[icedtea-web] Idea - do not start ITW applets automatically
Jiri Vanek
jvanek at redhat.com
Wed Jan 23 04:55:40 PST 2013
On 01/23/2013 12:32 PM, helpcrypto helpcrypto wrote:
>> Main-class sounds reasonable -- except that technically speaking it would
>> allow someone to run a completely different applet (on the same page)
>> without the warning. I don't suppose it's a big deal though, because the
>> same person could have bundled whatever code into the main applet.
>
> Sorry, but Im starting to retract.
> AFAICanThink unsigned applets could be hijacked in any way we check if
> the site is cracked. I (cracker) can upload the same
> classname+jars+etc, and end-user will be exposed, so maybe we should
> check it another way.
> Signed applets could be trusted based on signer, but im starting to
> think the "unique key" is not a bad idea for unsigned ones...
>
> Maybe its a dumb question but here it goes:
> What can be done/dangerous running an unsigned applet?
> I think unsigned applets should not be able to run *anything*
> dangerous enough, so maybe this is a fake discussion.
Well I just wish this is true....
But nope - all the attacks through applets are via unsigned ones by bypassing the sandbox.
That why this feature have to be implemented.
>
> Our signed applets does a lot of this, but thats what signed are for!
More information about the distro-pkg-dev
mailing list