Java Security and Type Safety

摘要

Java's ability to download, integrate, and execute code from a remote computer is a double-edged sword. On the positive side, the use of Java enables a computer to obtain new capabilities with little user intervention. In addition, Java requires no installation of hard-to-track-down and dubiously secure plug-in files. On the negative side, however, Java's intricate machinations leave a computer vulnernable to attack. A hostile Java applet could stealthily tamper with a host system's files or siphon off private data without the user's being aware of the damage until it's too late.