On 10/27/2010 02:00 PM, Michael Cronenworth wrote:
Fedora 13 x86_64 with OpenJDK (not Sun) installed.
I was required to login to a web site today to configure a VPN and the
site installed a Cisco VPN Java applet. When it was finished installing
and was running I noticed the processes where running as root and had
installed into /opt. I had not given it my root password or any
permission to do so. It did not install any RPM package. It was all
driven by a Java applet.
$ ps -efw #id 502 is me
502 4791 2668 0 11:16 ? 00:00:19
/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0.x86_64/jre/lib/amd64/../../bin/java
sun.appl
root 4923 1 0 11:16 ? 00:00:00 /opt/cisco/vpn/bin/vpnagentd
Is this something "allowed" by some configuration setting in OpenJDK
somewhere? I'd like to turn off this "feature" ASAP.
Thanks,
Michael
The only way that could happen is if you were logged in, or otherwise
running the browser as user root.