Firewalls: Re: Any Java experience?

Firewalls
(August 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Any Java experience?
From:	Bob Snyder <rsnyder @ janet . advsys . com>
Date:	Sat, 26 Aug 1995 21:27:10 -0400
To:	jet @ abulafia . genmagic . com (J. Eric Townsend)
Cc:	firewalls @ GreatCircle . COM
In-reply-to:	Your message of "Sat, 26 Aug 1995 12:48:39 PDT." <9508261948 . AA18327 @ abulafia . genmagic . com>

jet @
 abulafia .
 genmagic .
 com said:
> "rsnyder" == Bob Snyder <rsnyder @
 janet .
 advsys .
 com> writes: rsnyder> 
> If the user has rsnyder> /etc in his read permission path, it could 
> grab the password rsnyder> file and send it out though any number of 
> means.

> Many of our users have /etc (and /usr/etc) in their paths, for 
> various silly reasons.  (like wanting ping(1) in their path.)

> It's not uncommon. 

I'm sorry, I didn't make myself clear.  Hotjava has (this is from memory, 
Hotjava won't compile on my home system yet) environmental variables it uses 
like JAVA_READ_PATH and JAVA_WRITE_PATH that specify where applets can read 
and write to.

The defaults for these are a bit more open then I would prefer, but it is 
controllable, and I don't believe it includes any system dirs by default.  
(Again, from memory.)

Bob

References:

Re: Any Java experience?
From: jet @ abulafia . genmagic . com (J. Eric Townsend)

Indexed By Date	Previous:	Identd through a firewall From: weller @ szabo-3 . esxf . uwindsor . ca (Mike Weller)
Indexed By Date	Next:	Re: Any Java experience? From: ajack @ corp . micrognosis . com (Adam Jack)
Indexed By Thread	Previous:	Re: Any Java experience? From: jet @ abulafia . genmagic . com (J. Eric Townsend)
Indexed By Thread	Next:	Re: Any Java experience? From: ajack @ corp . micrognosis . com (Adam Jack)