Comment by vbezhenar
15 hours ago
Any sandbox technology works fine until it isn't. It's not like you could escape Java sandbox, but Java applets were removed from the browsers due to issues being found regularly. In the end, browser sandbox is one of the few that billions of people use and run arbitrary code there every day, without even understanding that. The only comparable technology is qemu. I don't think there are many hosters who will hand off user account to a shared server and let you go wild there.
> Any sandbox technology works fine until it isn't.
Tautology is tautology.
> but Java applets were removed from the browsers
Java applets provided more scope compared to the browser itself, not less. They're not really comparable to seccomp or namespaces.
> hosters who will hand off user account to a shared server
There's lots of CI or function runners that expose docker-like environments.
> Java applets provided more scope compared to the browser itself, not less. They're not really comparable to seccomp or namespaces.
They are comparable because they provided a restricted sandbox to execute untrusted code.
> There's lots of CI or function runners that expose docker-like environments.
These are running inside VMs.
> Java applets were removed from the browsers due to issues being found regularly
Java applets were killed off my MS's attempt at "embrace, extent, extinguish" by bundling an incompatible version of Java with IE, and Sun's legal response to this.
They never worked nice and always felt slow, unreliable and janky at the time. It’s easy to blame MS but no one was sad to see the back of them.
I was fine with the few I used, and Java works much better on the hardware we now have. A lot better than a lot of cross platform things we have now.
No, Microsoft has nothing to do with it. Browsers are controlled by Google and Mozilla and they decided to block Java plugin.