I've been reading some Sun Java articles where they say
Applets cannot import dlls and cannot write to disk.
(This does NOT apply to applications, only to Applets.)
Supposedly, this is NOT something you can cotrol with a
security manager or in any other way. The dll exclussion
is due to the fact that the virtual machine cannot
control what a dll is doing, perhaps writting malicious
stuff to disk among other things. Is it true that Applets
cannot write to disk and import dlls?
Since C# is the "equivalent" of java, are there any
restrictions on disk write and dll inclussion? If so, can
they be controlled in some way, or thay are like, what I
understood for Sun Java, set in stone as impossible to do.
By the way, what is the equivalent in C# of the Applet
concept in Java?
Greetings,
Mario
7  2630 
"Mario" <an*******@discussions.microsoft.com> wrote in message
news:04****************************@phx.gbl... I've been reading some Sun Java articles where they say
Applets cannot import dlls and cannot write to disk.
(This does NOT apply to applications, only to Applets.)
Supposedly, this is NOT something you can cotrol with a
security manager or in any other way. The dll exclussion
is due to the fact that the virtual machine cannot
control what a dll is doing, perhaps writting malicious
stuff to disk among other things. Is it true that Applets
cannot write to disk and import dlls?
Java applets run in a "sandbox" - a managed environment that disallows
certain actions considered to be unsafe, as you point out.
By default, applets cannot write to disk or use a native interface. I used
to teach Java classes at the local university, but I've become increasingly
disallusioned with it and Sun and pretty much gave up on it, so I don't know
if they updated this behavior or not.
Since C# is the "equivalent" of java,
I don't really consider that to be true. There may be a lot of similarities,
but the architectural and phylosophical core of each is quite different.
are there any
restrictions on disk write and dll inclussion? If so, can
they be controlled in some way, or thay are like, what I
understood for Sun Java, set in stone as impossible to do.
By the way, what is the equivalent in C# of the Applet
concept in Java?
There is no real equivalent to applets in C#. Stuffing a crippled window
inside a browser is a rather lame way of presenting an application. Instead,
..NET allows you to run entire applications from the internet. When any .NET
application is executed, the runtime environment inspects certain aspects of
the application (evidence) - such as where it is run from, who created it,
etc. Based on this evidence, the .NET environment assigns allowable
operations to the code, and prevents the code from running things that it
shouldn't. For example, by default, applications that run from the internet
(for example, if you run a .NET exe from an internet URL) cannot write to
disk except for a limited data area created especially for this purpose, and
they also can't execute unmanaged code (code from non-.NET dlls). As a user
(or more accurately, an administrator of a system), you have full control
over these security settings. You can, for example, set that any application
that comes from Microsoft (it will have a special Microsoft signature) is
allowed to do anything it wants to do, even if it is run from the internet.
Look in the documentation or the MSDN web site for .NET code access
permissions and security. There's a ton of material on it.
-Rob Teixeira [MVP]
Greetings,
Mario
The only way I know of making Java applets write to
disk and using native methods is if the applet is run by
a java applet viewer.
The articles I was reading were saying not only that by
default applets cannot write to disk and call native
methods, but there is NOTHING one could do to the Applet
Security Manager to change this. This is in contrast to
C#, where as you point out, the administrator could
enable disk write and dll use.
Thanks,
Mario -----Original Message-----
"Mario" <an*******@discussions.microsoft.com> wrote in
messagenews:04****************************@phx.gbl... I've been reading some Sun Java articles where they say
Applets cannot import dlls and cannot write to disk.
(This does NOT apply to applications, only to Applets.)
Supposedly, this is NOT something you can cotrol with a
security manager or in any other way. The dll
exclussion is due to the fact that the virtual machine cannot
control what a dll is doing, perhaps writting malicious
stuff to disk among other things. Is it true that
Applets cannot write to disk and import dlls?
Java applets run in a "sandbox" - a managed environment
that disallowscertain actions considered to be unsafe, as you point
out.By default, applets cannot write to disk or use a native
interface. I usedto teach Java classes at the local university, but I've
become increasinglydisallusioned with it and Sun and pretty much gave up on
it, so I don't knowif they updated this behavior or not.
