Re: [Wikitech-l] Java becomes Open Source, what next?

On Tue, 2006-11-14 at 18:31 -0500, Gregory Maxwell wrote: I only know of one, Rhino (http://www.mozilla.org/rhino/). Looking from outside, it seems to be a good implementation -- it's actively maintained, and has a nice feature list -- but I've never actually used it. "... we can provide (audited) java classes for anything performance critical..." Really? Including fluid dynamics simulators, rigid-body kinematics with collision detection, Game of Life simulators, and chess-playing programs? These are just a few possibilities for (the performance-critical part of) educational applets that I came up with off the top of my head; I'm sure there are many more. The JVM-based interpreter may still be the right thing to do, but people need to be aware that there are whole realms of creative educational possibilities that are far less feasible with that approach. How does a Java applet go about asking for more privileges? Is that something we can easily audit to avoid (for instance, by checking .class files to make sure they only use standard Java classes and methods that are in a whitelist, not to include reflection)? If the embedded-in-JVM interpreters let you interact with Java, then you will probably be able to write scripts that ask for more privileges; and that can't be fixed by outlawing reflection, since the interpreter has to use reflection. For this reason, compiled Java may actually be easier to secure than an interpreter. Can we write our own security manager, ensure that all calls to uploaded .class files are "wrapped" by our security manager, and implement our own restrictive security policy that way? Carl Witty