Win a copy of Java Mock Exams (software) this week in the Programmer Certification (OCPJP) forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Trusted applet - without signing ?

 
Sreedevi Vinod
Ranch Hand
Posts: 117
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
hi

The Whizlabs SCEA simulator says "In JDK 1.1, only signed applets were trusted whereas in JDK 1.2, any applet with the right security permissions can be trusted." Is this correct ? How can this be implemented without signing?

Thanks
Devi
 
Ernest Friedman-Hill
author and iconoclast
Sheriff
Posts: 24215
37
Chrome Eclipse IDE Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The Java 2 security model can grant permissions based on codebase (URL) as well. This is rarely used as it's rather unsafe: it could easily be defeated by a DNS poisoning attack.
 
Ulf Dittmer
Rancher
Posts: 42970
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It should be noted that an applet can not grant itself those permissions - they would need to be set up this way by a user on the client machine.
 
Happiness is not a goal ... it's a by-product of a life well lived - Eleanor Roosevelt. Tiny ad:
the new thread boost feature: great for the advertiser and smooth for the coderanch user
https://coderanch.com/t/674455/Thread-Boost-feature
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!