Java 7 for Mac OSX

Richard Bair richard.bair at oracle.com
Wed Feb 22 10:20:39 PST 2012 

Agreed, I think the JDK team has been and continues to be very serious about it. I wonder what you mean by "server" apps though -- application servers and the like? Those typically require a full JDK anyway because they require a compiler, but in my descriptions about "app deploy" I'm really just talking about consumer applications deployed to desktops.

Richard

On Feb 22, 2012, at 9:54 AM, Phil Race wrote:

> On 2/21/2012 4:24 PM, Richard Bair wrote:
>> 
>> For app deploy, security is a non issue, because a desktop app has no security manager and therefore can do anything the system allows, and cannot do anything the system forbids. So for app deploy it is a red herring.
> 
> True as far as it goes for pure client/desktop apps here where that security is a non-concern
> means more that since the end-user already trusted the app to install and be granted
> privileges akin to native code, so that upgrading to fix security bugs in the JRE against
> untrusted code is pointless.
> 
> But "server" apps which respond to untrusted requests are more like web deployed apps.
> If they bundle a JRE then you need to update the whole bundle as new more secure
> JREs become available, so that unscrupulous people can't compromise your server.
> 
> I also want to make it clear that whilst increasing security and maintaining compatibility
> are sometimes conflicting goals, that the Java SE org. has for many years made
> compatibility a key theme. We do not just pay lip service to compatibility. We work
> very hard at it. Yes, we may break apps, intentionally or unintentionally, but its not
> for the want of trying. I think overall we've become good at it, and its really important
> to customers. They do test when we ship a new release, and then they complain
> loudly and/or often if we broke something. And if we can fix that, we will.
> Enterprise customers expect this. They'll go somewhere else if we aren't serious about it.
> I think you are more likely to have an app behave differently on a new platform/version
> than you are purely due to a patch upgrade in the JRE on the same platform/version.
> 
> -phil.

More information about the macosx-port-dev mailing list