>>> Does this mean that a program written in java can not do file i/o? >>> Otherwise, how could the VM know that it was doing "harm" as opposed to >>> some necessary file manipulation? > >Java programs are not permitted general file i/o; there are complex >mechanisms to permit them to use temporary files. > >Note that netscape also provides "JavaScript", which is > 1) not java > 2) not disabled when you turn off java > 3) known to be able to "steal" files, though not (yet) write >to them... > >(according to information posted on one of the Privacy mailinglists, >though web pages with examples of the latter were referenced, so an >altavista search would probably give you more info.)
Has anyone conducted a full security audit on Java? At any rate, before I use Java, I will be creating a separate account. Better safe than sorry! -- Christopher J. Fearnley | UNIX SIG Leader at PACS [EMAIL PROTECTED] | (Philadelphia Area Computer Society) http://www.netaxs.com/~cjf | Design Science Revolutionary ftp://ftp.netaxs.com/people/cjf | Explorer in Universe "Dare to be Naive" -- Bucky Fuller | Linux Advocate
