
Mon Dec 23 15:57:01 EST 2002
Richard,
>
> While the potential for malicious abuse is clear, it's no more a
> problem for
> Rev than it is for ActiveX controls, Director extensions, or downoading
> applications from Downoad.com.
>
I disagree. See my response on this subject to Andu. Also, Director
extensions are not necessarily sanctioned by Macromedia -- and I doubt you
automatically download potential destructive extensions without some sort of
warning (correct me if I'm wrong). ActiveX controls should be signed, and if
they're not, the user gets a warning stating they could be dangerous.
Download.com is a totally different beast -- it doesn't rely on a plugin or
software helper app. But, you still have to manually download and execute
the program.
If you haven't yet, please download a copy of ButtonGadet
(www.buttongadget.com) on a PC and then go to the ButtonSets page and click
on any button image. IE will download the stack, launch ButtonGadget and
load the stack, without asking you *any* questions! This is cool, but
potentially dangerous behavior. If I so wished, I could publish a viral
stack and place it on users hard drives. Of course, those that use
ButtonGadget have confidence I wouldn't do such a thing, but another person
could put an .iwz (stack) file on their website, with an ON LOAD javascript
handler and when the page opened in a browser, it would automatically
download and execute the .iwz stack! No questions asked. So...I put some
measures into ButtonGadget to check the stack's viability before opening it.
If MC or RR registered themselves as a correct MIME (generic stack player),
then anyone could make a stack with a handler:
on startup
Delete all the files on this hard disk
end startup
This is why it's important to be careful of such things. Building a generic
web safe stack player may not be such a trivial matter. It is why I
mentioned before, it may be best left up to third parties to do so...and
monitor the content as well.
I do agree with you , at some point we need to trust others ...
> I'd love to see a "semi-secure" mode, in which file I/O was allowed but
> restricted to one specific directory.
Here here! I like this idea!
-Chipp
More information about the metacard
mailing list