HELP: checkPackageAccess

Ke-Qiang Liao (Ke-Qiang.Liao.kqliao@nt.com)
Thu, 23 Apr 1998 11:25:59 -0400

From: "Ke-Qiang Liao" <Ke-Qiang.Liao.kqliao@nt.com>
To: "'java-security@java.sun.com'" <java-security@web4.javasoft.com>
Subject: HELP: checkPackageAccess
Date: Thu, 23 Apr 1998 11:25:59 -0400

Hi,

I have a detailed question concerning the method
checkPackageAccess of SecurityManager.

Say we have two packages pv (private) and pb (public),
and we implement the security manager in such a way that
an applet can not access the private package pv but
it can access the public package pb, subject to some
other security restrictions. My question is:

If an applet uses (subclass, invoke a method, implement
an interface, etc.) a class in pb and that class in pb
uses in its turn another class in pv, is the method
checkPackageAccess() called twice (for both pv and pb
accesses) or just once (for pb access only)?

Basically, the question is about the interactions
between an applet class loader (implemented by us) and
the system class loader.

According to the HTML documentation of JDK1.1.4, the method
checkPackageAccess(String pkg)

Throws a SecurityException if the calling thread is not
allowed to access the package specified by the argument.

That means the method is called twice in the above-mentioned
case. I have tried several cases, however the results do not
lead to a clear conclusion.

Could you help me? Many thanks in advance.

Christian Liao
Nortel, Canada