Firewalls: RE: JAVA

Firewalls
(March 1996)

Indexed By Thread: [Previous] [Next]

Subject:	RE: JAVA
From:	Russ <Russ . Cooper @ RC . Toronto . on . ca>
Date:	Thu, 28 Mar 1996 11:28:50 -0500
To:	"'Bill Van Emburg'" <bve @ vidnoe . yourtown . com>
Cc:	"'Firewalls'" <firewalls @ GreatCircle . COM>

Sun has put a page up about the bug at;

http://java.sun.com/sfaq/960327.html

Here's a partial quote...

"In normal use of the JDK to develop Java applets and applications this 
problem does not arise. Developers can safely use the appletviewer as a way 
to view and test their own applets. They are warned, however, not to use 
the appletviewer to view potentially hostile, unknown applets."

Gee, I wonder how we determine what is "potentially hostile"??

Oh, and this one...

"The problem is with a bug in the implementation of the security model, not 
with the model itself"

which, roughly translated into terms I more easily understand, means the 
problem is with how the security policy is implemented, not the security 
policy itself. As we all know, the security policy is never to blame for a 
break-in, its always a violation of the security policy that causes the 
problem, which is why we never have to change our security policies to 
accommodate break-ins, right???

Cheers,
Russ

Indexed By Date	Previous:	Re: virus scanning for Internet From: Scott Barman <scott @ di2 . disclosure . com>
Indexed By Date	Next:	The dangers of user-friendly software and high-speed communications. From: peter @ nmti . com (Peter da Silva)
Indexed By Thread	Previous:	RE: JAVA From: Michael Dillon <michael @ memra . com>
Indexed By Thread	Next:	RE: JAVA From: Russ <Russ . Cooper @ RC . Toronto . on . ca>