Untrusted code is restricted

• The Virtual Machine mediates access

• Some code cannot make direct system calls

• Code can be forbidden to:

  • access the filesystem
  • open sockets (except back home)
  • interfere with other applets
  • spy on the local environment

• See Frank Yellin’s paper or Java Security

  • Java Security Hotlist
  • http://www.cigital.com/javasecurity/hotlist.html

Previous slide

Next slide

Back to first slide

View graphic version