Basic HTML version of Foils prepared Sept 21 1998

Foil 43 Security Concerns for Applets (Untrusted Code)

From Java Tutorial 98- 4: Multi-Treading, Useful Java Classes, I/O and Networking NAVO Tutorial -- Sept 23 1998. by Geoffrey C. Fox, Nancy McCracken
1 One aspect of Java security is language restrictions designed not to let a Java applet or application access memory on the machine outside of its own space.
2 Applets have additional restrictions:
  • they can never run a local executable program;
  • they cannot communicate with any host other than the server from which they were downloaded (the originating host);
  • they cannot read or write to the local computer's file system, except through the browser mechanism;
  • they cannot find out information about the local computer (see table on next slide for details).
3 As of summer 1997 no known applets have seriously broken security to steal client information or trash the local disk. Exceptions:
  • applets have been written to use up arbitrary amounts of client cpu.
  • applets with native code can trash the local disk. So far, native code is disallowed on publicly released browsers.
in Table To:

© Northeast Parallel Architectures Center, Syracuse University, npac@npac.syr.edu

If you have any comments about this server, send e-mail to webmaster@npac.syr.edu.

Page produced by wwwfoil on Sat Nov 28 1998