Hacker News new | past | comments | ask | show | jobs | submit login

Security must be the primary design goal, at least right now. I don't think the way Sun implemented permissions in java offers enough protection.



I mean, security was absolutely a primary design of java applets.

It's just that implementing your sandbox at the same level as untrusted code is a really poor choice.


Did you just proved my thesis? ;-)

The devil is in details, in other words, it matters how the sandbox/isolation is implemented.

I would expect this: some malicious code requests a service object from the OS. An implementation is returned, but if no permission is granted by the user, the said implementation does nothing. There should be no data in the service object that can be used to glean any information about the internal state.

The only thing that can be detected in this design is that the service object does nothing (and even then, perhaps, it is possible to emulate the service behavior such that the code thinks everything is fine).

What do you think of that?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: