How secure is object sharing?
The security of object sharing relies on AIDs. If an applet may be loaded with an arbitrary AID, then your security is pretty much out the window. This is why the security mechanisms provided by Open Platform are so important. Beyond that, we still face a few issues:
- Once a shareable object reference has been granted to a client, it can't be revoked. This notably means that even if the server has released the object, it can't be garbage-collected if the client hasn't done so.
- There is no way to prevent a legitimate client from acting as a proxy for hostile clients (man-in-the-middle attack).
- If a shareable object implements several shareable interfaces, we can't restrict a client to just one of these interfaces. Thus, this kind of design should be avoided.