Re: How can I allow applet a partial access to clients computer?

Marianne Mueller (mrm@Eng)
Sun, 27 Jul 1997 17:53:48 -0700

Date: Sun, 27 Jul 1997 17:53:48 -0700
Message-Id: <199707280053.RAA09528@puffin.eng.sun.com>
From: Marianne Mueller <mrm@Eng>
To: ukgan@euler.mcs.utulsa.edu
Subject: Re: How can I allow applet a partial access to clients computer?

If you install the applet on the client's machine in a directory on
the client's CLASSPATH, then the applet has full access.

As for signed applets, the catch is that other than HotJava, the
Java-enabled browsers have yet to include support for Java digital
signatures.

Microsoft supports a different file format in its Authenticode signing
system, than the standard JDK Java digital signature format that was
introduced in JDK 1.1. Let the browser vendors hear from you, if you
want to use the open Java format. The Java digital signature file
format and all details on how the signing is accomplished is 100%
public.

Starting with the next major JDK release (public beta due out this
autumn) you will be able to specify partial access for signed applets.
Again, the usability of this with browsers will depend on whether or
not the browser vendors incorporate support for this functionality in
their browser, so do let the browser vendors hear from you, if you
like the Java security architecture, and our approach for allowing
limited forays outside the sandbox to trusted applets.

You might want to download a copy of the Java Web Server
(http://jserv.javasoft.com) and look at an example of using
servlets+applets. You might also make headway by using signed
applets with HotJava (http://java.sun.com/products/HotJava.) HotJava
does support partial access for signed applets.

Marianne