applet caching

Discussion in 'Java' started by Matthijs Blaas, Apr 4, 2004.

  1. I found that when an applet is cached (using Sun jvm), it's placed in the
    Sun\Java\Deployment\cache\javapi\jar\ folder. The files are saved with
    somekind of checksum added to them (fx: file1.jar-md5checksum.zip). Does
    this prevent hackers from modifying the applet and have the website execute
    a modified applet instead of the original one? If so, is this security
    mechanism provided with every jvm? (ie MS, IBM etc?)

    Does anyone know anything about this?

    Thanks in advance!

    -Thijs
    Matthijs Blaas, Apr 4, 2004
    #1
    1. Advertising

  2. Matthijs Blaas

    Rogan Dawes Guest

    Matthijs Blaas wrote:

    > I found that when an applet is cached (using Sun jvm), it's placed in the
    > Sun\Java\Deployment\cache\javapi\jar\ folder. The files are saved with
    > somekind of checksum added to them (fx: file1.jar-md5checksum.zip). Does
    > this prevent hackers from modifying the applet and have the website execute
    > a modified applet instead of the original one? If so, is this security
    > mechanism provided with every jvm? (ie MS, IBM etc?)
    >
    > Does anyone know anything about this?
    >
    > Thanks in advance!
    >
    > -Thijs
    >
    >


    Matthijs,

    I suggest that you have a look at some of the Open Web Application
    Security stuff (http://www.owasp.org/), as well as at tools such as
    WebScarab (http://www.owasp.org/development/webscarab or
    http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=61823)

    Essentially, WebScarab (and other similar tools you can find via
    http://dawes.za.net/rogan/exodus/comparison.php) allows an attacker to
    interfere with whatever data is being sent between the client and the
    server.

    In your case, it depends on the value of your information, as to what
    lengths you want to go to to protect it, but you might get some good
    information from the OWASP Guide
    (http://sourceforge.net/project/showfiles.php?group_id=64424&package_id=62287)

    Regards,

    Rogan
    --
    Rogan Dawes
    nntp_AT_dawes*DOT*za-DOT-net
    Rogan Dawes, Apr 5, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Hypo
    Replies:
    6
    Views:
    406
  2. Troy Simpson

    Fragment Caching inside page caching?

    Troy Simpson, Jan 19, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    783
    Troy Simpson
    Jan 19, 2004
  3. SPG

    applet - Caching in IE

    SPG, Jan 13, 2005, in forum: Java
    Replies:
    2
    Views:
    3,196
    Mickey Segal
    Jan 13, 2005
  4. besbello

    Applet images caching

    besbello, Jul 3, 2006, in forum: Java
    Replies:
    5
    Views:
    2,670
    Andrew T.
    Jul 4, 2006
  5. JimLad
    Replies:
    3
    Views:
    911
    JimLad
    Jan 21, 2010
Loading...

Share This Page