File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Developer Certification (SCJD/OCMJD) and the fly likes Do I really need a security policy? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Certification » Developer Certification (SCJD/OCMJD)
Bookmark "Do I really need a security policy?" Watch "Do I really need a security policy?" New topic
Author

Do I really need a security policy?

Charley Zuo
Greenhorn

Joined: Jan 10, 2002
Posts: 4
Hi,
I saw some people using security policy which grants all permissions. I am just wondering if this is really necessary. Since if the application is running without a security manager, there is no requirement to establish permissions for that application. By default, the application has full access to all resources. Also, by default, an RMI program does not have a security manager installed, and no restrictions are placed on remotely loaded objects.
Did I miss something?
Charley
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17249
    
    6

For the assignment I only used security on the client. Not really necessary, but just shows the assessor you understand how to use it, even though in our cases we grant all access.
Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
Charley Zuo
Greenhorn

Joined: Jan 10, 2002
Posts: 4
Mark,
Thanks for your reply. So I suppose they won't take points off if I don't use security manager in my assignment, since there is no requirement in the documentation. If anyone knows it is not true, please advise. Thanks.
Charley
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Do I really need a security policy?
 
Similar Threads
how do we deploy app with security manager to clients?
Custom Policy, Security Manager? Best approaches?
MultiPartRequest Servlet & Security
RMI Port Number
Probably a stupid question, the benefit of policy files?