How is Hopwood’s Java interface attack related to least common mechanism principle?

I’m trying to understand LCM and how David Hopwood’s discovery is a noteworthy example of it. This site contains two important things. First, it identifies Hopwood’s interface attack (1996) as an example of LCM, and second, it includes a description (highlighted in the screenshot below) of the issue that seems to make things more clear than anything else I could find. The problem is I don’t understand the connection between this vulnerability and LCM.

Here is a screenshot of the referenced site:


least common mechanism from princeton.edu


Hopwood made the announcement through the SRI RISKS-LIST. The full announcement released in issue 17.83 is as follows:

Date: Sat, 2 Mar 1996 23:51:49 +0000 (GMT) From: David Hopwood <david.hopwood@lady-margaret-hall.oxford.ac.uk> Subject: Java security bug (applets can load native methods)  There is a serious security bug in the class loading code for the Java development kit and Netscape (all Java-enabled versions). If an attacker can arrange for two files (a "Loader" class, and a dynamic library) to be installed in any readable directory on the client machine, he/she can by pass all of Java's security restrictions. For example, the applet can read, write and execute files on the client, with the same permissions as the user of the browser.  The only way to avoid this bug at the moment is to disable Java. In Netscape this can be done by selecting 'Disable Java' in the 'Security preferences...'section of the 'Options' menu.    This bug affects all Java implementations based on Sun's source code. It is not related to JavaScript.  Further details will be posted when Sun and Netscape have released patches.  David Hopwood david.hopwood@lmh.ox.ac.uk ------------------------------ Date: Mon, 4 Mar 1996 18:08:58 +0000 (GMT) From: David Hopwood <david.hopwood@lady-margaret-hall.oxford.ac.uk> Subject: Java security bug (applets can load native methods)  Unfortunately my news server has been off-line for the past few days.  However, I'll try to address some of the questions that were raised onstrong-java@entmp.org and in private mail about the recently-discovered bug in Java's class loading code. The same questions have probably been asked on RISKS and/or comp.lang.java as well.  Apparently I wasn't clear enough in stating that this bug allows classfiles to be loaded from _any_ directory on the client machine, not simply those on the CLASSPATH or LD_LIBRARY_PATH. This includes, for example, /tmp,~ftp/incoming, or an attacker's home directory if he/she has an account on the same system.  The attack requires two support files on the client's system: a classfile and a dynamic library. Both files must be readable by the browser, and the dynamic library must be executable (this is always true for systems that have no file permissions). The path to the classfile from the client's root directory must be known by the attacker in advance.  Code demonstrating the bug has been written and tested on Linux and Digital Unix (OSF/1). It should be portable to all POSIX systems, and with a little work, to any system that supports Java. The demonstration is very easy to extend - hiding it within any applet would require adding only two extra lines of code. Changing the C code to execute any command would be a single-line change. For that reason, the code will not be described in detail or released publically until patches are available for both Netscape2.0 and the Java Development Kit.  David Hopwood david.hopwood@lmh.ox.ac.uk 

I have a general understanding that the LCM principal says “mechanisms used to access resources should not be shared” but I’m not able to apply it very well here. I also am not familiar with Java (and I don’t think I really have to be in this instance but it seems like it would help).

My question is, “What is the shared mechanism that is used to access resources?” (Is there another way to describe the crux of the issue?)

Interface for users that need to fill in data for thousands of items

The problem I encounter is that I have thousands of items a day (e.g. transactions of toys that have been purchased in a store). My goal is to provide the users with an interface to fill in manually 10+ data fields on this transaction (e.g. toy category, is it the main toy or something you purchase as extra, what age is it for, etc.). Then, I would categorize the data by the information the users provided me. How would you recommend doing it?

Thanks!

Interface examples for handling “page notes” and highlighted text comments?

I’m working on a collections-based interface (think Pinterest or Dropbox), and we’re implementing a feature that allows users to add Notes/Comments to various elements (folders/boards, files/pages, highlighted text, etc…).

These “notes” would be accessible either via an icon (say, a small Post-It note with the total count), or a sliding tray somewhere (there could be multiple notes for a specific item). Additionally, they’ll need to access any notes they’ve added to specific text they’ve highlighted on a page. Should this be included in the standard Notes, or be treated differently? Not sure…

I’m having a hard time finding inspiration for this, and would love to see examples of Notes being handled really, really well.

