Quick Tour of Controlling Applets |
One way the Java platform provides protection from attack (for example, a virus) is through the use of a security manager. Currently, JDK system code invokes security manager methods to perform resource access control checks.Most browsers install a security manager, so applets typically run under the scrutiny of a security manager. Each such applet is not allowed to access resources unless it is explicitly granted permission to do so by the security policy currently in effect. In the JDK, the permission must be granted by an entry in a policy file.
Here's the source code for an applet named
WriteFile
that tries to create and write to a file namedwritetest
in the current directory. The applet shouldn't be able to create the file unless it has explicit permission in a policy file.Type this command in your command window:
(Type this command on a single line, without any spaces in the URL.)appletviewer http://java.sun.com/docs/writing/tutorial/src/security1.2/tour1/example-1dot2/WriteFile.htmlYou should see a message about a security exception. This is the expected behavior; the system caught the applet trying to access a resource it doesn't have permission to access.
Quick Tour of Controlling Applets |