i believe there's a decent overview here:
http://java.sun.com/products/jdk/1.2/docs/guide/security/permissions.html
> Is it possible to change this behaviour?
you can modify the permissions granted to your applications
by modifying your policy. for more information:
http://java.sun.com/products/jdk/1.2/docs/guide/security/index.html
thanks,
charlie