Re: Implementing multilple sandboxes

Marianne Mueller (Marianne.Mueller@Eng)
Tue, 21 Apr 1998 17:29:34 -0700 (PDT)

Date: Tue, 21 Apr 1998 17:29:34 -0700 (PDT)
From: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: Implementing multilple sandboxes
To: java-security@web1.javasoft.com, strangie@fox.uq.net.au

In JDK 1.1.x, you can have some applets be trusted and some remain untrusted.
The trusted applets have complete access, not fine-grained.

An applet is regarded as trusted if either (or both) of these is true:
* it's installed in a directory on the CLASSPATH (installed locally)
* it's signed by a signer marked as "trusted" in the identity
database

There's no clean way in JDK 1.1.x to associate different policies with
different classes. You can divide applets into those two groups,
trusted and untrusted, and it's all or nothing (either the applet is
confined to the sandbox or it has full access.)

In JDK 1.2, you can describe security policies for any classes, not just
applets, and you can express fine-grained access control.

For info on 1.1.x signing, see http://java.sun.com/security/signExample
and http://java.sun.com/security/usingJavakey.html

For info on 1.2 security, see
http://java.sun.com/products/jdk/1.2/docs/guide/security/index.html

Marianne