Securing Server Side Java

Java has many security features built in that were needed for Java Applets to protect clients from malicious programmers, one example being the 'sandbox' that the Java Virtual Machine utilizes. These feature that provided security to protect users from code downloaded off the Internet can help make server side Java more secure. Java code executed on the Java Virtual machine is different from a typical 'C' application running on top of the machine's operating system. Java code running in the virtual machine is restricted from accessing resources on the machine outside of the Sandbox as the file system or network resources can only be accessed if explicit permission is given. The buffer overflow is one of the most exploited security flaws of networked applications. The design of the Java Virtual Machine is theoretically immune to such an attack. The Java platform has also benefited from not having a famous and widespread exploit publicized widely. Because of this some server side Java programmers think that these built in protections are adequate for securing their applications. Nothing could be further from the truth. These protections can only be considered one layer of the security onion.