|
Applet bytecodes are downloaded by HotJava and executed on client machines. Security is therefore of crucial importance in the Java/HotJava model.
|
|
The system implements several security measures listed below.
|
|
C++ subset selected as a base model for Java does not contain explicit pointers, pointer arithmetic and uncontrolled automatic type coercion. This eliminates most viruses which are based on access to private memory areas on the client machine.
|
There is also a multi-level runtime security system, including the following elements:
-
A verifier that reads bytecode stream before it is passed to the interpreter and detects suspicious or dangerous constructs
-
Class loader assures that client code is not in conflict with the system class namespace and does not perform any malicious overloading of the system classes
-
Finally, additional protection layer is activated to check file system and network access operations.
|
