Mobile Code

• ActiveX - General Problems

  • ActiveX is machine native code and does not run under any restrictions on the client machine. The code does not even necessarily need to draw anything on the screen; it can simply download and perform arbitrary actions on the client machine without necessarily being detected.
  • The code has no limits on what it can do when it executes. There is no sandbox, no limits on network connections, or file access.
    • NT could enforce some restrictions on where a user writes, but by default the permissions are almost completely open.

Previous slide

Next slide

Back to first slide

View graphic version