Don Box: Huge Security Holes in Solaris, JVM

DaHat writes "Don Box, one of the authors of the original SOAP specification in 1998, now an architect on Microsoft's next generation Indigo platform recently responded to James Gosling's remarks regarding huge security holes within the .NET Common Language Runtime (CLR). Don argues that the same 'flaws' that Gosling noted in the .NET CLR exist both within the Solaris operating system as well as the JVM, both of which support execution of C and C++ code, as well as explaining why this is not necessarily a bad thing."

Re:Flaws aren't a bad thing?

[Rosco+P.+Coltrane]

I can see it now..."Bugs deserve rights too!"

Well, ask the original bug at NSWC if it enjoys being taped to a cardboard note since 1947...

here we go again....

[kevinx]

is this one of those, "your hole is bigger than mine" arguments?

This just in!

[kiwidefunkt]

This just in: Programming languages are insecure. They allow third parties to run arbitrary code on your processor.

Microsoft will be releasing a patch which fixes this problem soon. Stay tuned.

Hmm..

[vurg]

So when will this become a serial exchange of yo momma jokes?

Whiny

[5n3ak3rp1mp]

I can't help feeling that some small percentage of this type of back-and-forth is something like a junior-high whiny geek arguing about how the Micro Channel bus architecture is better than ISA and that , incidentally, Apples are utterly irrelevant. ...Oh, wait. That geek was at one time a friend of mine, and this was circa 1985, and this was an actual discussion. ;) (hi, don ulrich! i still use a Mac, and Apple still exists! where's your precious PS/2 micro-channel NOW?!?! nyaaah, nyaaah!!)