Comparison with Previous Releases
The
default sandbox is
essentially unchanged between 1.2 and 1.3.
In 1.2, there is no prohibition against defining classes in the
java
package.
In Java 1.1, the default sandbox is very different. The 1.1 sandbox
is determined solely by the security manager installed by the Java
program; although it is possible to write a security manager that
allows end users and administrators to configure different security
policies, few programs followed that course. For most Java
applications, this meant that no security manager was ever installed,
and the program ran with complete permissions. Java applets run
through the appletviewer and early, 1.1-based versions of the Java
Plug-in are subject to strict, nonconfigurable restrictions. Using
the signing tool of 1.1 (javakey
), it is
possible to sign Java applets; these applets can then be given
permission to perform any operation. However, the 1.1-based signing
infrastructure has been deprecated, and an applet signed with
javakey
will not be given any special
permissions in Java 2.
If you need to understand the 1.1 default sandbox, see Chapter 4 for a discussion of the security manager. Appendix D, shows how you can build a 1.1 application to run other Java applications with a security policy that you’ve written yourself.
Get Java Security, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.