Posted Oct 29, 2010 6:46 UTC (Fri) by khim
In reply to: Surprisingly enough...
Parent article: A Firefox zero-day vulnerability
That "something" is called Flash (well, Java Applets tried to do that too but were such a huge PITA that everyone forgot about them). I can not say I'm impressed by it's security.
Another aspect is that a huge part of the JVM's robustness is due to most of it is actually implemented in Java, which being a safe language automatically precludes a large segment of security vulnerabilities.
This is good plan. The only problem with it: the system which makes language "safe" is so complex that there are lots of bugs in it so you just move security holes around.
Not at all! Just put the whole thing in seccomp sandbox and that's it. No need to develop complex JVM (which does not guarantee safety anyway), no need to rewrite all libraries. BTW this is exactly what Chrome does if the Linux is new enough.
Java tales are getting old. Even Android dropped Java as far as security is concerned (they are using Java language to lower learning curve, but their security is built around good old processes and UIDs, not around in-JVM permissions and security contexts).
to post comments)