"David T. Lewis" <lewis at mail.msen.com> wrote:
> On Fri, Mar 16, 2001 at 07:42:59AM -0800, Ned Konz wrote:
> > 
> > As an aside, the OSProcess stuff should probably be disabled in a sandbox too 
> > if it isn't already (David Lewis, are you listening?).
> >
> 
> As long as UnixOSProcessPlugin.so is not in the search path, it would be
> safe, right? Should I add an explicit check for the "secure" setting?
> 

There should be some kind of check.  The system is intended so that
running with "-secure" gives you a secure VM.

Best would be a list of *allowed* plugins and descriptors, incidentally,
instead of a rejection list....


-Lex