Kevin Chadwick <ma1l1i...@yahoo.co.uk> writes: > I guess you missed all the exploits in JAVA over the years and > especially last year where it was banned for long periods from all > browsers. To the point that the pressure is building on web hosts to > drop JAVA KVM clients completely.
Most of the exploits in Java (I have no idea why you write the word in all caps) are flaws in the sandbox security model. While those are real vulnerabilities in the context of running untrusted Java applets downloaded from the network, they're not horribly interesting in the context of running trusted applications installed through normal signed apt repositories. > I'm starting to question if Debian takes security and correctness > seriously enough. While we would be sad to lose your insightful commentary in debian-devel, I'm sure we'd all understand if you felt like you needed to move to a different distribution. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87zjk4elhy....@windlord.stanford.edu
