begin quoting Tracy R Reed as of Tue, Nov 29, 2005 at 05:05:09PM -0800: > Randall Shimizu wrote: > > I am not all that familiar with Python, but Java's > > biggest advantage is security. There has nerver been a > > Java virus in the wild since it's inception. > > Ditto for a zillion other languages. FORTRAN virus, anyone?
Specific to? No. Infects binaries compiled from? All the time. The JVM has a lot of useful features. Fine-grained control over a number of runtime permissions. If you turn on the security manager, the VM goes into default-deny mode. % java -Djava.security.manager blah blah blah It's easy to craft a policy file (and there's even a GUI tool if you need to use the mouse / want to make sure you get the syntax right) to grant limited permissions. I can tell the JVM that it can't look at my username but it can get my home directory; I can give it read/write/delete/execute permissions to files (subject to the usual DAC) or directories; I can tell it which hosts/ports it may or may not connect to... just for that VM. I *want* this level of control for any arbitrary process, and I want it at _least_ this easy. UNIX was neither designed nor built for security. Where there is good security, it was bolted on after the fact. When there is additional security, the mechanisms are typically awkward, clunky, and intrusive. Most other languages were not build with security in mind at all. -Stewart "Viruses aren't hard. Just tricky." Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
