Java Applets: Security

Java applets were introduced a long time ago to provide animations in web pages. They are not architected for large applications. So, your applets should be small in size and should not perform computationally intensive tasks. Moreover, applets, after being downloaded from the server, are executed on a client machine. Several restrictions are imposed for security reasons. The goal imposing these restrictions is protecting client computer from potentially vulnerable applets. To ensure this goal, applet capabilities are restricted, probably more than necessary. You should be fairly aware of those restrictions if you are going to develop applets. Applets should not be allowed to do the following:

  • Reading, writing, creating, destroying, and renaming files on the local file system
  • Sending sensitive information to other potentially vulnerable computers over the network
  • Creating potentially destructive/malicious processes
  • Writing virus programs that destroy your data or perform other malicious events.

Taking these points into consideration, many constraints are imposed, some of which are as follows:

Limitations on Read and Write

Applets cannot access (i.e., read from or write into) the local file system. This restriction is imposed on the applets to prevent searching and sending of valuable information, or even formatting of the hard disk, upon being downloaded onto the client’s computer. Applets cannot create any file in the local file system.

Limitations on Connectivity

Applets cannot create any network connection or transfer data to a third party server (i.e., the server which they were downloaded from). If it were allowed, the developer would be able to write malicious applets that send sensitive information from the client’s computer to other computers.

Limitations on Native Library Access

Applets are not allowed to access native libraries from other languages such as C++ though Java applications do so. If this was allowed, there would be no way to prevent applets sitting on the client’s computer from calling native methods that perform malicious actions.

Limitations on Process Creation

Applets are not allowed to spawn new processes from them. If this was allowed, users could write malicious applets that spawn too many new processes. These processes could make all the resources of the client computer busy. However, applets are allowed to create threads since threads belong to the same address space of the applet and cannot do too many malicious things.

Limitations on Events

Applets cannot detect or handle events that occur outside the applet area.

Limitations on Accessing System Properties

Applets are allowed to read some (not potentially vulnerable) system properties but not all. Table 16.1: shows some of the restricted system properties.

However, there is a category of applets, called privileged applets which may run outside the security boundary and have privilege to access the client computer. Also note that local applets (loaded from local file system) have none of the restrictions that are imposed on the applets loaded over the network. The reason for this is that local applets are considered to be more reliable than unknown applets from the network.

Source: Uttam Kumar Roy (2015), Advanced Java programming, Oxford University Press.

Leave a Reply

Your email address will not be published. Required fields are marked *