[Home] [Groups] - Message: [Prev in Group] [Next in Group]
28279: Re: [MUD-Dev] Scripting languages
[Full Header] [Plain Text]
From: "Kwon J. Ekstrom" <justice@softhome.net>
Newsgroups: nu.kanga.list.mud-dev
Date: Wed, 02 Jul 2003 17:50:28 -0600
References: [1] [2] [3] <-newest
Organization: Kanga.Nu
Bruce Mitchener wrote:
> Kwon J. Ekstrom wrote:
>> I personally don't see how writing a custom language helps much
>> against malicious code.
> It depends on the custom language of course. Various systems out
> there have security models that are part of the language, its
> compilation environment, or its runtime environment.
Perhaps I misworded this.
While I'm positive that a custom language "can" help with security,
I don't see that as reason enough to write my own. Several embedded
languages have a security model that's been tested on a variety of
systems.
I'm sure there's some loopholes to my security model I haven't found
yet, holes I haven't patched, etc. Those holes are on my objects
themselves, the language is secure.
The security features you mentioned in your examples all seem based
on enforcing a priviledge model. This is exactly what I did with
Rhino, and I'm fairly sure that it took alot less time to research
and code.
-- Kwon J. Ekstrom
_______________________________________________
MUD-Dev mailing list
MUD-Dev@kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev