Web start sandboxing and security
Fernando Cassia
fcassia at gmail.com
Sat Nov 30 17:24:21 PST 2013
On Fri, Oct 18, 2013 at 3:14 PM, Andy Lutomirski <luto at amacapital.net>wrote:
> Even if the app is signed, there should still be a way to run it in
> the sandbox. I've yet to encounter a JNLP app in the wild that has
> any legitimate reason to do anything other than access the internet,
> create some temporary files, and occasionally use the file picker.
> Let me run it in the sandbox, please.
>
This is a stupid statement. IE I use muCommander all the time.
http://www.mucommander.com/
or JShot, to take screenshots
http://jshot.info/
Both need full access to the filesystem in order to function and perform
its chores.
It seems to me that you're confusing what a desktop application is, vs what
an applet is. A Java Web Start app is a DESKTOP APPLICATION, and as such it
must have the same access as any other desktop application.
FC
--
During times of Universal Deceit, telling the truth becomes a revolutionary
act
Durante épocas de Engaño Universal, decir la verdad se convierte en un Acto
Revolucionario
- George Orwell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20131130/15bbf4c5/attachment.html
More information about the distro-pkg-dev
mailing list