Re: Security Manager

Li Gong (gong@games)
Mon, 17 Mar 1997 18:41:06 -0800

Date: Mon, 17 Mar 1997 18:41:06 -0800
Message-Id: <199703180241.SAA20100@games.eng.sun.com>
From: Li Gong <gong@games>
To: radcliff@corporateu.com
Subject: Re: Security Manager
In-Reply-To: Robert A. Radcliffe's mail of Sun, 16 March, 1997

Robert A. Radcliffe writes:
> Is there a definitive spec on the Security Manager somewhere? I have
> been testing applets with URL's opening files at client and server with
> applet at client or server. Getting different SecurityManagerExceptions
> from latest IE and NAV browsers. Difficult to make inferences from
> behavior.
> -- Bob
> ---------------------------------------------------
> Robert A. Radcliffe radcliff@corporateu.com
> CorporateU http://www.corporateu.com/
> 517 North 19th Street Voice: 215-988-2150
> Philadelphia, PA 19130-3801 F a x: 215-988-2160
> ---------------------------------------------------

The definitive SecurityManager spec (in terms of its APIs) is in the
Java Language Spec book. However, the actual protection behaviors in
various browsers differ (where HotJava, version 1.0 shipped today, is
the most flexible).

We are in the process of upgrading SecurityManager and expect to be
more explicit about this aspect of Java security in the coming months.

Li

--
Li Gong, PhD
Java Security Architect
Senior Manager, Security Engineering
JavaSoft, Cupertino, California, USA
Email: gong@eng.sun.com
Web: http://java.sun.com/people/gong
Tel: 408-343-1825 and Fax: 408-343-1553