Hacker News new | past | comments | ask | show | jobs | submit login

So, like, Java?



> Imagine extensions for applications or databases, written in any language you want, with no ability to exfiltrate data

How does Java preclude plugins exfiltrating data?

Downvoters: I’m not trying to be sacrilegious; I genuinely don’t know the answer.


You can use a security manager and define permission on what the loaded java code can do.

Unfortunately, it's fraught with danger because of the confused lieutenant issue ( you'd need to give parts of the app permission but not others - doing so isn't trivial).


Just to help others searching for "confused lieutenant," I believe it's usually known as the "confused deputy problem," perhaps as a reference to Barney Fife. I do like the image of a confused lieutenant though.


https://news.ycombinator.com/item?id=21516212




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: