Subject Re: [Firebird-Architect] External engines - metadata
Author Vlad Khorsun
> >>> Again, the ISP allows I run Java in his server because Java is "safe".
> >
> > Huh ? Java program can't send spam ? Or open socket ?
> No, unless you provide an appropriate permission.

To whom ? Who is security subject ? Process ? Or someone else ?

> Java is designed to
> run in a sandbox mode. When you turn the security manager on, you might
> not be able to even load particular classes, not only read stuff from
> the disk or connect to a socket (not saying about opening a socket). And
> it is possible to give disk access permissions to classes loaded from
> one library and not to the classes loaded from another one.

If Java security manager may give disk access permissions to classes
by its name, why do we need to integrate (read - re-invent) this functionality
into FB ?

> So, Java _is_ safe (unless somebody finds some exploit, but that's
> something that can happen to any code).

Undoubtedly ;)