Calling other code in Java applications and applets
Martin Minow
minow at apple.com
Sat May 4 15:27:01 PDT 1996
Marianne Mueller (mrm at netcom.com) writes that
>
>people need to be aware up front
>that calling native code from a Java applet disables
>any security that might otherwise be enforced for the applet.
>
Would it be more accurate to state that native code called by a
Java applet disables Java virtual machine security, but is still
bound by security policies enforced by the operating system itself?
It would be most unfortunate if a browser run by an unprivileged
user could attain "root" privileges by running a Java applet that
called an appropriate (or inappropriate) native method.
Of course, on inherently unprotected systems (PC's), there is
indeed no protection. Perhaps Java will cause vendors to improve
overall operating system robustness.
Martin Minow
minow at apple.com
More information about the cypherpunks-legacy
mailing list