Archives
  Columns
  Features
  Print Archives
1994-1998
  Special
  BYTE Digest
  Michael Abrash's Graphics Programming Black Book
  101 Perl Articles
  About Us
  How to Access BYTE.com
  Write to BYTE.com
  Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE   REGISTER
Visit the home page Browse the four-year online archive Download platform-neutral CPU/FPU benchmarks Find information for advertisers, authors, vendors, subscribers

ArticlesSafe Beans

February 1998 / Features / Making Components Portable with JavaBeans / Safe Beans

ActiveX has evolved from the relatively isolated environment of the desktop toward the networked computing model that includes the Internet. In a desktop computer system environment, users (or their support infrastructure) control what is installed on the systems. If it comes out of a shrink-wrapped box, then it's probably safe and trustworthy. But this is not always the model for today's computer networks.

With the advent of the Internet and corporate intranets, more of the software on users' systems is downloaded on demand from a corporat e network. The code is often embedded within the HTML content and arrives at the user's system unbidden. This software is almost never installed in a controlled manner and is usually intended to reside on the system only as long as the user accesses the containing page.

This model originated with Java, and, not surprisingly, the Java security model is designed for it. All Java code executes in a controlled environment called the Java sandbox. This sandbox fully controls what parts of a system are accessible. This is possible because the Java application can use only those facilities of class libraries that are loaded by a class loader that cooperates with the security mechanisms.

ActiveX has no equivalent to the sandbox. ActiveX components are compiled to hardware-specific instructions and use OS calls directly. An ActiveX component can do anything it likes to the user's system once it has been downloaded.

Microsoft has papered over this fundamental flaw b y using certificates. The idea of signing a piece of code so that a user can ensure it arrives undamaged and comes from a trustworthy source simply means that the user knows whom to blame when his or her system crashes; it does not stop it from crashing.

Up to the Features section contentsGo to previous article: Safe BeansGo to next article: Bridging Beans and Active X
Flexible C++
Matthew Wilson
My approach to software engineering is far more pragmatic than it is theoretical--and no language better exemplifies this than C++.

more...

BYTE Digest

BYTE Digest editors every month analyze and evaluate the best articles from Information Week, EE Times, Dr. Dobb's Journal, Network Computing, Sys Admin, and dozens of other CMP publications—bringing you critical news and information about wireless communication, computer security, software development, embedded systems, and more!

Find out more
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE Volume 1: Programming Languages
The Best of BYTE
Volume 1: Programming Languages
In this issue of Best of BYTE, we bring together some of the leading programming language designers and implementors...

Copyright © 2005 CMP Media LLC, Privacy Policy, Your California Privacy rights, Terms of Service
Site comments: webmaster@byte.com
SDMG Web Sites: BYTE.com, C/C++ Users Journal, Dr. Dobb's Journal, MSDN Magazine, New Architect, SD Expo, SD Magazine, Sys Admin, The Perl Journal, UnixReview.com, Windows Developer Network