Help with Security

Discussion in 'Java' started by Chirag Sharma, Feb 6, 2014.

  1. "Hi
    I have created a real time java code compiler at http://www.guru99.com/try-java-editor.html Although I have checked all security loopholes ... do you experts see any major security leak that I need to care of?"
     
    Chirag Sharma, Feb 6, 2014
    #1
    1. Advertising

  2. Chirag Sharma

    Daniel Pitts Guest

    On 2/6/14 12:10 AM, Chirag Sharma wrote:
    > "Hi
    > I have created a real time java code compiler at http://www.guru99.com/try-java-editor.html Although I have checked all security loopholes ... do you experts see any major security leak that I need to care of?"
    >


    Nope, you still fail. You are approaching this entirely wrong. If you
    try to black-list things you will miss something and open a serious
    vulnerability.
     
    Daniel Pitts, Feb 6, 2014
    #2
    1. Advertising

  3. Chirag Sharma

    Daniel Pitts Guest

    On 2/6/14 11:01 AM, Daniel Pitts wrote:
    > On 2/6/14 12:10 AM, Chirag Sharma wrote:
    >> "Hi
    >> I have created a real time java code compiler at
    >> http://www.guru99.com/try-java-editor.html Although I have checked all
    >> security loopholes ... do you experts see any major security leak that
    >> I need to care of?"
    >>

    >
    > Nope, you still fail. You are approaching this entirely wrong. If you
    > try to black-list things you will miss something and open a serious
    > vulnerability.


    To clarify. I am still able to access any and all classes you thought
    you blocked. A string filter will not save you ever, because I can
    bypass it easily.
     
    Daniel Pitts, Feb 6, 2014
    #3
  4. Chirag Sharma

    Roedy Green Guest

    On Thu, 06 Feb 2014 11:01:17 -0800, Daniel Pitts
    <> wrote, quoted or indirectly
    quoted someone who said :

    >On 2/6/14 12:10 AM, Chirag Sharma wrote:
    >> "Hi
    >> I have created a real time java code compiler at http://www.guru99.com/try-java-editor.html



    Nit pick. Check spelling of separate.
    --
    Roedy Green Canadian Mind Products http://mindprod.com
    Because a thing seems difficult for you, do not think it
    impossible for anyone to accomplish.
    ~ Marcus Aurelius 121-04-26 180-03-17
     
    Roedy Green, Feb 7, 2014
    #4
  5. Chirag Sharma

    Roedy Green Guest

    On Thu, 06 Feb 2014 11:01:17 -0800, Daniel Pitts
    <> wrote, quoted or indirectly
    quoted someone who said :

    >Nope, you still fail. You are approaching this entirely wrong. If you
    >try to black-list things you will miss something and open a serious
    >vulnerability.


    Could you handle this with a policy file and the usual java security?
    --
    Roedy Green Canadian Mind Products http://mindprod.com
    Because a thing seems difficult for you, do not think it
    impossible for anyone to accomplish.
    ~ Marcus Aurelius 121-04-26 180-03-17
     
    Roedy Green, Feb 8, 2014
    #5
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Aaron
    Replies:
    1
    Views:
    356
    John C. Bollinger
    Aug 4, 2003
  2. Marco
    Replies:
    1
    Views:
    2,420
    Roedy Green
    Jan 28, 2006
  3. Akram Baig
    Replies:
    0
    Views:
    333
    Akram Baig
    Apr 7, 2011
  4. Dinis Cruz

    Asp.Net Security Analyser (new security tool by DDPlus)

    Dinis Cruz, Oct 8, 2003, in forum: ASP .Net Security
    Replies:
    2
    Views:
    155
    Dinis Cruz
    Oct 11, 2003
  5. Michael Randrup
    Replies:
    3
    Views:
    308
    Henning Krause [MVP]
    Mar 27, 2006
Loading...

Share This Page