Since C# is the "equivalent" of java,
I don't really consider that to be true. There may be a
lot of similarities,but the architectural and phylosophical core of each is
quite different. are there any
restrictions on disk write and dll inclussion? If so,
can they be controlled in some way, or thay are like, what
I understood for Sun Java, set in stone as impossible to
do. By the way, what is the equivalent in C# of the Applet
concept in Java?
There is no real equivalent to applets in C#. Stuffing a
crippled windowinside a browser is a rather lame way of presenting an
application. Instead,..NET allows you to run entire applications from the
internet. When any .NETapplication is executed, the runtime environment
inspects certain aspects ofthe application (evidence) - such as where it is run
from, who created it,etc. Based on this evidence, the .NET environment
assigns allowableoperations to the code, and prevents the code from
running things that itshouldn't. For example, by default, applications that
run from the internet(for example, if you run a .NET exe from an internet
URL) cannot write todisk except for a limited data area created especially
for this purpose, andthey also can't execute unmanaged code (code from non-
..NET dlls). As a user(or more accurately, an administrator of a system), you
have full controlover these security settings. You can, for example, set
that any applicationthat comes from Microsoft (it will have a special
Microsoft signature) isallowed to do anything it wants to do, even if it is run
from the internet.
Look in the documentation or the MSDN web site for .NET
code accesspermissions and security. There's a ton of material on
it.
-Rob Teixeira [MVP]
Greetings,
Mario
.
>but I've become increasingly disallusioned with it and Sun and pretty much gave up on it
Interesting. Would you care to explain this?
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... "Mario" <an*******@discussions.microsoft.com> wrote in message
news:04****************************@phx.gbl... I've been reading some Sun Java articles where they say
Applets cannot import dlls and cannot write to disk.
(This does NOT apply to applications, only to Applets.)
Supposedly, this is NOT something you can cotrol with a
security manager or in any other way. The dll exclussion
is due to the fact that the virtual machine cannot
control what a dll is doing, perhaps writting malicious
stuff to disk among other things. Is it true that Applets
cannot write to disk and import dlls?
Java applets run in a "sandbox" - a managed environment that disallows
certain actions considered to be unsafe, as you point out.
By default, applets cannot write to disk or use a native interface. I used
to teach Java classes at the local university, but I've become
increasingly disallusioned with it and Sun and pretty much gave up on it, so I don't
know if they updated this behavior or not.
Since C# is the "equivalent" of java,
I don't really consider that to be true. There may be a lot of
similarities, but the architectural and phylosophical core of each is quite different.
are there any
restrictions on disk write and dll inclussion? If so, can
they be controlled in some way, or thay are like, what I
understood for Sun Java, set in stone as impossible to do.
By the way, what is the equivalent in C# of the Applet
concept in Java?
There is no real equivalent to applets in C#. Stuffing a crippled window
inside a browser is a rather lame way of presenting an application.
Instead, .NET allows you to run entire applications from the internet. When any
..NET application is executed, the runtime environment inspects certain aspects
of the application (evidence) - such as where it is run from, who created it,
etc. Based on this evidence, the .NET environment assigns allowable
operations to the code, and prevents the code from running things that it
shouldn't. For example, by default, applications that run from the
internet (for example, if you run a .NET exe from an internet URL) cannot write to
disk except for a limited data area created especially for this purpose,
and they also can't execute unmanaged code (code from non-.NET dlls). As a
user (or more accurately, an administrator of a system), you have full control
over these security settings. You can, for example, set that any
application that comes from Microsoft (it will have a special Microsoft signature) is
allowed to do anything it wants to do, even if it is run from the
internet.
Look in the documentation or the MSDN web site for .NET code access
permissions and security. There's a ton of material on it.
-Rob Teixeira [MVP]
Greetings,
Mario
Mario <an*******@discussions.microsoft.com> wrote: The only way I know of making Java applets write to
disk and using native methods is if the applet is run by
a java applet viewer.
The articles I was reading were saying not only that by
default applets cannot write to disk and call native
methods, but there is NOTHING one could do to the Applet
Security Manager to change this.
