Security Improvements in JDK 1.4.1 Beta
The recently released beta of Sun's JDK, version 1.4.1, contains a
surprising number of improvements for a point release. Quite a number of
these improvements are either directly or indirectly security related.
The improvements begin with changes to the Java compiler (javac). In
several cases, previous versions of Sun's Java compiler failed to check
for null references when they occurred in certain infrequently
encountered expressions. The compiler also allowed language constructs
that were not permitted by the language specification. It is important
to correct problems like these because flaws in the language
implementation have been used in the past to undermine platform and
application security.
Three new security tools were added to this release of the JDK. The JDK
now includes kinit, klist, and ktab -- three tools that help users
operate in a Kerberos environment. Kinit allows users to obtain Kerberos
tickets, klist allows users to list entries in their credential cache
and key table, and ktab allows users to manage entries in their key
table.
The Java HotSpot virtual machine now includes a deadlock detector that
detects certain kinds of application deadlocks. The deadlock detector is
invoked manually with a special keypress and reports on the state of the
virtual machine.
Version 1.4.1 also fixes a handful of issues with Sun's reference
implementation of SSL in the JSSE -- primarily with regard to
interoperability with implementations from other vendors and with
previous implementations from Sun.
All in all, the final release of JDK 1.4.1 is shaping up to be one of
the best ever.
» posted by ITworld staff
ITworld
Symantec Backup Exec 12 and Backup Exec System Recovery 8 deliver industry leading Windows data protection and system recovery. Download this whitepaper to find out the top reasons to upgrade and how to get continuous data protection and complete system recovery.
Data and system loss — from a hard drive failure, malicious attack, natural disaster, or simple human error — can happen anytime. Don’t leave your business vulnerable. Make sure you have a secure recovery strategy in place. Symantec's latest backup and system recovery technology can efficiently restore critical applications, individual emails and documents and even restore your entire system in minutes in the event of a loss.
Businesses face a growing challenge to ensure that the IT environment is properly protected. Backup Exec 12 integrates with other applications in the Symantec family of products, to complement your current data protection strategy, keep your data securely backed up and make it recoverable when you need it most.
