[4600] in WWW Security List Archive
Re: Netscape Cache Virus
daemon@ATHENA.MIT.EDU (Albert Lunde)
Thu Feb 27 01:04:56 1997
To: www-security@ns2.rutgers.edu
Date: Wed, 26 Feb 1997 21:57:18 -0600 (CST)
In-Reply-To: <199702270028.TAA11506@babe.globecomm.net> from "Bachtel" at Feb 26, 97 06:30:44 pm
Reply-To: Albert-Lunde@nwu.edu (Albert Lunde)
From: Albert-Lunde@nwu.edu (Albert Lunde)
Errors-To: owner-www-security@ns2.rutgers.edu
>
> Hmm, just out of curiousity (because I here a lot about
> Java/DirectX/HTML security flaws), is it theoretically possible for a
> Java program to somehow overflow a cache with valid ASM byte-codes,
> and transfer execution to them? I've heard that Java works off static
> storage, would this prevent this kind of exploit?
The low-level security model of Java is explicitly aimed at preventing
many of the kinds of arraty/buffer/stack overflow attacks that C or
C++ code may be vulnerable to. It's not perfect, but it's a better
model than provided by most run-time libraries. I think the majority
of Java bugs have been problems in unexpected features of other
layers like the network class loader or the high-level security
manager (which was tacked on as an afterthought as Java went
from alpha to beta).
Active X does not seem to have a security model, other than people/
corporations who sign code saying "Trust Me".
