Tim Wright writes: > <alxat_private> and I recently explored the "security hole" in Java > where an applet can listen on a port, and accept connections from any > machine, rather than just the machine from which the applet was > down-loaded. > > The code which was posted to BugTraq does appear to exhibit this > behavior. However, on closer inspection the posted code only created a > class to listen on a socket, and did not call the method to accept > connections from that socket. It turns out that the SecurityException is > (correctly) thrown during the accept method call. That's with connection-oriented sockets. What about UDP sockets? Lincoln -- ======================================================================== Lincoln D. Stein Cold Spring Harbor Laboratory lsteinat_private Cold Spring Harbor, NY ========================================================================
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:34:39 PDT