Re: State of 64bit desktop
-------------- Original message ----------------------
From: "Todd A. Jacobs" <nospam@codegnome.org>
> On Sat, Aug 23, 2008 at 03:09:23AM +0900, Osamu Aoki wrote:
>
> > For Java, icedtea-gcjwebplugin is in main. (Sun Java is not packaged
> > but this free one is pretty good)
>
> The last time I checked, gcjwebplugin kept carping about being insecure
> and sandboxing being incomplete. Is this really any more secure than the
> gcjwebplugin itself?
>
> I don't really mind running semi-functional software, but I *do* mind
> running insecure software.
This was true, dealt with in IceTea according to this:
http://fedoraproject.org/wiki/Interviews/ThomasFitzsimmons
Quote:
What can end-users expect to experience?
The big problem with deploying gcjwebplugin in the past has been GNU Classpath's lack of a security framework. The OpenJDK class library, on the other hand, has a complete robust security framework capable of safely running untrusted applets. Just by virtue of gcjwebplugin using IcedTea's appletviewer, instead of GNU Classpath's, it now supports safely running untrusted applets, and so we've enabled it by default for Fedora 8. The result is that most applets will run perfectly out-of-the-box, on a default Fedora 8 install on x86 *or x86_64*.
: End Quote
So from the standpoint of running applets on your computer, the security
seems to be there.
As for connecting to a bank or other place that uses a signed applet that
needs to be authenticated or requires a secure connection, there still seems
to be stuff missing. But that just means it will fail, it's not something that will
compromise your security.
Later, Seeker
Reply to: