Web start sandboxing and security
Andy Lutomirski
luto at amacapital.net
Wed Dec 4 09:18:47 PST 2013
On Wed, Dec 4, 2013 at 2:37 AM, helpcrypto helpcrypto
<helpcrypto at gmail.com> wrote:
> Hi
>
> I dont know if the same rules apply to Java Applets.
*exactly*
The dialog is so uninformative that even technically inclined users can't tell.
> In our case we use a crypto applet to sign documents using user
> certificates.
>
> Said so, i think providing user "less options" is sometimes better/easier
> for them. A "yes/no" dialog is much simpler than a multiple selection
> option.
A checkbox for advanced settings could do the trick, too. Please
don't go down the Apple/GNOME/whatever route of removing options just
because they could confuse some users. Streamlining interfaces =
good. Preventing usecases = bad.
> Anyhow, I understand your concerns, and considering Google is "switching
> off" Java (Chrome is a big part of browsers market share), i suggest you
> "moving out" from Java Applets/JNLP. ;)
>
> Considering unsigned apps are run on a sandbox (without risks for the user),
> and signed are "dangerous", probably showing the user the application
> required permissions (by the permissions attribute on the manifest) will be
> ok, but we (as many pthers) will just put "all-permissions", so at the end,
> it will be the same.
I work in finance, and there are lots of IT departments that are kind
of paranoid involved, so actually acknowledging the risks may cause
something to change.
That being said, I have no idea whether SWT is likely to work inside
the sandbox, and a lot of people seem to use SWT, so this may be
tricky. (Maybe SWT would do whatever they need to do to fix it...)
--Andy
>
> BTW: Do end-users really read? xD
Yes. :) I know lots of people who refuse to run a whole variety of
Android apps because they ask for silly permissions. The reviews on
the Play store bear this out.
--Andy
More information about the distro-pkg-dev
mailing list