From: Chris Del Signore <cdelsignore@gadzoox.com>
To: "'java-security@java.sun.com'" <java-security@web2.javasoft.com>
Subject: JDK 1.1 security and JARS
Date: Wed, 16 Jul 1997 08:07:06 -0700
Hello,
Will JAR files allow a "trusted" applet to run with all the privileges =
of an
application on the clients system? The following paragraph taken from =
http://java.sun.com/products/jdk/1.1/docs/guide/security/index.html =
confuses me. It implies to me that only an jar file that is loaded into =
an appletview will be allowed access to the same system resources as an =
application. If the same JAR is loaded into a browser, it will still =
have the same security restrictions (ala JDK 1.02). Is this statement =
true? =20
Thanks for your help....
Chris Del Signore
>> paragraph from java.sun.com
"A JAR file is a Java archive that can contain Java classes and other =
data, such as images and sounds. The appletviewer allows any downloaded =
applets in JAR files signed (using the tool) by a trusted entity to run =
with the same full rights as local applications. That is, such applets =
are not subject to the sandbox restrictions of the Java security model. =
Note that the appletviewer is a debugging aid for people experimenting =
with digital signature technology, and people writing applets; it is not =
a browser that people typically use for browsing the World Wide Web. =
JavaSoft is committed to the safety and security features that people =
have come to expect from the Java security model and the sandbox. "