Article 1306 of comp.lang.java.security: > From: "Richard M. Smith" > I know of at least three > commercially available ActiveX controls which have > methods which will save files to disk. Any of these > controls, I believe, can be exploited to build > a disk crash HTML page. There has been, and quite possibly still is, at least one commercially-available ActiveX control which has a method to execute arbitrary system commands! I discussed the possible security implications of this with the maker of the control, and they said basically that users would just have to be careful not to allow that control to be invoked by an untrusted page. Interesting security model... I suspect that the major impact of ActiveX security problems will not be directly malicious controls (since people may learn not to accept unsigned controls, and bad guys may be unwilling to sign their malicious ones), but rather bad guys exploiting accidental security problems in signed/trusted controls. Corrections welcome; I wouldn't mind being wrong on this! *8) The contrast with Java, of course, is that in the Java case you only have to trust the JVM and its SecurityManager, not every individual applet that you accept. Or are there ways that an attacker might use Java to exploit the fact that you've previously accepted and assigned some trust to some other app/applet? I'm not sure about that... - -- - David M. Chess High Integrity Computing Lab IBM Watson Research - -- -