[1062] in java-interest
Re: JAVA VIRUS (not)
daemon@ATHENA.MIT.EDU (Chuck McManis)
Thu Aug 17 21:56:58 1995
Date: Thu, 17 Aug 1995 16:13:26 -0700
From: cmcmanis@scndprsn.Eng.Sun.COM (Chuck McManis)
To: java-interest@java.Eng.Sun.COM
I'm responding to the list because apparently my answers aren't getting through
in email.
> I've asked this before, but got no answer at all.
Have some answers. :-)
> HOW SECURE ARE THE JAVA SECURITY FEATURES?
As secure as we can make them.
> Is it *impossible* to write malicious code? Has the Java team thought
>to formally prove that JAVA secure *means* secure?
We think so, for some definition of "malicious". It is certainly possible to
write an applet that displays a rude picture, or to write one that spins forever
at MAX priority (the latter is fixed in Beta btw). We plan to have a much more
formal statement of what the security requirements of the system are at that time
as well.
> Da'hell with operator overloading! It seems to me that without the
>phrase
>
> "JAVA secure"
>
>becoming a real assurance, the Java system is not going to be worth much.
Well there is also the not insignificant fact that we give the source to the
system out to anyone who asks for it. Ask someone you trust, and who understands
security to do your own evaluation of it. It doesn't sound like anything I can
say will actually answer your question. As far as I know, there are no universally
accepted formal proving mechanisms. (I know about the vulnerability analysis work
that Sandia National Labs does.)
> There must be someone who's not a total technocrat out there!
Probability is on your side. :-)
--Chuck
-
Note to Sun employees: this is an EXTERNAL mailing list!
Info: send 'help' to java-interest-request@java.sun.com
