harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Wielaard <m...@klomp.org>
Subject Re: State of the World (it's security)
Date Tue, 10 May 2005 17:33:34 GMT
Hi,

On Tue, 2005-05-10 at 08:47 -0400, Bob wrote:
> > Other interesting approaches are [..] Integrate 
> > gcjwebplugin
> > out of process with SELinux mandatory access controls when run from
> > mozilla.
> 
> I'm somewhat confused here.  Will this security implementation only 
> work for applets being run from within Mozilla, or are the more general 
> Java 2 Security Model ideas being implemented, available to all Java 
> programs?

This was just a suggestion to look into if you want an interesting
challenge. I believe really sandboxing the gcjwebplugin runtime spawned
for mozilla with SELinux access controls will provide an extra layer of
security that is even harder to escape from by malicious code. You might
be able to expand this idea to arbitrary programs run within the
runtime. I haven't investigated yet.

Cheers,

Mark

Mime
View raw message