Java security rule #12: Consider using the Java security manager Java has a security manager that can be used to restrict the resources a running process has access to.

(The exploit may affect Java 6 as well.) "A vulnerability in the Java Security Manager allows a Java applet to grant itself permission to execute arbitrary code," the alert said.

What is the Java Security Manager? Java is known as a secure language for development because the JVM carefully controls what an application can do to the local host system. But as normally configured ...

Permanently disabling the security manager involves revising the Java platform specification so developers cannot enable the security manager, while other platform classes do not refer to it.

Bit9 released a report last week underscoring the ongoing security risk to the enterprise posed by outdated versions of Java still up and running on company machines.

It's well known that Java platform applications are safe due to its security features. The security policy prevents any Java application from writing to files, creating network connections or ...

The demo shows how to bypass Navigator’s Java Security Manager, which is supposed to prevent Java applets from reading local files.