Web start sandboxing and security

Jacob Wisor gitne at gmx.de
Sat Dec 7 10:23:04 PST 2013 

Fernando Cassia schrieb:
> On Sat, Dec 7, 2013 at 1:25 PM, Jacob Wisor <gitne at gmx.de> wrote:
>> What I have always dreamed of for Java apps and applets is something similar
>> like Android does.
> 
> I repeat: why should Java (desktop) apps have something different than
> native (C/C++) apps on the system?
> That only perpetuates the nonsense that Java apps are inherently less
> secure than the arbitrary binary (.exe) downloaded from download.com
> and run by thousands of users daily.

Please read carefully. I did not say that Java apps are less secure than native 
apps. In fact, I have always been and still am a strong advocate of Java. I am 
either not fond of the way Oracle has handled media spread irrational criticism 
(or rather gibberish) over Java plug-ins and applets being inherently insecure. 
It is even worse that Mozilla has jumped on this train of 
pseudo-it-journalist-lunatics - although one would mind they were the first to 
know better - too and even perpetuated this idiotic claim by hard-coding Java 
plug-ins to be blocked by FireFox.

> A desktop app is a desktop app, period. The dialog asks if you want to
> run it and warns of the dangers. Much like some browsers warn you if
> you download a exe and before you run it.
> 
> Adding additional layers of complexity only devaluates the value of
> the JVM ecosystem by inserting FUD into the equation.

I am not advocating for an additional layer of complexity, rather the opposite. 
This layer of complexity already exists. It's the Java permissions framework.
I would like to see the Java permissions framework to be easier to use, be more 
accessible and comprehensible to the average user. This would also make average 
users more aware of security risks and how to control those risks.

> The app runs like any other desktop app, with the privileges and
> access given by the user to desktop apps, period. It shouldn't be any
> other way.

And this is where you are wrong. Java does *always* check permissions even for 
desktop apps. The point is that by default JREs are configured to grant the 
AllPermissions permission to apps not being an applet or not being launched as 
an applet.

> On a properly configured system, a desktop app run by an
> user doesn't equally mean it's got administrator access, because a
> user account is not the administrator account.

Yes, and this is why devs should not scare users away with supposedly doom 
giving messages.

Jacob

More information about the distro-pkg-dev mailing list