1996-04-29 - Re: Java security weaknesses

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 4a3fed907e094fdd4df71d0d9dba895a16fb8f9d22c2176610b8a4c9a25356f0
Message ID: <199604290457.VAA22845@jobe.shell.portal.com>
Reply To: N/A
UTC Datetime: 1996-04-29 09:35:54 UTC
Raw Date: Mon, 29 Apr 1996 17:35:54 +0800

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Mon, 29 Apr 1996 17:35:54 +0800
To: cypherpunks@toad.com
Subject: Re:  Java security weaknesses
Message-ID: <199604290457.VAA22845@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain


To add to the list of Java security weaknesses from the Princeton paper
I posted the other day, I saw a new one on comp.lang.java this
afternoon.  It is another bug in the bytecode verifier, different from
the one discovered by the Princeton group, that allows you to bypass
the security mechanisms completely.  Details are not yet available.

Apparently the earlier bytecode verifier bug still does not have a fix
available.  However the nature of the bug itself was kept secret until
last week.  Now that it is out I hope Sun and Netscape will push to get
the fix available ASAP.  The bug appears to require considerable
sophistication to exploit (understanding the details of the class
resolution mechanism).  Still with the talent which is out there on the
net I imagine it will only be another week or two at most before a
demonstration exploit appears.

I hope the extended delay in making the fix available means that an
intensive review of the code is being conducted, so that for example this
other bug will have been fixed as well in the new release.  I certainly
hope that it won't be another month before a fix comes out for this new
bug.

Hal





Thread