P3
Subject: *new* security question
Date: 7 Feb 1996 17:43:07 GMT
From: ###@###.### (Martin Alley)
Organization: UnipalmPIPEX
Newsgroups: comp.lang.java
I've seen lots of talk about connecting to machines that are not the host
machine. What I want to do is have a ServerSocket applet (maybe like
William Weber). This applet will listen on a specified port number of the
client machine. I believe it should be possible (with the
SecurityManager) to restrict connections to this port, to be only from the
host machine.
Unfortunately I get a security expection as soon as I do a listen(). (This
doesn't happen when I run things locally). The way I would like it would
be to get an exception on doing an accept() if a connection was made by
any machine that was not the host machine.
Can anyone see what security risks would be incurred by allowing this?
Seems to me, just to mirror the existing restriction of connected from
client to host.
TIA
Martin Alley
Date: 7 Feb 1996 17:43:07 GMT
From: ###@###.### (Martin Alley)
Organization: UnipalmPIPEX
Newsgroups: comp.lang.java
I've seen lots of talk about connecting to machines that are not the host
machine. What I want to do is have a ServerSocket applet (maybe like
William Weber). This applet will listen on a specified port number of the
client machine. I believe it should be possible (with the
SecurityManager) to restrict connections to this port, to be only from the
host machine.
Unfortunately I get a security expection as soon as I do a listen(). (This
doesn't happen when I run things locally). The way I would like it would
be to get an exception on doing an accept() if a connection was made by
any machine that was not the host machine.
Can anyone see what security risks would be incurred by allowing this?
Seems to me, just to mirror the existing restriction of connected from
client to host.
TIA
Martin Alley