A permission is a specific action that code is allowed to perform. Permissions may be specific (e.g., the file C:\WINDOWS\Desktop\My Documents\Chapter2.fm can be read but not written or deleted) or very general (e.g., the code can do anything it wants).

Permissions are composed of three elements: the type of the permission, its name, and its actions . The type of the permission is required; it is the name of a particular Java class that implements the permission. Although no programming is involved in administering the default sandbox, administrators must know the Java class name of various permissions in order to allow code to perform those operations.

A few permissions (like java.security.AllPermission , which allows code to do anything) require no name. Otherwise, the name is based on the type of the permission; for example, the name of a file permission is a file or directory name. The names of permissions are often specified as wildcards, such as all files in a directory or all hosts on the local network.

The actions of a permission also vary based on the type of the permission; many permissions have no action at all. The action specifies what may be done to the target; a file permission may specify that a particular file can be read, written, deleted, or some combination of those actions.

Here are three examples of permissions. The first carries only a type; ...