Web start sandboxing and security
Fernando Cassia
fcassia at gmail.com
Sat Dec 7 09:19:22 PST 2013
On Sat, Dec 7, 2013 at 1:25 PM, Jacob Wisor <gitne at gmx.de> wrote:
> What I have always dreamed of for Java apps and applets is something similar
> like Android does.
I repeat: why should Java (desktop) apps have something different than
native (C/C++) apps on the system?
That only perpetuates the nonsense that Java apps are inherently less
secure than the arbitrary binary (.exe) downloaded from download.com
and run by thousands of users daily.
A desktop app is a desktop app, period. The dialog asks if you want to
run it and warns of the dangers. Much like some browsers warn you if
you download a exe and before you run it.
Adding additional layers of complexity only devaluates the value of
the JVM ecosystem by inserting FUD into the equation.
The app runs like any other desktop app, with the privileges and
access given by the user to desktop apps, period. It shouldn't be any
other way. On a properly configured system, a desktop app run by an
user doesn't equally mean it's got administrator access, because a
user account is not the administrator account.
FC
--
During times of Universal Deceit, telling the truth becomes a revolutionary act
Durante épocas de Engaño Universal, decir la verdad se convierte en un
Acto Revolucionario
- George Orwell
More information about the distro-pkg-dev
mailing list