Quote: remotely-loaded code may have security flaws. For example, Java has many security flaws such as covert channels and lacking a formal security policy

Quotation Skeleton

We examine the Java language and both the … their security. … On a deeper level, these flaws arise because … [p. 192-198] [The flaws include denial of service attacks, three party attacks, covert channels, system information, DNS weaknesses, buffer overflows, disclosing storage layout, public proxy variables, inter-applet security, superclass constructors, illegal package names, language weaknesses, bytecode weaknesses, object initialization, network access, and lack of information hiding, security policy, enforcement, trusted computing base, and accountability.] … [p. 199] The absence of a well-defined, formal security … We conjecture [that competing systems are similarly flawed]. Execution of remotely-loaded code is …   Google-1   Google-2

Copyright clearance needed for quotation.

Related Topics

Topic: security leaks and weaknesses (56 items)
Topic: object code linkers and loaders (29 items)
Topic: security of remotely executed code (22 items)