I don't believe this is true - apart from anything else, if you sign
your applets and the user accepts your certificate, you can do pretty
much anything, I believe.
--
Jon Skeet - <sk***@pobox.com> http://www.pobox.com/~skeet
If replying to the group, please do not mail me too
I could, but it would occupy many page ;-)
In summary, it became very apparent that Sun was far more interested in
selling hardware and chips than it was in Java. In fact, Java appears from
there perspective to be little more than a freebie tossed out to the IT
community to help promote said hardware and chips. I dare say that companies
like IBM and BEA have done far more for Java than Sun has. This conclusion
has come out of years of disappointments, undelivered hype, and quite a bit
of hypocracy concerning competitor products and behavior - plus a rather
shaky and double-sided stance on things non-hardware-related - take Linux,
for example. Jim Fawcette had an interesting article (blog?) along these
lines http://www.ftponline.com/weblogger/f...ATE=12/12/2003 not
too long ago.
However, what bothers me the most about the language, is the underlying
principal that it sacrifices native rources in favor of
lowest-common-denominator features allowing it to be a
write-once-run-everywhere language, which in reallity, isn't entirely true
to begin with. This was a common theme sprinkled throught the language
architecture. Take Java's native interface as an example - you had to write
C++ code that conformed to Java's standard, when in reality, what we REALLY
needed was the ability to interface with EXISTING C++ code - and this is
exactly what P/Invoke and .NET interop allowed from the beginning.
Anyway, considering this is a C# forum, I'll have to try to keep the focus
on that instead of berating some company. I don't want this to become my
rant-blog/soapbox :-)
-Rob Teixeira [MVP]
"Alvin Bruney" <vapor at steaming post office> wrote in message
news:en**************@TK2MSFTNGP11.phx.gbl... but I've become increasingly
disallusioned with it and Sun and pretty much gave up on it
Interesting. Would you care to explain this?
BTW, Code Project just put up a pretty good article on COde Access
Security... http://www.codeproject.com/dotnet/UB_CAS_NET.asp
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:%2****************@TK2MSFTNGP12.phx.gbl... "Mario" <an*******@discussions.microsoft.com> wrote in message
news:04****************************@phx.gbl... I've been reading some Sun Java articles where they say
Applets cannot import dlls and cannot write to disk.
(This does NOT apply to applications, only to Applets.)
Supposedly, this is NOT something you can cotrol with a
security manager or in any other way. The dll exclussion
is due to the fact that the virtual machine cannot
control what a dll is doing, perhaps writting malicious
stuff to disk among other things. Is it true that Applets
cannot write to disk and import dlls?
Java applets run in a "sandbox" - a managed environment that disallows
certain actions considered to be unsafe, as you point out.
By default, applets cannot write to disk or use a native interface. I used
to teach Java classes at the local university, but I've become
increasingly disallusioned with it and Sun and pretty much gave up on it, so I don't
know if they updated this behavior or not.
Since C# is the "equivalent" of java,
I don't really consider that to be true. There may be a lot of
similarities, but the architectural and phylosophical core of each is quite different.
are there any
restrictions on disk write and dll inclussion? If so, can
they be controlled in some way, or thay are like, what I
understood for Sun Java, set in stone as impossible to do.
By the way, what is the equivalent in C# of the Applet
concept in Java?
There is no real equivalent to applets in C#. Stuffing a crippled window
inside a browser is a rather lame way of presenting an application.
Instead, .NET allows you to run entire applications from the internet. When any
..NET application is executed, the runtime environment inspects certain aspects
of the application (evidence) - such as where it is run from, who created it,
etc. Based on this evidence, the .NET environment assigns allowable
operations to the code, and prevents the code from running things that it
shouldn't. For example, by default, applications that run from the
internet (for example, if you run a .NET exe from an internet URL) cannot write to
disk except for a limited data area created especially for this purpose,
and they also can't execute unmanaged code (code from non-.NET dlls). As a
user (or more accurately, an administrator of a system), you have full control
over these security settings. You can, for example, set that any
application that comes from Microsoft (it will have a special Microsoft signature) is
allowed to do anything it wants to do, even if it is run from the
internet.
