[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewalls-gc
Subject:    Re: firewalls & java applets...the race is on!
From:       "Billy Verreynne" <vslabs () onwe ! co ! za>
Date:       1997-09-10 10:50:53
[Download RAW message or body]

> Darren Reed <avalon@coombs.anu.edu.au> wrote:
> I received this from someone else...
> 
> LEARN TO SNEAK YOUR JAVA APPLETS BEHIND FIREWALLS
<snip>

Interesting bug in Java implementation. A java applet in your browser
should not be able to access another web server than the one it originated
from - however, as all web ip go thru the firewall they're all seem to the
Java security manager (in both Netscape 3 and IE I think) to originate from
the same web site.

There's not much wrong with the security model of Java, but the
implementation (especially with technology that keeps changing) is not that
easy - and not standard. And of course the question is how well can you
trust "foreign" code from a web server on the net - sandbox or no
sandbox... My experience is that you get good programmers or bad
programmers with little or no shades of gray in between. <grin>

Maybe the time will come when firewalls "inspect" java byte code too?

regards,
Billy

[prev in list] [next in list] [prev in thread] [next in thread]