Please, I just want to get a final answer (as I am not 100% sure). Is this TRUE: " An applet started on a LOCAL machine as of 1.2 will NOT have automatic access to "the list of goodies" (like files, all properties etc)...instead it has to (just like applets run on ANOTHER machine) be granted access via a security policy " I have read so many sources saying different things (java tut Vs people's answers Vs FAQ)
That is to say, "Does it or does it not have default access to everything."
I am also presuming that remote code no longer gets "placed immediately in the sandbox". Instead, it gets access based on security policy.
I really appreciate any clarification here!
Thanks in advance
SCJP, SCWCD, SCBCD, almost SCEA<br />... and a real developer too ;)
Java Security Manager is not installed by default for usual Java apps, but for applets the situation is opposite:
A browser may only have one security manager. The security manager is established at startup, and it cannot thereafter be replaced, overloaded, overridden, or extended. Applets cannot create or reference their own security manager.
JDK 1.1 introduced the concept of a "signed applet," as illustrated in the next figure. A digitally signed applet is treated like local code, with full access to resources, if the public key used to verify the signature is trusted. Unsigned applets are still run in the sandbox. Signed applets are delivered, with their respective signatures, in signed JAR (Java ARchive) files.
William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
Joined: Jul 09, 2001
Listen to this:
JDK 1.2 introduces a number of improvements over JDK 1.1. First, all code, regardless of whether it is local or remote, can now be subject to a security policy. The security policy defines the set of permissions available for code from various signers or locations and can be configured by a user or a system administrator. Each permission specifies a permitted access to a particular resource, such as read and write access to a specified file or directory or connect access to a given host and port..