Initially, the Java platform was designed to provide a platform on which non-operating system specific programming code could be executed. This code, called Java-applets, would run in a safe environment in which potentially untrusted code downloaded from the Internet could be executed without harm. As the platform has grown, it has evolved and its architecture now supports many security features such as a variety of application programming interfaces (APIs), tools, and implementations of commonly used security algorithms, mechanisms, and protocols. Developers now have a comprehensive security framework for writing applications and the user and administrators of these applications have the tools to securely manage them.
Cryptographic and public key infrastructure (PKI) interfaces provide the underlying basis for developing secure applications. Interfaces for performing authentication and access control enable applications to guard against unauthorized access to protected resources. In addition, many third-party providers have developed additional security services to enhance the platform and extend security beyond the base set of tools.
Java employs access controls to protect sensitive resources, such as local files and application code. The basic control in Java is the Security Manager class and it must be installed into the Java runtime in order to employ the necessary security features. By default, when Java is run via Web Start, the application is loaded and ran to initiate the security features it employs. However, when Java is run by either command-line or programmatically, the module must be invoked by a command-line command or loaded and executed by the calling program. The Security Manager module than provides the following benefits: where code is loaded from, who signed the code (if anyone), and default permissions granted to the code. The default permissions automatically granted to downloaded code include the ability to make network connections back to the host from which it originated. The default permissions automatically granted to code loaded from the local file system include the ability to read files from the directory it came from, and also from subdirectories of that directory. These, along with other protocols and permissions, make up some of the security features of Java.
Like any application or security system, Java is not perfect. Java has its own vulnerabilities and the following outlines one such incident.
Evaluation of Incident
Java has been a very hot topic for security managers this year due to a steady stream of 0-day Java vulnerabilities that have been disclosed, with many of them being exploited in the wild. However, the challenges of Java-based threats go deeper than your average 0-day vulnerability, and these challenges will likely affect your approach to how you control them. Oracle released a critical Java update that fixes more than 50 security vulnerabilities, based on the repeated warnings from the U.S. Department of Homeland Security; all employees were required to update Java as soon as possible. Oracle issued an update to its latest Java software that plugs more than 50 security vulnerabilities, including one particularly nasty flaw that was being actively exploited. The patch, Java 7 Update 13- critical updates were issued in consecutive odd numbers- was due to release on February 19, 2013 but was pushed ahead by two week.
Solution
Java SE is a component of so many popular software packages that any vulnerability in Java exposes an unlimited number of business and personal users to the potential of significant loss. There are two primary issues that needed to be addressed by Oracle. According to Security Alert CVE-2013-0809, “An arbitrary memory read and write vulnerability in the Java JVM process could allow an attacker to execute arbitrary code.” As an example, a hacker could use a social network to lure a user to a site and then load a program to their