This week's book giveaway is in the Design forum.
We're giving away four copies of Design for the Mind and have Victor S. Yocco on-line!
See this thread for details.
Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Downloaded applet to be trusted automatically by the firewall/server

 
Joe O'Toole
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

I read on whizlabs that if a firewall or server filters packets by ip address, it would be possible for a downloaded applet to be trusted automatically by the firewall/server.

Does this mean that if I download an applet from a particular site, e.g. http://mysite.com - it would be possible to setup rules on my firewall to ensure the applet is trusted automatically, i.e. user is not prompted to trust the applet. If so does it apply to all applets regardless of whether they are signed or not

Thanks
Joe

 
Paul Clapham
Sheriff
Pie
Posts: 20966
31
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It's the browser, or more specifically the Java plug-in, which asks you whether you want to trust a signed applet the first time you download it. I don't believe there's any "security features" which allow the browser to delegate that decision to some other component.

As for what you read on whizlabs, you didn't quote it so there's no possible way for me to say whether it means what you said or not.

 
Joe O'Toole
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Just wanted to provide some more information on this question as my initial posting was not entirely accurate. On whizlabs giving the description to a particular applet question they provided the following additional information relating to applet security:

"If a firewall or server filters packets by IP address, then it would be possible for a downloaded applet to be trusted automatically by the firewall/server(a downloaded applet sending requests from your machine would be sending them with your trusted IP address). "

Just wondering if the above makes sense to anyone? I am not sure if it means the applet would be somehow trusted whilst it is been downloaded or if it means that if an untrusted applet attempts to make calls make to what is not the host from where it was downloaded it would somehow allow such requests

Thanks
Joe
 
Paul Clapham
Sheriff
Pie
Posts: 20966
31
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That doesn't sound like it has anything to do with the normal meaning of trusted applets, i.e. the user telling the browser to trust the applet with respect to its actions on the client. It sounds more like the scenario of there being a server somewhere, and the applet is sending requests to it, and that server is hard-coded to accept requests only from a certain IP address, so the firewall could send those requests as if they came from that IP address.

But I don't know what that has to do with applets. The firewall could just as well do that with all requests going to that server, and I'm not persuaded that the firewall could even tell that such a request came from an applet. Or that it could be configured to make that distinction.

In other words I guess what I'm saying is that it sounds extremely implausible to me. But then I'm no expert on firewalls.
 
Joe O'Toole
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for the response Paul

Does not make a huge amount of sense to me either. I thought I'd ask as I seen in across a number of the whizlabs mock exams

Joe
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic