Security Issues in Java

Security Issues : "Servlet Sandbox" security model is used to run servlets built using JDK1.1. In this security model servlets are either trusted or untrusted. A trusted servlet has full access to server machine while untrusted servlets have limited access to server resources.The restrictions to untrusted servlets are imposed by the security manager. This model is very similar to "Applet SanBox" security model, where untrusted applets are given limited access to the client resources.
A Sand box is a security mechanism for safely running programs.It is often used to execute untrusted code,or programs from unverified third parties , and untrusted users. The sandbox typically provides a lightly controlled set of resources for guest programms to run in . Network access , the ability to inspect the host system or read from input devices is usally disallowed or heavily restricted.Servlets built JDK1.1 use the same technology as used by Applets to implement security issues.Hence local servlets are trusted to run without a security manager.Servlets loaded from a remote source,on the other hand,are by nature untrusted,so they run in a very restrictive environment where they cannot access the local file system , establish network connections and so on.

0 comments:

Post a Comment