Application security?

martin@cookie.ENET.dec.com
Mon, 28 Apr 97 15:27:00 PDT

From: martin@cookie.ENET.dec.com
Message-Id: <9704282223.AA08539@us3rmc.pa.dec.com>
Date: Mon, 28 Apr 97 15:27:00 PDT
To: java-security@web2.javasoft.com
Subject: Application security?

Hi,

I tried to find this info on the javasoft web site, under security, but
couldnt find anything. Security for Java seems largely intended for Applets
and the 'sandbox'. I am trying to find out if there is anything similar
for Applications, ie what security exists for them. The sandbox is only for
Applets, right? I am assuming that essentially security is up to the code
authors for Applications, as it is essentially like any c/c++ program, right?
(That is, over and above the language features such as garbage collection, etc.)

Any pointers or whatever would be greatly appreciated!

Thanks,

- Jim Martin

ps we are considering authoring a GUI as a Java Application, but I
contend that our customers would be more secure with using an Applet,
which could have the sandbox security, plus the added security provided
by the server, such as login/encryption/auditing/node permissions, and
by a firewall.