[874] in WWW Security List Archive
Re: Java and trojans: any last words before Netscape 2.0 is out?
daemon@ATHENA.MIT.EDU (Rich Salz)
Wed Sep 20 15:55:02 1995
From: Rich Salz <rsalz@osf.org>
Date: Wed, 20 Sep 1995 12:20:21 -0400
To: masinter@parc.xerox.com, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
> I think that Java has fewer opportunities for trojan horse attacks
> than application/msword
I am worried about an "evil" application knowing how a future Intuit-like
Java app stores its files and getting in their first and creating them
with a weaker ACL so that later on my electronic checkbook is completely
open to the world.
/r$
