[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

(fwd) Re: Java

>>> Does this mean that a program written in java can not do file i/o?
>>> Otherwise, how could the VM know that it was doing "harm" as opposed to
>>> some necessary file manipulation?
>Java programs are not permitted general file i/o; there are complex
>mechanisms to permit them to use temporary files.
>Note that netscape also provides "JavaScript", which is
>	1) not java
>	2) not disabled when you turn off java
>	3) known to be able to "steal" files, though not (yet) write
>to them...
>(according to information posted on one of the Privacy mailinglists,
>though web pages with examples of the latter were referenced, so an
>altavista search would probably give you more info.)

Has anyone conducted a full security audit on Java?  At any rate,
before I use Java, I will be creating a separate account. Better safe
than sorry!

Christopher J. Fearnley            |    UNIX SIG Leader at PACS
cjf@netaxs.com                     |    (Philadelphia Area Computer Society)
http://www.netaxs.com/~cjf         |    Design Science Revolutionary
ftp://ftp.netaxs.com/people/cjf    |    Explorer in Universe
"Dare to be Naive" -- Bucky Fuller |    Linux Advocate

Reply to: