icedtea-web installed and enabled by default in Fedora 19
Deepak Bhole
dbhole at redhat.com
Mon Jun 17 19:56:59 UTC 2013
* Rahul Sundaram <metherid at gmail.com> [2013-06-17 15:42]:
> Hi
>
>
> On Mon, Jun 17, 2013 at 3:26 PM, Dan Mashal wrote:
>
>
>
> There is no way in hell anyone here is going to fix the security holes
> in Java (open or closed).
>
> The only way to avoid the security holes caused by java is to not use it.
>
>
> That is too extreme. It is certainly possible to fix security issues in
> IcedTea and OpenJDK. Otherwise Fedora wouldn't be including it in the
> distribution and building a lot of packages using openJDK. If we don't
> include IcedTea by default and there are future security issues, it still needs
> to be fixed but the chances of it affecting users are reduced however we might
> be creating problems for users who are relying on IcedTea-Web to do their
> banking or other critical tasks and IcedTea-Web is not easily installable via
> the Firefox plugin search and it is a entirely un-obvious name for users to
> install using the package manager. Not a lot of people understand that Java
> applet source was never open sourced by Sun or Oracle and is not part of the
> OpenJDK project. If we can fix Firefox to install IcedTea on demand, that
> would be great.
>
+1 to fixing Firefox if we must stop it from being installed by
default.
As archaic as applets may be, they are still used in critical
applications such as for banking/trading/etc. and I think it should
always be possible for users to easily find it/install it if it is not
already done by default.
FWIW, Oracle has been taking JVM security very seriously lately -- we do
security releases on OpenJDK in Fedora and over the past few months, we
have seen a significant rise (past avg*3+) in the number of issues fixed
and also a significant rise in code hardening.
Cheers,
Deepak
> Rahul
>
>
> --
> devel mailing list
> devel at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/devel
More information about the devel
mailing list