Re: Debian two-factor auth, GSoC?
Steve Langasek <firstname.lastname@example.org> writes:
> On Thu, Apr 11, 2013 at 11:49:35PM -0700, Russ Allbery wrote:
>> Thomas Goirand <email@example.com> writes:
>>> On 04/12/2013 03:25 AM, Tollef Fog Heen wrote:
>>>> The Yubikey neo can run the java applet thingies, it seems, so it can
>>>> act as a GPG token too.
>>> Please, please, please ... no java!!! That's a security nightmare. I
>>> think we'd be less safe with than without it.
>> You do realize that most of the Java vulnerabilities are
>> vulnerabilities in the sandboxing model and therefore are only
>> particularly interesting when you're downloading random untrustsed Java
>> programs from the Internet and running them in the sandbox in your web
>> browser, right?
>> Those aren't flaws in the *language*.
> They aren't, but the security model for managing java applets in your
> browser is effectively a boolean: "yes, I want to allow java applets in
> my browser", vs. "no, the Internet is dark and full of terrors, keep
> that off my system".
> There may be third-party plugins that allow you to manage your browser's
> policy in a more fine-grained manner, but unless those are shipped in
> Debian and we want to make enabling them an explicit part of the
> instructions for use of this proposed system (... or implicit, by making
> such a tool a dependency of the Java plugin package itself!), I think
> it's a very bad idea for Debian to get entangled with any such
Yes, but as mentioned, that doesn't have anything to do with this. Java
Card applets don't have anything to do with web browsers.
One is obviously very, very careful about identifying the source and
integrity of software before one installs it on one's smart card and
generally only runs one Java Card applet at a time, which makes the issues
with browser-based applets moot.
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>