Bug#267040: gcjwebplugin runs untrusted code without sandbox
Moritz Muehlenhoff
jmm at inutil.org
Mon Oct 20 17:58:28 UTC 2008
Moritz Muehlenhoff wrote:
> On Sun, Sep 07, 2008 at 05:39:28PM +0100, Ben Hutchings wrote:
> > gcjwebplugin is a Java plugin for web browsers. It does not include the
> > security manager which is a crucial part of the "sandboxing" of Java
> > applets. The maintainers have "fixed" this bug (#267040) merely by
> > adding a warning prompt before running applets, which is well known to
> > be an insufficient means of protecting users from malware. Please do
> > not include it in lenny. (Unfortunately it is built from the classpath
> > source package, so that will have to be modified to remove it.)
>
> I had discussed this with Michael Koch some time ago; the version
> in Lenny implements a security manager, but it's not yet clear whether
> it's fully appropriate. We didn't reach a final conclusion, but I guess
> the warning is sufficient for Lenny.
I haven't heard back from Michael and I believe we should err on the
safe side and not lure users into a false sense of security.
Since we now have icedtea-gcjwebplugin in Lenny, we have a web plugin
based on OpenJDK and should drop the gcjwebplugin binary package from
Lenny.
Cheers,
Moritz
More information about the pkg-java-maintainers
mailing list