On Tue, 2006-11-14 at 18:31 -0500, Gregory Maxwell wrote:
Perl .. yuck.. But sure, as I said... I don't care
what language. I
was hoping there would be some good ECMAscript interpreters in java
but because of 'javascript' it's darn difficult to search for.
I only know of one, Rhino (
http://www.mozilla.org/rhino/). Looking from
outside, it seems to be a good implementation -- it's actively
maintained, and has a nice feature list -- but I've never actually used
it.
I'd rather not make performance a goal.. I'd
rather they have
facilities for calling java classes we provide.. and we can provide
(audited) java classes for anything performance critical... for
example video/audio playback or 3D rendering.
"... we can provide (audited) java classes for anything performance
critical..."
Really? Including fluid dynamics simulators, rigid-body kinematics with
collision detection, Game of Life simulators, and chess-playing
programs? These are just a few possibilities for (the
performance-critical part of) educational applets that I came up with
off the top of my head; I'm sure there are many more.
The JVM-based interpreter may still be the right thing to do, but people
need to be aware that there are whole realms of creative educational
possibilities that are far less feasible with that approach.
How does a Java applet go about asking for more privileges? Is that
something we can easily audit to avoid (for instance, by checking .class
files to make sure they only use standard Java classes and methods that
are in a whitelist, not to include reflection)?
If the embedded-in-JVM interpreters let you interact with Java, then you
will probably be able to write scripts that ask for more privileges; and
that can't be fixed by outlawing reflection, since the interpreter has
to use reflection. For this reason, compiled Java may actually be
easier to secure than an interpreter.
Can we write our own security manager, ensure that all calls to
uploaded .class files are "wrapped" by our security manager, and
implement our own restrictive security policy that way?
Carl Witty