This week's book giveaway is in the Mac OS forum.
We're giving away four copies of a choice of "Take Control of Upgrading to Yosemite" or "Take Control of Automating Your Mac" and have Joe Kissell on-line!
See this thread for details.
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes applet restriction question Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "applet restriction question" Watch "applet restriction question" New topic
Author

applet restriction question

James Du
Ranch Hand

Joined: Mar 23, 2001
Posts: 186
Hi all,

I always encouter the question asking what kind of operations are allowed or not for the applet.

While as per my knowledge, that could be different answers with different JDK versions.

With JDK 1.0, applets are restricted to perform certain sensitive tasks such as reading or writing a system file, as sun put it, it runs in the sandbox.

But with JDK 1.1, a digitally signed applets are treated as local code, which could have full access to the resource if the public key which verify the signatures is trusted.

And with the JDK 1.2, we can further fine-tune the actions allowed for an applet by the means of security policies, which implies the set of actions allowed vary greatly with different policies.

So, how could we respond to such type of question?

Regards,
James
Dan Drillich
Ranch Hand

Joined: Jul 09, 2001
Posts: 1180
Go figure :roll:

Here is an excellent Sun page which describes the differences among JDK 1.0, 1.1 and 1.2: http://java.sun.com/docs/books/tutorial/security1.2/overview/index.html

-- Dan
[ February 28, 2005: Message edited by: Dan Drillich ]

William Butler Yeats: All life is a preparation for something that probably will never happen. Unless you make it happen.
James Du
Ranch Hand

Joined: Mar 23, 2001
Posts: 186
Thanks Dan,

I've read the before, while that still can't solve my problem: If we encounter such question, how to respond ?

What of the following is an applet allowed to do ?
1)It can create as many thresds it wants.
2) It can obtain the users profile name
3) It can connect to the host it downloaded from
4) It cannot write to files at the users computer, howerver, it can read files.


regards,
James
Steven Wong
Ranch Hand

Joined: Mar 07, 2002
Posts: 295
Hi James,

I believe you have to assume JDK 1.2 security model, which is what the examination tests you about unless it specifies JDK 1.0 / 1.1 security model in the question.
Also check out the java.policy file which will show you what you can / can't do by default.


best regards,<br />Steven<br />SCJP, SCEA
Vaithiya Sundaram
Ranch Hand

Joined: Apr 22, 2004
Posts: 98
I've read the before, while that still can't solve my problem: If we encounter such question, how to respond ?

What of the following is an applet allowed to do ?
1)It can create as many thresds it wants.
2) It can obtain the users profile name
3) It can connect to the host it downloaded from
4) It cannot write to files at the users computer, howerver, it can read files.


By default, Security Manager restriction applys to applets.
If nothing about security manager,policy file,signed applets mentioned then i think you have to just reply answers based on default behaviours.
In that way, i would pick up the answers 1 and 3 for the above question.

I have one question about applet security,
In 1.1 signed applets only can access user's system resources. In 1.2
though the applet is signed,the policy file settings are required to
access system resources. I have a doubt that if policy file allows can
unsigned applet also access user's system resources???


Thanks
Vaithiya


Vaithiyanathan Sundaram<br />SCJP, SCBCD, SCEA part1
Maneshi tuli
Greenhorn

Joined: Dec 07, 2004
Posts: 18
hi

We assume on the basis of JDK1.2 behavour in repling these questions unless until its mentioned for other version of JDK.

As alot of questions are ther in Whitzlab which also described according to above assumption

regds
Maneshi
SCJP/SCWCD/SCBCD/SCEA-1


Thanks<br />Maneshi Tuli <br />SCJP/SCWCD/SCBCD/SCEA-1
James Du
Ranch Hand

Joined: Mar 23, 2001
Posts: 186
Thanks for all,

It seems that I should go deeper in the JDK 1.2
 
GeeCON Prague 2014
 
subject: applet restriction question