JDK 1.2 applet security: client-side changes = bad

Paul Williams (Paul@criterioninc.com)
Wed, 23 Sep 1998 17:57:53 -0500

I wrote a Java applet client to my company's succession planning/career
development package. I coded to the existing JDK 1.0.2 browser
implementations of the time (yuck!). Since the applet couldn't leave the
sandbox, its functionality was limited.

I want my applet to print. To do so, I must leave the sandbox. Unless I am
mistaken, I cannot use the JDK 1.2 security mechanism to implement printing
without client-side modifications. This JDK version requires some
computer-savvy person to create a permissions file, and it requires me to
supply my identity certificate so the users can load it into their database.
My users aren't that good, and I don't want to tax their internal support
departments to make every machine grant my applet permissions.

To me, the primary advantage of Java applets is minimal changes to the
user's machine. I don't want to force my users to install any software on
their machines (besides a browser). If I must modify their machine, I might
as well install a Java or C++ application. Using my applet should be as
easy as clicking on a link-- everything should run automatically.

Maybe I'm missing something. I realize I don't know all of the design
problems you have faced, and I know I'm not a Netscape or Microsoft security
guru. Nevertheless, I still want my signed applet to get permissions
without any client modifications whatsoever.

I'm not sure how browsers will implement JDK 1.2 security. I assume they
will continue to ignore your standard security mechanisms. Do you mean for
the browser to fake a permissions file for my applet? Can browsers use JDK
1.2 security and still allow us to sign applets with certificates from the
major CA's? If my users installed the upcoming JDK 1.2 version of the Java
Plug-In, would I have to grant permissions and install my signing identity
on all of their machines?