Win a copy of The Little Book of Impediments (e-book only) this week in the Agile and Other Processes forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

applet restriction question

 
James Du
Ranch Hand
Posts: 186
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,

I always encouter the question asking what kind of operations are allowed or not for the applet.

While as per my knowledge, that could be different answers with different JDK versions.

With JDK 1.0, applets are restricted to perform certain sensitive tasks such as reading or writing a system file, as sun put it, it runs in the sandbox.

But with JDK 1.1, a digitally signed applets are treated as local code, which could have full access to the resource if the public key which verify the signatures is trusted.

And with the JDK 1.2, we can further fine-tune the actions allowed for an applet by the means of security policies, which implies the set of actions allowed vary greatly with different policies.

So, how could we respond to such type of question?

Regards,
James
 
Dan Drillich
Ranch Hand
Posts: 1183
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Go figure :roll:

Here is an excellent Sun page which describes the differences among JDK 1.0, 1.1 and 1.2: http://java.sun.com/docs/books/tutorial/security1.2/overview/index.html

-- Dan
[ February 28, 2005: Message edited by: Dan Drillich ]
 
James Du
Ranch Hand
Posts: 186
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Dan,

I've read the before, while that still can't solve my problem: If we encounter such question, how to respond ?

What of the following is an applet allowed to do ?
1)It can create as many thresds it wants.
2) It can obtain the users profile name
3) It can connect to the host it downloaded from
4) It cannot write to files at the users computer, howerver, it can read files.


regards,
James
 
Steven Wong
Ranch Hand
Posts: 295
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi James,

I believe you have to assume JDK 1.2 security model, which is what the examination tests you about unless it specifies JDK 1.0 / 1.1 security model in the question.
Also check out the java.policy file which will show you what you can / can't do by default.
 
Vaithiya Sundaram
Ranch Hand
Posts: 98
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I've read the before, while that still can't solve my problem: If we encounter such question, how to respond ?

What of the following is an applet allowed to do ?
1)It can create as many thresds it wants.
2) It can obtain the users profile name
3) It can connect to the host it downloaded from
4) It cannot write to files at the users computer, howerver, it can read files.


By default, Security Manager restriction applys to applets.
If nothing about security manager,policy file,signed applets mentioned then i think you have to just reply answers based on default behaviours.
In that way, i would pick up the answers 1 and 3 for the above question.

I have one question about applet security,
In 1.1 signed applets only can access user's system resources. In 1.2
though the applet is signed,the policy file settings are required to
access system resources. I have a doubt that if policy file allows can
unsigned applet also access user's system resources???


Thanks
Vaithiya
 
Maneshi tuli
Greenhorn
Posts: 18
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi

We assume on the basis of JDK1.2 behavour in repling these questions unless until its mentioned for other version of JDK.

As alot of questions are ther in Whitzlab which also described according to above assumption

regds
Maneshi
SCJP/SCWCD/SCBCD/SCEA-1
 
James Du
Ranch Hand
Posts: 186
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks for all,

It seems that I should go deeper in the JDK 1.2
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic