Software Design (CSC-223 97F)
Java Security
Original version by Tony Stubblebine and Omar Ghaffar. Some
slight modifications by Samuel A. Rebelsky.
- A java program should not be allowed to:
- Damage hardware, software, or information on the host machine.
- Pass unauthorized information to anyone.
- Cause the host machine to become unusable through resource depletion.
Java provides security:
- through Openness
- through being well-defined
- through lack of pointer arithmetic
- through garbage collection
- through strict Compile-Time Checking
- A Class Loader loads applet code, enforcing a
seperate name space for trusted and untrusted code
- A Verifier ensures that code follows Java language
specification, follows name space restrictions, contains no illegal
memory management, and contains no illegal typecasts.
- A Security Manager decides what actions an applet is
allowed to make
Actions controlled by the Security Manager
Untrusted applets are not allowed to:
- Read, write, get information about or delete files on any system other
than the applet's home system.
- Execute operating system commands or native code on any system other
than the applet's home system, or load a library.
- Establish network connections to any computer other than the applet's
home system.
Run as a
trusted applet on the HotJava browser
This vulnerability is present in the Netscape Navigator 2.0 Java implementation
and in Release 1.0 of the Java Developer's Kit from Sun Microsystems, Inc.
These implementations do not correctly implement the policy that an applet
may connect only to the host from which the applet was loaded. Read
CERT advisory
Topic: Weaknesses in Java Bytecode Verifier Read
CERT Advisory
- Security Modeling
- New Security Facilities
- Signed JAR files
- Flexable Policies
- Auditing
- Encription
[News]
[Basics]
[Syllabus]
[Outlines]
[Assignments]
[Studies]
[Examples]
[Readings]
[Projects]
[API]
Disclaimer Often, these pages were created "on the fly" with little, if any, proofreading. Any or all of the information on the pages may be incorrect. Please contact me if you notice errors.
Source text written by Samuel A. Rebelsky.
Source text last modified Tue Sep 30 07:55:23 1997.
This page generated on Fri Oct 17 09:04:48 1997 by SamR's Site Suite.
Contact our webmaster at rebelsky@math.grin.edu