Marking a Python COM server safe for Internet Explorer

Steve Holden sholden at holdenweb.com
Fri Jul 6 20:47:11 EDT 2001 

"Bill Bell" <bill-bell at bill-bell.hamilton.on.ca> wrote in message
news:mailman.994455192.30495.python-list at python.org...
>
> "Steve Holden" <sholden at holdenweb.com> wrote:
> > "Bill Bell" <bill-bell at bill-bell.hamilton.on.ca> wrote in ...
> > >
> > > As a kind of default, Internet Explorer will ask the user's
> > > permission before instantiating an ActiveX control. However, one can
> > > implement IObjectSafety to inform IE that one's control is safe,
> > > thus sparing the user the need to respond to the dialog box.
> > >
> > I must have misunderstood. Are you telling me that IE has a security
> > system to detect potentially unsafe downloaded content, but that it
> > won't use this system if the downloaded content tells it there's no
> > need?
> >
> > How very Microsoft. I must have missed something.
>
> Steve,
>
> This may not be as bad as it might have sounded. In order for IE to
> successfully query for IObjectSafety the ActiveX has to have been
> registered, right? And it couldn't be registered until it had been
> downloaded. And that couldn't happen unless the user agreed--
> assuming that his/her IE is properly secured.
>
> Do I discern perhaps that your trust in, and admiration for, MS
> products are bounded?
>
Good heavens, whatever gave you that impression. If the rest of the worl did
as fine a job as Microsoft does then we'd be ... up shit creek without a
paddle, I guess.

Seriously, I think there is value in much of what Microsoft has done, but
they have on occasion really pissed me off. For example, the long period
during which they refused to admit that any security problems existed in
their product. The lying about the differences between NT Server and
Workstation, until O'Reilly clearly demonstrated that WS would operate as
Server (and even had a special thread to reverse registry changes designed
to make it do so). not to mention their "let's start introducing propruetary
features into standard protocols to defeat the open Source world"
[Halloween].

Because they are the largest software company in the world, by the nature of
things they come in for a bashing now and then. I hand out my share, mostly
in fun, but sometimes with a real point.

In this case, as you and another poster have pointed out, it was my
misunderstanding. Thanks for the enlightenment.

but-i'll-never-click-the-trust-all-downloads-from-redmond-box-ly y'rs  -
steve
--
http://www.holdenweb.com/

More information about the Python-list mailing list