SSL & RMI

Michael Dykes - Sun Professional Services (Michael.Dykes@East)
Mon, 16 Jun 1997 12:37:07 -0400

Date: Mon, 16 Jun 1997 12:37:07 -0400
From: Michael.Dykes@East (Michael Dykes - Sun Professional Services)
Message-Id: <199706161637.MAA16071@amaterasu.East.Sun.COM>

Hello,
I am a member of SunPS peddling the Java paradigm to clients.
I had an interesting question today when discussin the Java
security model. Specifically, the question was "Isn't it a
possible security risk to allow the user to allow or disallow
certain privileges?"
Once, we talked it through, they were worried that there was
an assumption that the user was acquaintd with what is
"good" or "bad". They said many users in their enterprise
would allow any privilege requested by a Java applet, not out of
malice but out of ignorance.