SLUG Mailing List Archives - [SLUG] java security in Linux

To: slug@xxxxxxxxxxx
Subject: [SLUG] java security in Linux
From: Russell Davie <rjrd@xxxxxxxxxxxxxx>
Date: Mon, 06 Jun 2005 11:30:38 +1000
User-agent: Debian Thunderbird 1.0 (X11/20050116)

Hi
Please give your advice on security of Java in Linux.

scenario:

I have just received a email from ANZ bank (which I don't bank with, so itslikely to be phishing) that is linked to a bunch of Java scripts. This is shownin Mozilla-Thunderbird when I move the cursor over the link.

As a user has permission to run Java, can opening this link and running the Javascript be a potential security risk?

What can be done about this to prevent this from happening if an email leaksthrough the spam filters?


Java permissions on this machine:
:~$ ls -la /usr/lib/j2sdk1.5-sun/bin/java
-rwxr-xr-x  1 root root 64492 2005-04-13 20:55 /usr/lib/j2sdk1.5-sun/bin/java

Linux athlonbox 2.6.6 #1 Sun May 8 12:44:37 EST 2005 i686 GNU/Linux

Debian/unstable

regards

Russell

Follow-Ups:
- Re: [SLUG] java security in Linux
  - From: Marek Wawrzyczny

Messages sorted by: [ date | thread ]
Prev by Date: RE: [SLUG] Bogus CommBank alert warning
Next by Date: Re: [SLUG] java security in Linux
Previous by thread: RE: [SLUG] Bogus CommBank alert warning
Next by thread: Re: [SLUG] java security in Linux