>That's using your definition of acceptable, but it may not meet the definition of others. Fact is, I know of companies that have turned of WSH on their desktops.
>
>>
>>I understand that, Hilmar, and completely disagree with the need and the reasons to turn off WSH. I never heard of anyone even suggesting not to use IIS, or SQL Server, both present a worst security risk than WSH. Oh! and what about ASP.NET? How many times did you hear that it should not be used for it present a serious security risk? Yeah, me neither, the risk is "acceptable" in this case.
I think You did not understand me, probably my bad english. I did not mean to say that WSH presented an acceptable risk, I said that for many people that said that WSH should be turned off to be security concious, they say nothing about IE, ASP.NET, SQL Server or IIS (for which we should infer that the risk of using them is acceptable), too mention just a few of the most popular programs/services/applications that are much more risky than WSH. Furthermore, WSH risks can be reduced to nothing (well, we can never say nothing) even without disabling it.
"The five senses obstruct or deform the apprehension of reality."
Jorge L. Borges?
"Premature optimization is the root of all evil in programming."
Donald Knuth, repeating C. A. R. Hoare
"To die for a religion is easier than to live it absolutely"
Jorge L. Borges