LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Oracle patches critical Java bugs used to commandeer computers (ars technica)

Oracle patches critical Java bugs used to commandeer computers (ars technica)

Posted Sep 4, 2012 1:51 UTC (Tue) by alankila (subscriber, #47141)
In reply to: Oracle patches critical Java bugs used to commandeer computers (ars technica) by mikov
Parent article: Oracle patches critical Java bugs used to commandeer computers (ars technica)

Also, in this case it appears that the applet runtime simply acts as vector to carry the interesting payload that actually compromises the system.

That being said, I was disappointed to learn how the applet security manager is put together, as it appears to simply trust call sites in the system framework packages. Given the size of the software, it seems likely that bugs like this will be discovered for years and years, and that every new API level will supply new bugs, unless this aspect of its evolution is strenuously reviewed.

Then again, if you just sign your applet, and socially engineer the user to run it, the security manager is turned off in any case, opening the door to further exploits just the same. If applets are to be salvaged -- and it is not clear to me anybody wants that -- then the operating system must be hardened to not allow browser to act as user's agent, i.e. with his privileges.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds