A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Win a copy of
Android Security Essentials Live Lessons
this week in the
Trusted applet - without signing ?
Joined: Jan 17, 2005
Nov 21, 2005 03:06:00
simulator says "In JDK 1.1, only signed
were trusted whereas in JDK 1.2, any
with the right security permissions can be trusted." Is this correct ? How can this be implemented without signing?
author and iconoclast
Joined: Jul 08, 2003
Nov 21, 2005 06:58:00
The Java 2 security model can grant permissions based on codebase (URL) as well. This is rarely used as it's rather unsafe: it could easily be defeated by a DNS poisoning attack.
[Jess in Action]
Joined: Mar 22, 2005
Nov 21, 2005 07:26:00
It should be noted that an applet can not grant itself those permissions - they would need to be set up this way by a user on the client machine.
Ping & DNS
- my free Android networking tools app
subject: Trusted applet - without signing ?
How do I make applet that uses system event queue work in the browsers?
printing from the client/browser using servlets on the server
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2014