<< Previous <<         [Session1 Index]            >> Next >>

Java Capability Example

Test Question:

In Java, to hand an untrusted object a file to read from, would you

Answer: (c)

In Java, if you want to hand a file to an object that only needs read-authority to perform its task, just hand it a ReadStream. Of course, in Java as it now exists, this actually doesn't give you very much protection: given a Java ReadStream, you can request the File object upon which the ReadStream is open, and from there you can access absolutely every aspect of the file, including the directory structure in which the file lives. This is one reason why Electric Communities developed E, an extension of Java that nevertheless runs on the Java Virtual Machine, and encapsulates capabilities like the ReadStream in a more systematic way. E allows the programmers and the users to deal with security concerns in a precise, reliable, flexible, yet straightforward way.