Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #21465

Re: U.S. warns on Java software as security concerns escalate

Path csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!eternal-september.org!feeder.eternal-september.org!mx04.eternal-september.org!.POSTED!not-for-mail
From Joshua Cranmer <Pidgeot18@verizon.invalid>
Newsgroups comp.lang.java.programmer
Subject Re: U.S. warns on Java software as security concerns escalate
Date Wed, 16 Jan 2013 21:55:35 -0600
Organization A noiseless patient Spider
Lines 14
Message-ID <kd7sns$bjl$1@dont-email.me> (permalink)
References <kcrlqe$noj$1@speranza.aioe.org> <kd2lhe$roc$1@speranza.aioe.org> <bflbf8hjjkajgd7opk4vn167dsmtst6m1e@4ax.com> <kd7hn0$jls$1@speranza.aioe.org>
Mime-Version 1.0
Content-Type text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding 7bit
Injection-Date Thu, 17 Jan 2013 03:55:41 +0000 (UTC)
Injection-Info mx04.eternal-september.org; posting-host="5a9707252ba5efb9bece56d1f4656a90"; logging-data="11893"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX19iyBYnkx0A2kber19xStPVvFAc18U+cgU="
User-Agent Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130107 Thunderbird/17.0.2
In-Reply-To <kd7hn0$jls$1@speranza.aioe.org>
Cancel-Lock sha1:jEY4PB5c0UX9mTBPddB7IPB9NVs=
Xref csiph.com comp.lang.java.programmer:21465

Show key headers only | View raw

On 1/16/2013 6:47 PM, Rajiv Gupta wrote:
> Contrast this with the sandboxing model the CLR uses, where access
> grants can only originate from outside of the VM -- it is impossible, by
> design, for managed code to enable grants that the VM itself was not
> externally configured to provide.

You clearly do not understand the Java security management policy. It is 
very much possible to request JVMs to lock down the policy in such a way 
that the JVM cannot grant itself access. But why let facts get in the 
way of attacking Java?

-- 
Beware of bugs in the above code; I have only proved it correct, not 
tried it. -- Donald E. Knuth

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Next in thread | Find similar | Unroll thread

Thread

U.S. warns on Java software as security concerns escalate emf <emfril@gmail.com> - 2013-01-12 07:48 -0500
  Re: U.S. warns on Java software as security concerns escalate Arne Vajhøj <arne@vajhoej.dk> - 2013-01-12 09:05 -0500
    Re: U.S. warns on Java software as security concerns escalate RVic <rvince99@hotmail.com> - 2013-01-12 08:00 -0800
      Re: U.S. warns on Java software as security concerns escalate Arne Vajhøj <arne@vajhoej.dk> - 2013-01-12 11:23 -0500
  Re: U.S. warns on Java software as security concerns escalate Peter Duniho <NpOeStPeAdM@NnOwSlPiAnMk.com> - 2013-01-12 10:28 -0800
  Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-12 10:38 -0800
    Re: U.S. warns on Java software as security concerns escalate Arne Vajhøj <arne@vajhoej.dk> - 2013-01-12 13:41 -0500
  Re: U.S. warns on Java software as security concerns escalate "Hiram Hunt" <hiramhunt@verizon.net> - 2013-01-13 15:41 -0500
  Re: U.S. warns on Java software as security concerns escalate Rajiv Gupta <rajiv@invalid.com> - 2013-01-15 15:22 +1100
    Re: U.S. warns on Java software as security concerns escalate Lew <lewbloch@gmail.com> - 2013-01-15 07:31 -0800
    Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-15 14:23 -0800
      Re: U.S. warns on Java software as security concerns escalate Arne Vajhøj <arne@vajhoej.dk> - 2013-01-15 21:10 -0500
      Re: U.S. warns on Java software as security concerns escalate Rajiv Gupta <rajiv@invalid.com> - 2013-01-17 11:47 +1100
        Re: U.S. warns on Java software as security concerns escalate Lew <lewbloch@gmail.com> - 2013-01-16 17:01 -0800
          Re: U.S. warns on Java software as security concerns escalate Rajiv Gupta <rajiv@invalid.com> - 2013-01-17 14:50 +1100
            Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-17 14:31 -0800
        Re: U.S. warns on Java software as security concerns escalate Joshua Cranmer <Pidgeot18@verizon.invalid> - 2013-01-16 21:55 -0600
        Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-17 14:57 -0800
      Re: U.S. warns on Java software as security concerns escalate Jim Janney <jjanney@shell.xmission.com> - 2013-01-17 12:36 -0700
        Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-17 14:33 -0800
        Re: U.S. warns on Java software as security concerns escalate Arne Vajhøj <arne@vajhoej.dk> - 2013-01-17 18:14 -0500
        Re: U.S. warns on Java software as security concerns escalate Arne Vajhøj <arne@vajhoej.dk> - 2013-01-17 18:16 -0500
  Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-15 00:23 -0800
    Re: U.S. warns on Java software as security concerns escalate Patricia Shanahan <pats@acm.org> - 2013-01-15 06:47 -0800
      Re: U.S. warns on Java software as security concerns escalate Roedy Green <see_website@mindprod.com.invalid> - 2013-01-15 14:34 -0800

csiph-web