[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hack Java




]Both of you are correct if you look carefully at the assumptions.  Rich 
]assumes that you have a 'malicious compiler'.  Godmar is right that Java 
]does not utilize pointers in the byte code.  What would make the entire 
]scenario work is a malicious interpreter or a 'NotJava Browser'(TM) that 
]allowed malicious code to be executed.  Couple a bad compiler and a bad 
]interpreter and you are in buisness (nasty business that is).

Yes. And if you also let an intruder in your house, have them sit at
your computer with your newborn child in the room and go on vacation,
things can get really, really nasty.

Sort of like when you execute untrusted code in an untrusted
environment...

-- Benjamin
   Java Products Group