[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: java security concerns

Ray Cromwell writes:
>    I agree, however I would point out that not all postscript interpreters
> are emasculated (especially those on unix systems like IRIX, they contain
> all kinds of calls to fork(), read()/open(), etc).

Many postscript interpreters are a serious security threat. However, I
found it fairly easy to chop enough of the code out for the one I run
that I feel safe with it -- the exercise wasn't that hard.

> Nothing in the Java spec tells you that you must call fork() in a
> Java interpreter implementation. In fact, Java has nothing to do
> with the GUI calls, the network calls, etc. You can support as much
> or as little system I/O in a Java implementation as you want.

Yes, but in practice, to support the given applets that Netscape will
be browsing you have to open the kimono a bit too much overall. With
sufficient emasculation, I believe Java could be made safe, but then
it wouldn't be the Java that Sun and Netscape are pushing any more.