> > > Please take your FUD elsewhere. > > > > > > It's an implementation of the JavaCard specification. It's not > > > something that runs in your web browser, but they're both called > > > applets. > > > > Does it require a JRE to be installed (which the security community > > avoids for good reason), if so then it does reduce your server/machine > > security, though you may deem it acceptable and obviously not to the > > same level as java browser applets which are basically putting up a > > rental sign to any site you visit. > > Debian is not Windows. We have separate packages for the JRE and the > browser plugin.
What has Windows got to do with anything?!?! I am saying that just because something is less than terrible security wise, that doesn't stop it from reducing a machines security, some such as JRE even without plugins reduce security or increase attack and escalation vectors more than others. Obviously it is a balance of options and risk analysis. I'm just saying anything that requires a JRE would push it down my list if there are any choices and so not FUD as such but rather something that may be deemed as acceptable. Personally I wouldn't run a JAR on any server for example. -- _______________________________________________________________________ 'Write programs that do one thing and do it well. Write programs to work together. Write programs to handle text streams, because that is a universal interface' (Doug McIlroy) _______________________________________________________________________ -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/669740.43213...@smtp132.mail.ir2.yahoo.com