Re: A problem with Navigator's cache -Reply

• To: hallam@ai.mit.edu
• Subject: Re: A problem with Navigator's cache -Reply
• From: Jeff Weinstein <jsw@netscape.com>
• Date: Sun, 25 Aug 1996 15:47:57 -0700
• CC: www-security@ns2.rutgers.edu
• Organization: Netscape Communications Corp.
• References: <9608251811.AA15262@etna.ai.mit.edu>
• Reply-To: jsw@netscape.com

hallam@ai.mit.edu wrote:
> 
> >sigh.  If the program runs under the user's control, then the path to
> >the netscape.lck must be hardcoded and fully qualified, such as
> >/usr/local/lib/netscape/netscape.lck
> 
> Getting Netscape to understand security is an uphill struggle.
> When I broke the SSLv1 protovol ten minutes after he showed it
> to me I expected that Marc might have asked for advice before
> creating version 2... Mind you when I did offer advice about
> Kipp's random number generator it didn't help.

  Since Marc and Kipp have not been involved in our security
efforts for at least a year and a half (since I arrived here),
I don't understand why your experiences with them so long ago
are relevant to our current security efforts.

> Netscape's whole attitude to disabling Java and Javascript
> appears to be one of adamant refusal to consider doing the
> job properly. By this I mean writing a Netscape executable
> that does not have Java or Javascript at all.
> 
> At present many corporate firewalls are set to block all
> content with type application/binary because this is what is
> used for Java and they wisely wish to let the Gosling
> hypothesis (that Java is safe) be tested for a year or five
> before they believe it. If Java gave a descriptive MIME
> type such as application/java then it would be possible
> both for firewalls to strip out dangerous executable code
> and for the Java virtual machine to be upgraded without
> negative impact. Hopefully the Redmont club will fix this.

  I have asked our java group to implement this feature to allow
firewalls to filter java applets.  It did not make it into 3.0,
but I believe that it is scheduled for the next release.  However
if you want to keep java from running within your firewall, we
can do it today.

  Using the netscape administration kit, you can lock the
java and javascript options off, so that the user can not
re-enable them.  You can also change the User-Agent field
to indicate that this is your locked version.  Note that the
navigator does not allow the user to modify the user agent
without the admin kit (some other web clients do allow the
user to easily modify the user agent string via preferences).
You can then filter out unlocked clients at the firewall, proxy,
and internal servers.

> What I would want to do as a security officer is to ensure
> that only the clients *I* consider safe are used. That would
> mean checking at firewalls (internal and external) for
> User-Agent fields. Unless the client communicates the fact that
> Java and Javascript are disabled I measure the security risk
> of a client by its capabilities, not by what the user may
> have turned off.

  As noted above, the Netscape Admin kit will let you do it.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.

• Re: A problem with Navigator's cache -Reply
• From: hallam@ai.mit.edu

• Previous: Re: A problem with Navigator's cache -Reply
• Next: Re: A problem with Navigator's cache -Reply
• Index(es):
  • Index
  • Thread