[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
Re: [aspectj-users] Virus / unwanted code modification
|
I am aware of this. I am searching for some kind of paper addressing
this problem so I can reference to this ...
Am 09.07.2004 um 19:06 schrieb Wes Isberg:
AspectJ neither adds any security risk to Java and does not make it
easier to write Java viruses.
Since Java was designed for safe network download of code, it's a poor
medium for viruses. The scenario you describe is possible, but
expensive and easily subverted through standard Java security
practices. As Nick suggests, Java uses signed and sealed
jars/packages to prevent man-in-the-middle attacks of the kind you
mention, so your scenario applies only to applications deployed
without that. Further, it requires code run with VM permissions to
read and write to the filesystem (e.g., not applet or web
applications), which users/sysadmins are supposed to grant only to
valid code.
Further, the virus would have to haul around a bytecode weaver,
aspects, and the runtime jar, which would make it fairly big and
recognizable (and might make an ordinary application run out of memory
*smile*). A virus would more likely dump all that and do the bytecode
rewriting directly.
Wes
------------Original Message------------
From: Nicolai Kuntze <g-8@xxxxxxx>
To: aspectj-users@xxxxxxxxxxx
Date: Fri, Jul-9-2004 7:49 AM
Subject: Re: [aspectj-users] Virus / unwanted code modification
If I look at page 442 in AspectJ in Action there is an option to weave
precompiled classes. Ladded writes:"This enables you to apply
crosscutting concerns without needing access to the source files.
[...]" So if I add the the aspectjrt.jar to the target jar file and
modify the respective main method everything is fine. An infection
could go this way
- get the compiler
- search every java application
- and weave it with the infection aspect
- add aspectjrt.jar into the infected jar
Where is my fault?
Yours,
Nicolai
Am 09.07.2004 um 16:23 schrieb Nicholas Lesiecki:
At this point, the only way to have AspectJ affect your code is to:
a) Use the AspectJ compiler to compile it
b) Use a load-time weaver (weaving classloader)
Since both of these modes of action imply significant control over an
application, AspectJ seems an unlikely choice for the basis of any
virus. Furthermore, AspectJ does nothing to subvert Java's security
model, which I understand is quite tight.
Cheers,
Nick
On Jul 9, 2004, at 6:01 AM, Nicolai Kuntze wrote:
Hi,
working on my thesis I got the thougth someone could use aspectj as
the basetechnology for some kind of virus.
Are there any papers in this direction?
Yours,
Nicolai Kuntze
---- Diese Nachricht wurde auf Viren und andere gefaehrliche Inhalte
sowie Spam untersucht.
_______________________________________________
aspectj-users mailing list
aspectj-users@xxxxxxxxxxx
http://dev.eclipse.org/mailman/listinfo/aspectj-users
Nicholas Lesiecki
Software Craftsman, specializing in J2EE,
Agile Methods, and aspect-oriented programming
Books:
* Mastering AspectJ: http://tinyurl.com/66vf
* Java Tools for Extreme Programming: http://tinyurl.com/66vt
Articles on AspectJ:
* http://tinyurl.com/66vu and http://tinyurl.com/66vv
_______________________________________________
aspectj-users mailing list
aspectj-users@xxxxxxxxxxx
http://dev.eclipse.org/mailman/listinfo/aspectj-users
----
Diese Nachricht wurde auf Viren und andere gefaehrliche Inhalte sowie
Spam untersucht.
_______________________________________________
aspectj-users mailing list
aspectj-users@xxxxxxxxxxx
http://dev.eclipse.org/mailman/listinfo/aspectj-users
_______________________________________________
aspectj-users mailing list
aspectj-users@xxxxxxxxxxx
http://dev.eclipse.org/mailman/listinfo/aspectj-users
----
Diese Nachricht wurde auf Viren und andere gefaehrliche Inhalte sowie Spam untersucht.