Re: not a JVM-level decision

Marianne Mueller (mrm@eng.sun.com)
Tue, 13 May 1997 09:33:37 -0700

Date: Tue, 13 May 1997 09:33:37 -0700
Message-Id: <199705131633.JAA20680@puffin.eng.sun.com>
From: Marianne Mueller <mrm@eng.sun.com>
To: delaport@ls7.informatik.uni-dortmund.de
Subject: Re: not a JVM-level decision

What can I say, I agree with you! But if people who license Java want
to use it in such a way as to dilute its safety features, it is not
possible to prevent such activity. Java, as a programming platform,
cannot make policy decisions about how Java is used.

What we could do is develop Java Security Compatibility Tests, so that
an application, such as web browser, could be stamped as security
compliant only if it passed the security tests. I think this might be
the right approach, since it simply gives consumers the information
they need, and it gives application developers an incentive not to
dilute the Java safety features. Or, at least, to provide their
end-users with a way to use "Java only", not "Java + some other
scripting language."

I don't want to pick on JavaScript, because it is not unique - it is
not the only scripting language that presents this dilemma - there are
other examples of other scripting languages that people want to mix 'n
match with Java. Those other scripting languages also might present
security problems.

I guess the other thing this discussion highlights is that the
security of Java or any computing platform isn't a black and white
issue. It includes (at least) what the security model is; how that
model is designed and then implemented; how the implementation is
tested or assured; how the end result can be configured and used in a
safe way. That last point is important; all the security design in
the world won't help us build safe applications for the internet if
people can't configure the applications in the way they need. It
sounds to me that you need to be able to configure your application so
that you can have some control over what protocols are used, and what
level of non-Java interaction you want to allow to your Java
applications.

Marianne