[Date Prev][Date Next][Thread Prev][Thread Next][Date index][Thread index]
RE: st: -shell- safety
I agree. Also, there are no ultimate guarantees of
Manifestly, the decision to install something on
your machine is yours alone. Clearly you should
consider among other things the reputation of the
programmer, and so forth. In addition, you can
always scan a program for OS calls.
In practice, if people want to be nasty, they do not
have the mindset that leads them to write and
distribute nasty Stata programs too. A nasty Stata
program would affect a very small number of people
for one. That's perhaps naive, but I believe it to be true.
> I cannot speak for StataCorp, but I think the main problem with
> implementing this wish-list item is how they are to define
> "something-nasty". And I suspect that this problem will be
> subtly different
> from one operating system to the next.
> >This hasn't been a problem yet for me, and I've heard nothing to
> >suggest that it has been a problem for others, but:
> >If someone distributes a program that includes something like
> > shell do-something-nasty
> >will Stata do-something-nasty as the program instructs, or
> will it stop
> >and ask me for permission? (as far as I can tell, Stata will do what
> >the program says).
> >If Stata goes right ahead and does-something-nasty, then are
> there good
> >reasons not to ask for a wish-list item that might stop that from
> >happening without additional user input?
> >The manuals may well address this question; my manuals are
> out of reach
> >for now. And I haven't summoned to courage to write a test
> program that
> >tries to erase my hard disk.
* For searches and help try: