On 11 February 2016 at 06:48, Tim <ignored_mail...@yahoo.com.au> wrote:
> Allegedly, on or about 10 February 2016, jd1008 sent: > > I am sorry to burst the bubble that was perpetrated by Sun > > Microsystems. I worked at Sun Microsystems as a contractor and talked > > to a very senior developer at Menlo Park. I knew this developer from > > working with him in a previous company. Under my oath never to reveal > > his name, he clued me in that the fictitious "sandbox" was the entire > > system. > > I'd go along with that, I never believed the sandbox thing. After all, > you can upload any file of your choosing through a Java thing in a > website, and it could save a file to anywhere you selected. That's > hardly sandboxed. > > And, if you went through the Java preferences, on those browsers that > gave you an extensive interface. You could select all sorts of breakout > allowances, many of which were preset to allowed. > > Just to bring things back to reality though. The claim was that *javascript* could execute sudo commands and has full access to the system (no sandbox) and that has nothing to do with java applets/applications whatsoever.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
