On Fri, Jul 05, 2002 at 09:33:56AM -0700, Sundar Narayanasamy wrote:
> What is this deal with not enabling Java and JavaScript? I thought 'Java
> Sandbox' implementation as the best security implementation available on the
> internet. Sandbox doesn't allow net applications access anything other than
> browser memory even indirectly. (Of course, you can modify the sandbox to
> have access to other system resources on the box, but why would you do that
> and you need a good understanding of the sandbox)

I agree.  The few applet exploits that have been discovered have been 
pretty tame curiosities.  I think the fear of Java is just a knee-jerk
reaction, or maybe related to the slow start-up times on Netscape 4.x,
or its broken threading model which can allow applets to hog CPU time.
Or maybe they just don't like Sun...

For performance reasons I also agree plain HTML is better when you can 
use it, but in some cases you need more interactivity than that.  But
of course chatrooms can be built with frames, one frame pulling data
from a CGI in real-time as the conversation progresses, and another frame
with the form for posting a comment.  But some people get their panties
in a knot about frames too, which I also don't understand.

Also why re-invent the wheel.. general-purpose IRC is better and
perhaps more efficient than single-purpose chatrooms isn't it? Now, an
applet or CGI lashup which connects to an IRC server might make sense,
because then you can bridge two audiences.

-- 
  _______                   Shawn T. Rutledge / KB7PWD  ecloud@bigfoot.com
 (_  | |_)                       http://ecloud.org  kb7pwd@kb7pwd.ampr.org
 __) | | \________________________________________________________________