ReactOS Forum

nt

Hrmmm... Reactivex.... sounds nice
I think the answer to your question is: ros activex will be as close to win activex as possible without undermining security, copyrights, and the fact that this is an open source os.
I think that's basically true for every component of ros, and ros components (media, file systems, etc...) have been the issue of heated debate in the forums for some time now

AcetoliNe wrote:I think the answer to your question is: ros activex will be as close to win activex as possible without undermining security

I'm not certain if it's possible to undermine MS ActiveX's security.

Please, no active x, I don't want spyware.

Then there'll be many programs that won't run on ReactOS.
ActiveX in a webbrowser is a bad idea, I agree. But otherwise it's a nice technology that isn't more insecure than other technologies.

TiKu wrote:Then there'll be many programs that won't run on ReactOS.
ActiveX in a webbrowser is a bad idea, I agree. But otherwise it's a nice technology that isn't more insecure than other technologies.

I think it could be nice to can switch off Active-X (ReactOS-X) if you like. Or it is posssible to can permit special application to use Active-X (ReactOS-X).

Maybe a sandbox environment could be setup for ReactiveX (like Java)?

Maybe on the install screen it has a big warning of doom if you wish to enable ReactiveX (warning about how it will rape your computer). Also maybe take a lesson from the Mozilla people and only allow white-listed sites to even run an ActiveX application?

I think ReactX sounds better (maybee we can name a DirectX-Clone so)

ActiveX is a technique which is used by many programs. Many applications uses it. Many applications uses wsck32.ocx, many others comdlg32... The security problem is because MS does execute ActiveX in every explorer window, InternetExplorer and all other things... If we don't have the M$Explorer, the IE and no IIS there are no security problems...

The reason why windows is so insecure is because of ActiveX
Do we want to do the same? I THINK NOT!!

React_dude wrote:The reason why windows is so insecure is because of ActiveX

I didn't know there's one exact reason for those security problems. And I didn't expect that it's just fine to be logged in as admin as long as you don't use ActiveX. And I didn't expect buffer overflows are just fine if you don't use ActiveX. And I...
Sorry, but maybe you should think before clicking "Submit".

I dunno--- While being logged in as Admin by default is by far the fundement of nearly all problems with spyware being able to do what it does once it installs itself--- One of the major ways that it actually GETS there, is through faulty ActiveX controls that IE allows to be installed. This is why switching to firefox dramatically reduces spyware, because it says "Hell No!" to active X controls.


However, certain native ActiveX controls are used heavily (a bad practice IMO) by various win32 utilities and clients.... making support for them in an OS that has to support such software into a mandatory element... This doesnt mean that we cannot institute better restrictions on "non-User-Sanctioned" ActiveX controls being installed via automated web scripts. Any default browser solution we bundle ROS with (because it will need one) should consider such automatic installation and invocation of unknown activeX controls as being malicious by default. IE doesnt do that.

Wierd_w wrote:I dunno--- While being logged in as Admin by default is by far the fundement of nearly all problems with spyware being able to do what it does once it installs itself--- One of the major ways that it actually GETS there, is through faulty ActiveX controls that IE allows to be installed.

That's why I wrote "ActiveX in a webbrowser is a bad idea".
I just don't agree if people say ActiveX on the whole is a bad idea.