firefox blocks java

thufir hawat.thufir at
Sat Dec 21 08:34:48 UTC 2013

On Fri, 20 Dec 2013 12:55:45 -0600, Tommy Trussell wrote:

> On closer inspection that article is somewhat of an advertisement.
> However I think you can glean from it that the major threat is not Java
> alone, but Java embedded in web sites that exploit vulnerabilities --
> the places you can jump OUT of the sandbox, essentially.

It's not just an advertisement, it's misinformed:

"...and the software was not built with security in mind."  This is just 
flat-out wrong, Java, from the get-go, has been a sandbox.  That was one 
of its selling points.

In all honesty, I haven't looked into it.  However, Kaspersky is selling 
software for a different OS, an OS known to have security problems.  
They're not likely to say that the problem is inherent to the OS.

I have no idea how it really works, but I'm wondering if it's not that the 
sandbox per se is compromised, but perhaps it's just not really possible 
to sandbox a VM on Windows?

I've never seen, to my knowledge, and I haven't looked into it, a known 
case of the JVM sandbox, not sure of the technical term, not working on 

That is, is there an actual case of a program which can break out of the 
sandbox on Linux JVM?  I've never heard of one, and a cursory glance of 
the security mailing list, nothing popped out.


More information about the ubuntu-users mailing list