raw socket access has existed for years in OS/2 w/ rexx and the internal security model is in some ways even weaker than Windows (warp is still a single user system, though we hope to do something with that in the near future). We haven't had huge problems... because that's not really the central issue. The central issue is not raw socket access; the real issue is that one can beat win32 into submission a lot easier because of amateur coding stupidities like buffer overruns.

As Pete said... look at (slammer, code red, nimda, virus du jour)... no raw socket access required to do nasy things.

Fortunately for us, some years back IBM put in the underlying architecture to build a completely secure system (it's called SES; Security Enabling Services) which will allow us to build a solid multiuser version of the system... the problem is they never followed up with the requisite system infrastructure.

--\n-------------------------------------------------------------------\n* Jack Troughton                            jake at consultron.ca *\n* [link|http://consultron.ca|http://consultron.ca]                   [link|irc://irc.ecomstation.ca|irc://irc.ecomstation.ca] *\n* Kingston Ontario Canada               [link|news://news.consultron.ca|news://news.consultron.ca] *\n-------------------------------------------------------------------