...
ENV00-EX1: An organization that has an internal PKI and uses code signing for internal development activities (such as facilitating code check-in and tracking developer activity) may sign unprivileged code. This code base should not be carried forward to a production environment. The keys used for internal signing must be distinct from those used to sign externally available code.
ENV00-EX2: As of update 21 to Java 7, Oracle recommends that all applets and JWS apps should be signed. It is intended that at some point in the future, unsigned applets and JWS apps will no longer run. This is due to the recent exploits that attacked Java's security sandbox. Consequently, signing an applet or JWS app that runs in Java's (unprivileged) security sandbox is not a violation of this guideline.
Risk Assessment
Signing unprivileged code violates the principle of least privilege because it can circumvent security restrictions defined by the security policies of applets and JNLP applications, for example.
...
| |
Appendix C, Sign Only Privileged Code | |
|