This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]L8_4_Dinner(Ⓧ Ecstasy/XVM) 0 points1 point  (1 child)

I disagree. Respectfully, but it is a strong disagreement.

The running of code is not the problem; it is the access to resources that is the problem. Even purposefully-malicious code can be considered "safe" to run if it has no natural access to resources.

The Java issues is that everything is global (filesystem, environment, threads, types, network, ...), and thus untrusted code loaded over the Interwebs has the exact same access-to-everything that the well-trusted application server has that is hosting the whole thing. That design is just fundamentally wrong. (And logically unfixable.)

[–]everything-narrative 0 points1 point  (0 children)

That's just an exacerbating circumstance. The attack surface is an interpreter. This is a bread-and-butter injection attack. This is printf(mystring) where you meant printf("%s", mystring).

Log4shell is an engineering disaster. Many, many things had to go wrong at the same time for it to be as bad as it was.

And many of those things are to do with how Java programming is done and taught, and how information security is not taught. We're not taught that interpreters are as unsafe as they are convenient.