Look in the documentation or the MSDN web site for .NET code access
permissions and security. There's a ton of material on it.
-Rob Teixeira [MVP]
Greetings,
Mario
great article
--
Regards,
Alvin Bruney
Got tidbits? Get it here... http://tinyurl.com/2bz4t
"Rob Teixeira [MVP]" <RobTeixeira@@msn.com> wrote in message
news:%2******************@TK2MSFTNGP12.phx.gbl... I could, but it would occupy many page ;-)
In summary, it became very apparent that Sun was far more interested in
selling hardware and chips than it was in Java. In fact, Java appears from
there perspective to be little more than a freebie tossed out to the IT
community to help promote said hardware and chips. I dare say that
companies like IBM and BEA have done far more for Java than Sun has. This conclusion
has come out of years of disappointments, undelivered hype, and quite a
bit of hypocracy concerning competitor products and behavior - plus a rather
shaky and double-sided stance on things non-hardware-related - take Linux,
for example. Jim Fawcette had an interesting article (blog?) along these
lines http://www.ftponline.com/weblogger/f...ATE=12/12/2003
not too long ago.
However, what bothers me the most about the language, is the underlying
principal that it sacrifices native rources in favor of
lowest-common-denominator features allowing it to be a
write-once-run-everywhere language, which in reallity, isn't entirely true
to begin with. This was a common theme sprinkled throught the language
architecture. Take Java's native interface as an example - you had to
write C++ code that conformed to Java's standard, when in reality, what we
REALLY needed was the ability to interface with EXISTING C++ code - and this is
exactly what P/Invoke and .NET interop allowed from the beginning.
Anyway, considering this is a C# forum, I'll have to try to keep the focus
on that instead of berating some company. I don't want this to become my
rant-blog/soapbox :-)
-Rob Teixeira [MVP]
"Alvin Bruney" <vapor at steaming post office> wrote in message
news:en**************@TK2MSFTNGP11.phx.gbl...but I've become increasingly
disallusioned with it and Sun and pretty much gave up on it
Interesting. Would you care to explain this?
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Lorenzo |
last post by:
hi you all,
first of all apologies for having cross-posted this message but really
i did not know where to post it. please let me know what ng you
consider the most suitable for the described...
|
by: fabio |
last post by:
Hi, I'm writing a program for PPC and I use IBM's Websphere Device
Developper PPRO1.0 java VM. This vm is much smaller and simple than standard
vm as it has to run on small devices as handhelds....
|
by: DrUg13 |
last post by:
In java, this seems so easy. You need a new object
Object test = new Object() gives me exactly what I want.
could someone please help me understand the different ways to do the
same thing in...
|
by: mailkhurana |
last post by:
Hii ,
I am trying to use a type 2 driver to connect to DB2 0n AIX 5
I have a small java test to class to establish a conneciton with the db
.. I am NOT using WAS or any appserver
When I try to...
|
by: Tim Murray |
last post by:
First of all, I don't know much about Java, even its naming and version
numbering nomenclature, and second, if there is a better group to ask this
in, please let me know.
System is Mac with...
|
by: himilecyclist |
last post by:
My State government organization has written a PHP/MySQL application
which has been in production for about 6 months and has been highly
successful.
We are now embarking on a similar database...
|
by: jaywak |
last post by:
Just tried running some code on Linux (2.4.21-32.0.1.EL and Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_04-b05)) and Windows XPSP2 (with Java HotSpot(TM) Client VM (build...
|
by: mr man |
last post by:
I try to play runescape and this came up......this comes up with all java
java.security.PrivilegedActionException: java.io.FileNotFoundException: C:\Documents and Settings\HP_Owner\Application...
|
by: henrymania |
last post by:
Am writing a code for database backup....by backupservlet is as given below
i get the following exception
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: ryjfgjl |
last post by:
In our work, we often receive Excel tables with data in the same format. If we want to analyze these data, it can be difficult to analyze them because the data is spread across multiple Excel files...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
| |
