Eric Swanson wrote:
What we need now is
focus, energy and commitment
to create a business environment where it is possible (and profitable)
the
creation, deployment and maintenance of applications executed in secure
sandboxes.
Traditionally,
the quickest answer to a
Hi Dinis,
On 29 Mar 2006, at 05:52, Dinis Cruz wrote:
Thanks for confirming this (I wonder how many other other Java
developers are aware of this (especially the ones not focused on
security)).
Most I've worked with aren't really aware of the security manager,
never mind bytecode
This comes back to that great concept called 'Faith-based' Security (see Gunnar Peterson's post http://1raindrop.typepad.com/1_raindrop/2005/11/net_and_java_fa.html ), which is when people are told so many times that something is secure, that that they believe that it MUST be secure. Some
Jeff, as you can see by Stephen de Vries's response on this thread, you
are wrong in your assumption that most Java code (since 1.2) must go
through the Verifier (this is what I was sure it was happening since I
remembered reading that most Java code executed in real-world
applications is not
Hello Eric (comments inline)
Eric Swanson wrote:
Because I believe that Microsoft will never be as cooperative with .NET and
the developer community as Sun is with Java, is there an opportunity for
another company to step up to the plate on Microsoft's behalf?
There is definitely an
Hi Kevin
Indeed this is somewhat surprising that there is no byte-code
verification
in place, especially for strong typing, since when you think about it,
this is not too different than the "unmanaged" code case.
Well there is some byte coding verification. For example if you
At 2:34 AM +0100 3/27/06, Dinis Cruz wrote:
PS: For the Microsofties that are reading this (if any) sorry for
the irony and I hope I am not offending anyone, but WHEN are you going
to join this conversion? (i.e. reply to this posts)
I can only see 4 reasons for your silence: a) you
On 27 Mar 2006, at 11:02, Jeff Williams wrote:
I am not a Java expert, but I think that the Java Verifier is NOT
used on
Apps that are executed with the Security Manager disabled (which I
believe
is the default setting) or are loaded from a local disk (see ...
applets
loaded via the