Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

is there any Java Plugin issues?

Status
Not open for further replies.
Cheech

Cheech

Technical User
Nov 6, 2000
2,933
0
0
EU
Hi

I am a Web Developer who works 99.9% of the time with asp. my boss BSM has been asked to allow a couple of users to install the Java Plugin. he wants to know if there are any issues he should be aware of. I have had a look round and cant find anything but just thought I would post in here to see if anyone had any comments

Cheers Tony C

[Peace][Pipe]
 
Sort by date Sort by votes
What kind of issues are you concerned with ?
 
Upvote 0 Downvote
Havent got a clue.

Its one of those pass the buck type questions from a manager who has no clue about the web.

As far as I am concerned there has been a java plugin in IE for adinfinitum, but I think he just wants to say "it was him that said it would be OK". We only support IE5.5+ as the company standard.

One of the contractors who works for us uses java applets on its extranets and we have some users that need to access these for service reports.

I just wanted to make sure there had been no developments that could allow network vulnability or such through an applet

Cheech

[Peace][Pipe]
 
Upvote 0 Downvote
Adding any new software to your company is going to cause an extra bit of security problems, especially applets and ActiveX controls which can in theory create unsecure outgoing TCP/IP calls into the ether, but I guess one more won't hurt !

In their unmodified, unsigned state, applets are very secure becasue they are so restricted as to what cannot be done. For example, by default they cannot access the file system, they cannot make outgoing Socket connections (apart from to the web server they originate from), they cannot initiate native OS threads (apart from the inherent applet process), and so on.

When you have a signed and *trusted* applet though, things can get a little more lax - and all those banned operations can become valid, as long as the user accpets the signed applet certificate, and sets up their Java plugin to recognise this. But to be honest, this can be so painful in my experience that if you have someone proficient enough to do it, that is intent on causing harm to the network/company, they could probably find much easier ways of compromising security !

So, in short, yeah, no worries, safe as houses !
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

soni21
  • Locked
  • Question
Best Practices for Exception Handling in Java
Replies
0
Views
110
soni21
soni21
shivam bhatele
  • Locked
  • Question
Check If String Contains any Of the Word From Given List?
Replies
0
Views
91
shivam bhatele
shivam bhatele
Rienes
  • Locked
  • Question
How to learn Java
Replies
3
Views
119
Rienes
Rienes
Makumbi256
  • Locked
  • Question
how can i convert this code to javascript
Replies
1
Views
114
xwb
xwb
R-MacDonald
  • Locked
  • Question
How to order Software on Java?
Replies
3
Views
158
JacquelineReeser
JacquelineReeser

Part and Inventory Search

Sponsor

Back
Top