Quick links

A Java Filter

Report ID:
TR-567-97
Date:
November 1997
Pages:
7
Download Formats:

Abstract:

Rogue Java applets are currently a major concern for big companies and
private users alike. While the best protection against them is to turn
off Java support in the WWW browser, this ``solution'' is
unsatisfying: it deprives users of many of the advantages of the Java
platform. Other mechanisms such as firewalls and code signing have been
proposed to ``enhance'' security. In this paper we
argue that these mechanisms cannot deliver the security
they promise. As an alternative, we describe a simple yet effective
way to prevent untrusted applets from entering the user's computer. At
the same time, we allow trusted applets to execute in whatever sandbox
the browser provides for them. Our technique works by modifying
Java class loaders and
can be extended to provide fine-grained access control for Java
applets.

Follow us: Facebook Twitter Linkedin