Web start sandboxing and security

Andy Lutomirski luto at amacapital.net
Sat Nov 30 17:48:16 PST 2013 

On Nov 30, 2013 5:24 PM, "Fernando Cassia" <fcassia at gmail.com> wrote:
>
>
> On Fri, Oct 18, 2013 at 3:14 PM, Andy Lutomirski <luto at amacapital.net>
wrote:
>>
>> Even if the app is signed, there should still be a way to run it in
>> the sandbox.  I've yet to encounter a JNLP app in the wild that has
>> any legitimate reason to do anything other than access the internet,
>> create some temporary files, and occasionally use the file picker.
>> Let me run it in the sandbox, please.
>
>
> This is a stupid statement.  IE I use muCommander all the time.
>
> http://www.mucommander.com/
>
> or JShot, to take screenshots
> http://jshot.info/
>
> Both need full access to the filesystem in order to function and perform
its chores.
>
> It seems to me that you're confusing what a desktop application is, vs
what an applet is. A Java Web Start app is a DESKTOP APPLICATION, and as
such it must have the same access as any other desktop application.
>

Huh?  Some of these "desktop" applications need full access; some don't.
Meanwhile, it's actually safer to run an unsigned web start app than a
signed one, and the prompt makes ActiveX look good.

If there was actually a choice to run web start apps sandboxed, then maybe
vendors would write more apps that would work in a sandbox.

I had to search somewhat extensively to figure out what "trusting" a vendor
means.  This kind of design was short-sighted in the 90s, and IMO it's a
dangerous embarrassment nowadays.

--Andy

P.S. I understand why a screenshot app needs privilege to take screenshots,
but why does it need full filesystem access?  There are sandboxed file
access APIs for exactly this reason.

> FC
>
>
> --
> During times of Universal Deceit, telling the truth becomes a
revolutionary act
> Durante épocas de Engaño Universal, decir la verdad se convierte en un
Acto Revolucionario
> - George Orwell
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20131130/b5267724/attachment.html

More information about the distro-pkg-dev mailing list