Does anyone have any screenshots they could share of existing apps? Or any thoughts on how we should be handling this? I’m a bit stuck here and could use some inspiration 🙂

Thank you so much!

-Lynn

Add an element to an interface without increasing the complexity of the layout

I need to implement a text and a switch to a login interface. This is what I made:

enter image description here

The problem is that I think it is a bit inappropriate, considering the layout and colors chosen in the interface. How would you improve it? Can it be a solution to close it inside a rectangular shape and move it to the center of screen?

import interface in mystrings.d.ts

I want to add multiple languages to my spfx web part.

Now I want to import some interfaces to my mystrings.d.ts declaration file. But when I do that it breaks the definition and I get a lot of errors like:

enter image description here

My question is if it’s possible to import interfaces to my declaration file for my strings so that i don’t have to write these definitions on my own?

Is it possible for DHCP in one network interface to assign a local IP address that overlaps with the subnet of another interface?

iface eth0 inet dhcp  iface eth1 inet static   address 192.168.1.1   netmask 255.255.255.000 

Is it possible for a host to connect to eth0 and get assigned an address that is part of eth1‘s subnet domain (anything from 192.168.1.2 to 192.168.1.255)?

What averse consequences will this have in practice and is the expected (mis-)behavior deterministic?

Is there something that can be done to prevent this while leaving the static and dhcp methods unchanged? I couldn’t find anything on the man page.

How to make this interface work when there are too many objects?

My situation is this: I have an administrative app for a school. A teacher can see a list of her classes, and their students, and you can drag a player from one class to another:

enter image description here

This works really well as long as the number of classes is less than about 12, after which it scrolls off the screen . But in my data set, I’ve got a small number of situations where I’d need to handle 20 or even 30.

What would be a good way to preserve the usefulness of this interface but handle the occasional large number of columns?

Terms for the interface (interactions and designs)

I’m Lin – this is my first post and I’m hoping you could help me out. I’m studying interaction design (via a Swedish uni) and I’m having some difficulty finding [English] terms for different interactions and interface designs. Terms like lightbox popup and modal overlays. A couple of days ago I found myself miserably failing in describing a feature on Amazon (gone now, must have been an A/B test) where, after you add an item to the basket, a window slides out from the right, displaying what’s in the basket, and with a button navigating to the checkout page. What would I call a function like this? What I really want to ask though, is if you know a website where I can find a list of terms and explanations for different types of interactions like this. Many thanks for your help, Lin

Adding a Plug or Interface to Existing Snap

I read through this, and it seems for a given snap (e.g. xournalpp), you can check it’s snap connections, existing interfaces, etc with snap connections [snap_name] but is there no way of adding a standard interface (e.g. removable-media) to an installed snap? (xournalpp, for instance did not have the removable-media interface listed, but had the home interface listed.)

I’ve seen others talk about it being impossible to add custom interfaces to installed snaps, but can one not even add such a common interface as removable-media to an existing snap? Is this really required to be set up by the developer alone?

I also saw some talk about yaml files controlling the availability of these interfaces, but didn’t manage to find where such a file would exist, or if this is a source file not available in a compiled/installed snap?

It seems like the inability to access removable drives by any snap in general unless the dev has specially statically written this into a yaml file somewhere is a bit crazy, but maybe I am missing something here?

edit: I am asking in general about adding interfaces to existing installed snaps, not specifically about removable-media, as others have found various workarounds for accessing removable-media via various hacks (mounting the media somewhere else, installing with the –classic flag, etc.). The first is hacky, and the second option pretty much eliminates the entire purpose of snaps (for me at least). I am looking for a straightforward way to do this for any existing interface from the core snap (at least).

Is it good UX to rearrange the interface?

I am frequently very annoyed by Google:

I google something, and then I want to view Images of that thing, so I click the second button under the search bar out of muscle memory… except often it can be Shopping, or Videos, or something other than “Images”.

Why does Google think it’s a good idea to “randomly” rearrange their interface like this?

I just wonder if anyone on the planet appreciates this UX choice, or if there are business incentives to doing it and trapping users on pages they didn’t expect to land on.