undefined | Better HN

0 pointsWatchDog5y ago0 comments

Javas security manager system, is usually not in effect for the majority of use cases. While maven/grade dependencies, can't run code on installation, generally once the application is ran/tested, it will be with full user permissions, not under a security manager.

The security manager is an additional layer of security that most languages don't have, however Java applets have shown it to be full of holes and generally unsuitable for running untrusted code.

The applet security posture has contributed a great deal towards negative opinion towards the language, probably would have been better off never having existed.

0 comments

mike_hearn5y ago

There have been hundreds, maybe thousands of local privilege escalation vulnerabilities on Linux. People still find bugs in basic programs like sudo that have been there for decades. Still, nobody would ever suggest that Linux should have the same security approach as Windows 95 or that it's generally unsuitable for running code you didn't write!

Sandboxing code is hard, regardless of what language, runtime or operating system approach you use.

j / k navigate · click thread line to collapse

0 pointsWatchDog5y ago0 comments

The security manager is an additional layer of security that most languages don't have, however Java applets have shown it to be full of holes and generally unsuitable for running untrusted code.

The applet security posture has contributed a great deal towards negative opinion towards the language, probably would have been better off never having existed.

0 comments

mike_hearn5y ago

Sandboxing code is hard, regardless of what language, runtime or operating system approach you use.

j / k navigate · click thread line to collapse