Re: Question

Roland Schemers (Roland.Schemers@Eng)
Mon, 15 Jun 1998 12:12:40 -0700 (PDT)

Message-Id: <199806151912.MAA11113@crypto.eng.sun.com>
Date: Mon, 15 Jun 1998 12:12:40 -0700 (PDT)
From: Roland Schemers <Roland.Schemers@Eng>
Subject: Re: Question
To: java-security@web3.javasoft.com, godzilla@cyber1.servtech.com

For beta4, java.class.path was split into two:

java.class.plath
java.sys.class.path

So java.class.path essentially becomes java.app.class.path, and real system
classes (i.e., class.zip, which is now called rt.jar) are placed on
java.sys.class.path and are immune to -classpath, etc. In order to
install a default security manager for applications, -Djava.security.manager
can be used:

java -Djava.security.manager MyApp

roland

> Hello Security Team,
>
> I am a xontract instructor for Sun Educational Services and I am
> scheduled to teach a new class we have , Implementing Java Security,
> next week. While I was prepping a little before Monday, I realized I
> have a question.
>
> There is or was a property called java.app.class.path once for
> indicating code that should be found like it is in the CLASSPATH but not
> to be trusted as normal - subject to protection domain ideas and the
> like. Cool idea. The confusion is, does this property still exist? And
> if not, is there any mechanism for providing this behavior?
>
> Thank you for your time.
>
> --
> ~~~~~~~~~~~~~~~~~~~~
> Todd M Greanier
> Senior Java Instructor
> Lake Systems, Inc.
> www.lakewave.com
>
> *** If someone with multiple personalities threatens to kill himself,
> is it considered a hostage situation? ***