On Thursday 21 August 2003 01:53 pm, you wrote:
>
> Actually, the bulk of perl and asp code is executed server-side, like cgi
> - thereby delegating all risk to the server. Java applets, which are at
> least partially executed by the client, are a special case, and they are
> not able to touch local files, open network connections (except back to
> the originating server), or otherwise do anything destructive - your
> local java runtime environment knows the difference and enforces these
> rules.
Yes it's quite true that they execute on the server side. It does not
however stop you from sending a string to your browser. If correctly
formatted on a vulnerable system will execute.
Using a variety of programming tools--including Java, Visual Basic, and
C++--developers can create interactive Web content. For instance, ActiveX
technology can allow users to view Word and Excel documents directly in a
browser.
My point was not to argue what tools is used, but the fact that it can and
has been done with tools not expected to do the harm.
> Levi
>
> -----------------------------------------------------------------------
> This list is provided as an unmoderated internet service by Networked
> Knowledge Systems (NKS). Views and opinions expressed in messages
> posted are those of the author and do not necessarily reflect the
> official policy or position of NKS or any of its employees.
--Steve ______________________________________ This sig is pending approval ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:59:57 EDT