|
|
|
|
|
|
by rexyo
5719 days ago
|
|
|
This is not entirely true.
There will be only 1 popup asking the user's permission to "run" java code through the browser. After that, the applet can download anything on the box it needs and execute it. The applet has full access to the local filesystem with the same priviliges the original user has. If needed the hackers can further exploit the machine, by escalating user priviliges with some corrupt scripting.. One click is enough to seriously damage your machine, be careful;) This is what the popup looks like in Firefox
http://www.ussu.ca/studentgroups/JavaApplet.jpg |
|
|
