Subj : Re: Tainting in Rhino
To   : Benjamin Livshits
From : Igor Bukanov
Date : Thu Jul 29 2004 12:26 pm

Benjamin Livshits wrote:
> I was wondering if anybody has thought about or tried to implement
> tainting a la Perl in Rhino.
> 
> I think it should be useful for browser embeddings to prevent data
> from forms to propagate to eval() calls, for instance.

I do not think it is useful since in an browser environment script can 
only do what browser provides. If browser just implements a basic DOM 
then there is no way scripts can do harm except consuming all the memory 
and opening zillions of windows.

If on the other hand browser allows, for example, LiveConnect to script 
Java objects (which is supported by default in Rhino), then the script 
can do whatever Java code can do. For example, AFAIK ICEBrowser treat 
all the scripts in the same way as it treats untrusted Java applets and 
use the standard SecuriManager techniques to implement the proper sandbox.

Regards, Igor

.