Discussions

News: Article: Security comparison between Java and .NET

  1. Article: Security comparison between Java and .NET (8 messages)

    Denis Piliptchouk has written an article which compares the security features of Java 1.4, and .NET 1.1. This first article in the series delves into Security Configuration and Code Containment. The article is very unbiased, and just goes through the issues without prejudice.

    Article Conclusions

    "This article covered security configuration issues and different aspects of code containment on .NET and Java platforms. Java offers a lot of advantages with its configurability. When it comes to code containment, both platforms have pretty strong offerings, with .NET having slightly more choices and being more straightforward to use."

    Read Java vs. .NET Security, Part 1

    Threaded Messages (8)

  2. It's nice to see something like this on TSS that's not overtly .NET oriented. Pleasently neutralIt's nice to see something like this on TSS that's not overtly .NET oriented. Pleasantly neutral although sadly rather short.

    One aspect not covered is the host OS, how does an insecure Java app running on locked down BSD, Solars, AIX, HP-UX, Linux, etc. compare to an insecure .NET app running on one of the .NET platforms, oops I meant "THE" .NET platform.

    -John-
  3. Sorry about the repeat in the first line (above), I always cut and paste in and out of TSS editor box after spell checking it and missed the first line.

    How about a spell checker guys, Jive does it really well.

    -John-
  4. spell chekcer[ Go to top ]

    http://www.iespell.com/
  5. spell chekcer[ Go to top ]

    Nick, you should know better!!! "iespell" is for IE, I'd rather read raw HTML than use IE.

    -John-
  6. Interesting read ...[ Go to top ]

    ... though bit lacking on insight into how .Net and Java security capabilities compare. I mean, it is nice to know the pathnames of various configuration files under these two systems but what would be more interesting is to know what can be controlled through these configuration files under each of these environments. For example, Under Java, specific types of permissions are defined as part of the library classes (think of FilePermission or SocketPermission) and the policy files can grant these permissions to specific code, specific signed code, a particular logged-in user or any combination of these. Is the basic permission mechanism same in .Net?

    Pankaj Kumar
    www.j2ee-security.net
  7. Yes, .NET has specific permissions, just like Java. For example, you can grant an assembly Registry permission and then say which keys and whether the access is read only.
  8. http://www.eweek.com/article2/0,4149,1400446,00.asp
  9. Grow up dude[ Go to top ]

    You are also never going to be mentaly dead, EVER.