Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

That actually sounds awesome... A bit like the setuid bit on unix for running the ping utility always as root (normal users can't receive ping packets), but with a whole lot more flexibility.

I can see how careless use of it can lead to an unintentionally rather massive security surface area though...



Yeah, it's a great idea and a clever design, but sophistication is often the enemy of security: http://www.cs.cmu.edu/~clegoues/docs/coker15acsac.pdf


Yes, it is pretty awesome. I am was sort of sad to hear that it is slated for deprecation and removal. After the Java focus shifted from running in the browser to running on the server, the security manager was seldom used.

There was a lot of interest in early days of Java and the internet in mobile code that could move between devices. It seems that interest in such systems has waned. I suppose this was more of a solution looking for a problem. However, I still think that there is potential there in some way.


Well now we have WebAssembly being marketed for such purposes as if it was the first of its kind.

Meanwhile the first security papers already started being shown.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: