In what way could Java applets pose a security threat?
A.
Their transport can interrupt the secure distribution of World Wide Web pages over the Internet
by removing SSL and S-HTTP
B.
Java interpreters do not provide the ability to limit system access that an applet could have on a
client system
C.
Executables from the Internet may attempt an intentional attack when they are downloaded on
a client system
D.
Java does not check the bytecode at runtime or provide other safety mechanisms for program
isolation from the client system.
Explanation:
“Java Security
Java applets use a security scheme that employs a sandbox to limit the applet’s access to certain
specific areas within the user’s system and protects the system from malicious or poorly written
applets. The applet is supposed to run only within the sandbox. The sandbox restricts the applet’s
environment by restricting access to a user’s hard drives and system resources. If the applet does
not go outside the sandbox, it is considered safe.
However, as with many other things in the computing world, the bad guys have figured out how to
escape their confines and restrictions. Programmers have figured out how to write applets that
enable the code to access hard drives and resources that are supposed to be protected by the
Java security scheme. This code can be malicious in nature and cause destruction and mayhem
to the user and her system.
Java employs a sandbox in its security scheme, but if an applet can escape the confines of the
sandbox, the system can be easily compromised.” Pg 726 Shon Harris: All-In-One CISSP
Certification Guide.