Security Concerns for Applets (Untrusted Code)
One aspect of Java security is language restrictions designed not to let a Java applet or application access memory on the machine outside of its own space.
Applets have additional restrictions:
- they can never run a local executable program;
- they cannot communicate with any host other than the server from which they were downloaded (the originating host);
- they cannot read or write to the local computer's file system, except through the browser mechanism;
- they cannot find out information about the local computer (see table on next slide for details).
As of summer 1997 no known applets have seriously broken security to steal client information or trash the local disk. Exceptions:
- applets have been written to use up arbitrary amounts of client cpu.
- applets with native code can trash the local disk. So far, native code is disallowed on publicly released browsers.