Java
Dependability of Canned Applets
Applet Examples |
Java Caveats
Java applets that you find on the Web may sometimes not
work as advertised. Although byte-code is supposed to be
platform independent so that an applet can be moved from
one system to another without having to be recompiled, it
may still sometimes happen that an applet will work fine
on the computer where it was developed, but do nothing on
some other systems. Just remember that when you use a program
written by someone else, they may or may not have carefully
checked and debugged their work.
Security Issues
A Java applet is code that is downloaded to, and executes
on, the client machine. Thus, there are security concerns:
Java could be a great place to hide a computer virus. (Generally,
merely reading files will not infect a computer with a virus;
the virus must be embedded in executable code for it to
do its dirty work; thus there is particular concern for
executable code that downloads and launches execution automatically,
as is the case for Java.)
These security concerns have been addressed by limiting
the functions that a Java applet is capable of performing
on the client machine. This is what the Java developers
call "running untrusted applets in a trusted environment".
For example, applets loaded over the network are not permitted
to run other programs or write files on the client computer,
they cannot download other Java applets except from the
original computer from which they were downloaded, and the
amount of information that they can read from the client
computer is severely restricted.
The proponents of Java maintain that these (and additional
measures not listed here) are adequate security precautions,
but some dispute this. A more thorough discussion of applet
security maybe found in the relevant newsgroups on the Programming
References page. This section also has links to more
detailed pages about Java.
|