Subject: Re: [xsl] Unable to get Firefox to apply XSL From: "Michael Kay mike@xxxxxxxxxxxx" <xsl-list-service@xxxxxxxxxxxxxxxxxxxxxx> Date: Wed, 30 Mar 2022 07:38:08 -0000 |
>> Maybe security is of higher importance than convenience? > > In particular in multi-user systems there's no reliable way to detect > that you've wandered into another user's directory. This can happen on > Windows and Mac just as much as Linux or Unix of course. So there was > a class of attacks that involved getting a user to load a script that > someone else had written. > Rather like double-clicking on a Word document with macros, in fact. It's all a workaround for the fact that we're using operating systems whose security model is 50 years out of date. Where there's a strong distinction between "programs" and "data" that's unrealistic in today's world, and where a program is either trusted or untrusted, and if it's trusted then it can do anything, and if it's not trusted then it can do nothing. I guess we'll have to wait for an even bigger cyber-disaster before the world wakes up to the fact that it doesn't have to be like this. Meanwhile, browsers are trying to provide a layer of protection that ought to be provided in the operating system, and of course they're doing it really clumsily. Michael Kay Saxonica
Current Thread |
---|
|
<- Previous | Index | Next -> |
---|---|---|
Re: [xsl] Unable to get Firefox to , Liam R. E. Quin liam | Thread | Re: [xsl] Unable to get Firefox to , Norm Tovey-Walsh ndw |
Re: [xsl] Unable to get Firefox to , Liam R. E. Quin liam | Date | Re: [xsl] Unable to get Firefox to , Norm Tovey-Walsh ndw |
Month |