FW: open socket in java

From: Nin|a405 (ninja405at_private)
Date: Thu Feb 11 1999 - 09:40:51 PST

Next message: Jensen Allan AJE: "Re: Another Windows98 Bug..."

Previous message: Merrick, Pete G: "Re: Security Scanners and other Auditing Tools [was Re: ISS Inter"
Maybe in reply to: nino: "open socket in java"
Next in thread: Simon Kilvington: "Re: open socket in java"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Responses should be directed towards mattsat_private

Thanks,
Ninja405

-----Original Message-----
From:	matt [mailto:mattsat_private]
Sent:	Wednesday, February 10, 1999 10:42 AM
To:	BUGTRAQat_private
Subject:	re:open socket in java

Some of this stuff does not sound right.  I'm not a security expert, but my
status as a Java Nut leaves me little choice but to wade in, guns blazing...
:) Since I'm dropping into the middle of this thread, I should say that I
assume we are talking about using Java Applets within a browser that has a
proper Java Virtual Machine (JVM) which runs applets in a sandbox.
<some guy wrote>
> ...Unbenknownst to
> the company or the branch office, the applet has actually opened a
> listen socket, has accepted a connection from the applet's original
> author...
The JVM sandbox (if working normally) only allows socket connections back to
the URL of the http server that the browser got the applet from.  If the
applet is served up by a trusted host, then the bad-guy has to conquer that
host before he can get the private data.  If a user is browsing around the
web, using executable content from a strangers web page to process company
data, well the world will be well served by that company's disappearance
from the market :)
<some other guy replied>
>the missing information here that this scenario doesn't contain,
>is that the applet's original author must know the host that the
>applet is running on, in order to connect to the applet.

The sandbox should prevent such a connection. Did I miss an assumption from
earlier discussion?
>This information can be easily sent by the applet to the bad guy
>by making a http request - hiding information in the URL. We
>implemented this type of communication, allowing a java applet
>to communicate with an arbitary server

This does not sound right.  The JVM does not know an http request from any
other kind of socket activity, so it should refuse communications via ports
80 like all the rest, unless the connection is to the applet source URL .
Could the writer please amplify this statement?  Are we talking about Java
or JavaScript?

--
Matthew Sexton (mattsat_private) Advanced Technology Video, Inc.
Redmond, Wa 98052 Voice: 425-885-7000 x263 Fax:  425-881-7014

Next message: Jensen Allan AJE: "Re: Another Windows98 Bug..."
Previous message: Merrick, Pete G: "Re: Security Scanners and other Auditing Tools [was Re: ISS Inter"
Maybe in reply to: nino: "open socket in java"
Next in thread: Simon Kilvington: "Re: open socket in java"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:34:07 PDT