In order to administer the Java sandbox, you list the various permissions we’ve discussed in a Java policy file. Java virtual machines can use any number of policy files, but there are two that are used by default. There is a global policy file named $JREHOME/lib/security/java.policy that is used by all instances of a virtual machine on a host. We consider this to be a global policy file because it allows an environment where the JRE is mounted from a common server by several machines; each of these machines will share the definitions in this file.

In addition, there is a user-specific policy file called .java.policy that may exist in each user’s home directory ($HOME on UNIX systems, C:\WINDOWS on single-user Windows 98 systems, and so on). The set of permissions given to a program is the union of permissions contained in the global and user-specific policy files.

Policy files are simple text files. You can administer them with policytool , or you can edit them by hand. Hand editing is discouraged (in 1.3, policytool writes a warning at the top of the file not to edit it by hand), but real programmers still edit them by hand. Policy files are also used with JAAS, in which case their syntax changes slightly and you must edit them by hand (at least until 1.4, when JAAS becomes integrated with the SDK). So first, we’ll see how they look, and then we’ll look at how they are created with policytool.

Here’s how a typical policy file might look:

keystore "${user.home}${/}.keystore"; ...