This week's book giveaway is in the Cloud/Virtualization forum.
We're giving away four copies of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds and have James Denton on-line!
See this thread for details.
Win a copy of Learning OpenStack Networking: Build a solid foundation in virtual networking technologies for OpenStack-based clouds this week in the Cloud/Virtualization forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Liutauras Vilda
  • Campbell Ritchie
  • Tim Cooke
  • Bear Bibeault
  • Devaka Cooray
Sheriffs:
  • Jeanne Boyarsky
  • Knute Snortum
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Ganesh Patekar
  • Stephan van Hulst
  • Pete Letkeman
  • Carey Brown
Bartenders:
  • Tim Holloway
  • Ron McLeod
  • Vijitha Kumara

Applet Security  RSS feed

 
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi

If an applet is signed but the usePolicy is not defined in the java.policy, will the user be prompted to allow all permissions to be granted to the applet or will this be done without prompting the user

Thanks
Joe
 
Saloon Keeper
Posts: 4744
117
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A signed applet has all permissions, regardless what any policy says. Once the applet certificate is accepted by the user, no further checks will be done.
 
Ranch Hand
Posts: 180
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's not entirely true, a signed applets doesnt have necessary all the permissions. Signed applet just means it is a trusted code and can run outside the sandbox.
However the trusted code still has to comply to the rules defined in the security manager in the JVM, if it doent the operation will just be denied.
An exception is thrown, the user is not prompted.
 
Joe O'Toole
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks!

1 other question on this. If an applet is not signed but loaded from local directory it runs outside of the sandbox, right?
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!