[prev in list] [next in list] [prev in thread] [next in thread]
List: firewalls-gc
Subject: Re: firewalls & java applets...the race is on!
From: "Billy Verreynne" <vslabs () onwe ! co ! za>
Date: 1997-09-10 10:50:53
[Download RAW message or body]
> Darren Reed <avalon@coombs.anu.edu.au> wrote:
> I received this from someone else...
>
> LEARN TO SNEAK YOUR JAVA APPLETS BEHIND FIREWALLS
<snip>
Interesting bug in Java implementation. A java applet in your browser
should not be able to access another web server than the one it originated
from - however, as all web ip go thru the firewall they're all seem to the
Java security manager (in both Netscape 3 and IE I think) to originate from
the same web site.
There's not much wrong with the security model of Java, but the
implementation (especially with technology that keeps changing) is not that
easy - and not standard. And of course the question is how well can you
trust "foreign" code from a web server on the net - sandbox or no
sandbox... My experience is that you get good programmers or bad
programmers with little or no shades of gray in between. <grin>
Maybe the time will come when firewalls "inspect" java byte code too?
regards,
Billy
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic