Re: Java "security holes'

• To: chess@watson.ibm.com
• Subject: Re: Java "security holes'
• From: mrm@doppio.Eng.Sun.COM (Marianne Mueller)
• Date: Wed, 13 Mar 1996 09:02:07 -0800
• Cc: www-security@ns2.rutgers.edu
• In-Reply-To: <199603131424.JAA01789@ns2.rutgers.edu> (chess@watson.ibm.com)

   
  David Chess: 

  I think it would be *greatly* beneficial if someone in
  Java land were to put together a proposed security model,
  outlining all the security-relevant things in the system,
  make sure that there's some hope of getting it implemented
  if it turns out to be correct, and then let it circulate
  on the Net for comments.

That's roughly the plan!   

(except I don't think we'd claim it would outline "all" the
security-relevant things - that is a big claim - )

What's really needed is an implementor's guide about do's and don'ts,
for example, how to take advantage of Java to build secure
applications, and what to look out for.

Marianne

p.s. It's not elaborate, but to the extent the current applet security
policy is written down in English as opposed to in Java, that is
documented on http://java.sun.com/sfaq/

• Re: Java "security holes'
• From: "David M. Chess" <chess@watson.ibm.com>

• Previous: Re: Java "security holes'
• Next: Re: Java "security holes'
• Index(es):
  • Index
  • Thread