j2se

[James Snow, Software Developer]

Just downloaded and installed the J2SE, upgrading from 1.0.
I had a small applet that rendered a three-dimensional rectangle on my web
page, and the strangest thing happened; after running a test Swing app -
"ButtonDemo.class" - the 3DRect applet turned white from the standard
grey color. Then it went back. Should I be concerned about this?
Also, are there any securty holes in this - getting through ports is one
that comes to mind - and how do you secure them? Does the 1.4 version
include methods for opening, reading, editing, and saving to files? I/O port
classes?
Thanks
James Snow
Software Developer

 

[Alex Hunsley]

This is what i'm talking about.. take a look at this bitmap of the applet I
was working on ..

Hey, consultant man, you must have missed the memo... please don't post
binaries to non-binary newsgroups like comp.lang.java.programmer.
Perhaps you could host the image on a webserver somewhere and post a
link instead.

 

[Chris Smith]

Just downloaded and installed the J2SE, upgrading from 1.0.
I had a small applet that rendered a three-dimensional rectangle on my web
page, and the strangest thing happened; after running a test Swing app -
"ButtonDemo.class" - the 3DRect applet turned white from the standard
grey color. Then it went back. Should I be concerned about this?

I guess whether you are concerned depends on whether you want your
applet to turn white, and then back again. That seems like odd
behavior, and if you post a simple test case demonstrating it, I'm sure
someone will help determine why it occurred.

Also, are there any securty holes in this - getting through ports is one
that comes to mind - and how do you secure them? Does the 1.4 version
include methods for opening, reading, editing, and saving to files? I/O port
classes?

No, there are no known security holes. The 1.4 version of Java contains
methods and classes for doing everything under the Sun, but the security
sensitive operations are protected by a security manager, and you'd need
a signed applet, to which you would then need to grant the appropriate
permissions, to make use of them. This is true for a very broad sense
of "security holes". For example, an unsigned applet will not be able
to listen on a TCP port or make any outgoing connections to anything
except its originating server. It won't be able to make any use at all
of local files, nor read local environment variables or anything but a
safe subset of Java system properties, etc. Basically, it's good for
very little except for demonstrations, renderers for custom file types,
complex animations, etc.

These days, very few people use applets for much. See Java Web Start
for a more powerful (but still security-constrained) alternative.

--
www.designacourse.com
The Easiest Way To Train Anyone... Anywhere.

Chris Smith - Lead Software Developer/Technical Trainer
MindIQ Corporation