Java Caveats

Java | Java Caveats

Dependability
of Canned Applets

Java applets that you find on the Web may sometimes not work as advertised. Although byte-code is supposed to be platform independent so that an applet can be moved from one system to another without having to be recompiled, it may still sometimes happen that an applet will work fine on the computer where it was developed, but do nothing on some other systems. Just remember that when you use a program written by someone else, they may or may not have carefully checked and debugged their work.

Security Issues

A Java applet is code that is downloaded to, and executes on, the client machine. Thus, there are security concerns: Java could be a great place to hide a computer virus. (Generally, merely reading files will not infect a computer with a virus; the virus must be embedded in executable code for it to do its dirty work; thus there is particular concern for executable code that downloads and launches execution automatically, as is the case for Java.)
These security concerns have been addressed by limiting the functions that a Java applet is capable of performing on the client machine. This is what the Java developers call "running untrusted applets in a trusted environment". For example, applets loaded over the network are not permitted to run other programs or write files on the client computer, they cannot download other Java applets except from the original computer from which they were downloaded, and the amount of information that they can read from the client computer is severely restricted.
The proponents of Java maintain that these (and additional measures not listed here) are adequate security precautions, but some dispute this. A more thorough discussion of applet security maybe found in the relevant newsgroups on the Programming References page. This section also has links to more detailed pages about Java.


			Java \| Java Caveats
		Dependability of Canned Applets Java applets that you find on the Web may sometimes not work as advertised. Although byte-code is supposed to be platform independent so that an applet can be moved from one system to another without having to be recompiled, it may still sometimes happen that an applet will work fine on the computer where it was developed, but do nothing on some other systems. Just remember that when you use a program written by someone else, they may or may not have carefully checked and debugged their work. Security Issues A Java applet is code that is downloaded to, and executes on, the client machine. Thus, there are security concerns: Java could be a great place to hide a computer virus. (Generally, merely reading files will not infect a computer with a virus; the virus must be embedded in executable code for it to do its dirty work; thus there is particular concern for executable code that downloads and launches execution automatically, as is the case for Java.) These security concerns have been addressed by limiting the functions that a Java applet is capable of performing on the client machine. This is what the Java developers call "running untrusted applets in a trusted environment". For example, applets loaded over the network are not permitted to run other programs or write files on the client computer, they cannot download other Java applets except from the original computer from which they were downloaded, and the amount of information that they can read from the client computer is severely restricted. The proponents of Java maintain that these (and additional measures not listed here) are adequate security precautions, but some dispute this. A more thorough discussion of applet security maybe found in the relevant newsgroups on the Programming References page. This section also has links to more detailed pages about Java.

Dependability of Canned Applets

Dependability
of Canned Applets