Java plugin

Daniel Socoloff (Daniel.M.Socoloff@ny.frb.org)
Wed, 24 Feb 1999 11:42:55 -0500

Date: Wed, 24 Feb 1999 11:42:55 -0500
From: Daniel Socoloff <Daniel.M.Socoloff@ny.frb.org>
Subject: Java plugin
To: java-security@java.sun.com

I have a question with regards to Java plugin 1.2 (java security patch =
1.1.6)(java.sun.com/products/plugin/1.2/docs/index.docs.html
It appears as if the plugin allows the user to disable one of the most =
basic security controls in the JVM. A java applet is normally allowed to =
connect back only to the server from which it originated, in order to =
prevent a hostile applet downloaded from an internet site from going out =
and accessing data from intranet sites and then sending it back out to the =
internet. =20
Can you tell me if the pluginis safe or not based on this information.
Thank you,
Daniel