Date: Wed, 4 Jun 1997 10:29:03 -0700
Message-Id: <199706041729.KAA28396@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: shelina@dstc.qut.edu.au
Subject: Re: JDK 1.1 security comments
Hi,
JDK 1.1 contains the digitial signature technology that will be built
upon by later releases of the JDK. The goal is to enable fine-grain
access control for signed code.
Early access for the JDK that includes support for fine-grain access
control will be in summer 1997.
As for implementation bugs, there is a lot of flurry and hype in the
media whenever anyone thinks they find a bug. And there is a lot of
hype about the potential of bugs. To my mind there is a large and
important distinction between an implementation bug that possibly
could somehow be used as the basis of an attack, and, an attack. Java
draws a lot of attention but I ask you to consider the technology on
its merits and its design and implementation, not on the basis of
media stories or on the basis of sensational marketing web pages! I
am not aware of *any* Java virus; I'm not aware of *any* Java attack
web pages out there that do anything other than make a serious
nuisance of themselves.
We continue to publish 100% of our source code, and we are very open
with our APIs and designs, on our web site. I think that style of
creating the security model is the way to go, and I don't see that
approach in other commercial systems.
As for protecting against so-called hostile applets, I would say there
is no system out there, including Java, that has a strong defense
against denial-of-service attacks. Denial of service is a very
difficult problem to prevent completely, and I simply don't think it
is solvable, and the interesting thing is, it's not really the problem
that most needs to be solved. If you think about it, most people want
their pages to be visited. If their pages have the effect of crashing
other machines, well, no one is going to visit their pages.
Our approach is to focus on enabling limited access control for known
entities. The entities can be known by being signed, or, by residing
in a particular codebase.
Marianne
p.s. Please refer to documentation on these sites
http://java.sun.com/security/
http://java.sun.com/sfaq/
http://jserv.javasoft.com/hypermail/java-security-archive/index.html