• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Jeanne Boyarsky
  • Tim Cooke
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Carey Brown
  • Frits Walraven
Bartenders:
  • Piet Souris
  • Himai Minh

Signed Applet permission

 
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi

I understand a regular applet runs under brower's security manager and can read system properties, does not have access to local files, can not make connection to host other then where it was loaded from. While that part is easy but when an applet is signed and assuming the certificate is valid and user has accepted the certificate, what are the permisisons or things this signed applet can do running on client machine.

I searched on the internet and browsed through some books they all talk about how to sign applet not necessarilty what are the things a signed applet can do

Thanks in advance for all your feedback
 
Ranch Hand
Posts: 354
Eclipse IDE Oracle Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
This thread should clear it up.
https://coderanch.com/t/156176/java-Architect-SCEA/certification/applet-security
 
J Gupta
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Abhinav for taking time to reply to my post. But it does not address my question. I am looking for specific permissions that it will be allowed like for example is this allowed to connect to any port or it is allowed to connect to host other than it was loded from or in other words does the applet becomes like a stand alone application and can do anything it wishes to
 
Abhinav Srivastava
Ranch Hand
Posts: 354
Eclipse IDE Oracle Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

So signed Applets ask for permission to run, and are granted AllPermissions, unless there is a specific client-side policy for that Applet


Does that answer your question!
 
J Gupta
Ranch Hand
Posts: 30
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sure, thanks a lot
 
Ranch Hand
Posts: 123
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
If you are asking from SCEA viewpoint, I would like to add my twopence.

The question can be dealt with from historical perspective. The original Java 1.0 treated all applets as suspicious and provided a sandbox (kind of restrictions imposed on the user's system resources) to run them, while all local applications were given full access.

Java 1.1 allowed signed (trusted) applets (e.g. within the same network) to run like local apps.

However, Java 2 onwards, security is policy-driven, which allows it to be more powerful and granular. Policy is a polymorphic object that can decorate any Java object or parts of it that can be identified/accessed by the runtime.
 
F is for finger. Can you stick your finger in your nose? Doesn't that feel nice? Now try this tiny ad:
free, earth-friendly heat - a kickstarter for putting coin in your pocket while saving the earth
https://coderanch.com/t/751654/free-earth-friendly-heat-kickstarter
reply
    Bookmark Topic Watch Topic
  • New Topic