Re: [tkined] Scotty & tclets

Juergen Schoenwaelder (schoenw@ibr.cs.tu-bs.de)
Fri, 16 Oct 1998 13:46:37 +0200

>>>>> Eddie Corns writes:

Eddie> Hi, hope I'm not going over old stuff here. I've just written
Eddie> a small program using Tk and scotty which works fine but I
Eddie> thought I'd have a go at putting it on a web page. I already
Eddie> have the TCL plugin for netscape so I pointed it at my tcl
Eddie> program which does 'package Tnm 2.1'. The plugin wasn't happy
Eddie> about this. As far as I can tell from the plugin docs it won't
Eddie> load a package unless it has a "safe" entry point. Does anyone
Eddie> know if this is the source of my problem? Is there a solution?
Eddie> I appreciate that in general because of scotty's functionality
Eddie> it may not be advisable to just declare the whole package safe
Eddie> but since I'm only offering an updated display with no
Eddie> interaction I presume there would be no problem if I simply
Eddie> added the safe entry point (assuming this is possible and
Eddie> easy).

The Tnm extension actually has a safe entry point. However, it only
registers the "job" command since all other commands can be used to
talk to arbitrary remote systems, which can be used to break security.

However, the netscape plugin allows to define security policies. This
allows to configure the plugin to load the Tnm extension and to bypass
this security check if you want this. You can for example define a
policy where the plugin loads the Tnm extension but does not accept
any Tcl code coming from untrusted sources in the network. This gives
access to all Tnm commands for the price of setting up the right
profiles.
Juergen

Juergen Schoenwaelder schoenw@ibr.cs.tu-bs.de http://www.cs.tu-bs.de/~schoenw
Technical University Braunschweig, Dept. Operating Systems & Computer Networks
Bueltenweg 74/75, 38106 Braunschweig, Germany. (Tel. +49 531 / 391 3289)

--
!! This message is brought to you via the `tkined & scotty' mailing list.
!! Please do not reply to this message to unsubscribe. To subscribe or
!! unsubscribe, send a mail message to <tkined-request@ibr.cs.tu-bs.de>.
!! See http://wwwsnmp.cs.utwente.nl/~schoenw/scotty/ for more information.