The parameters of the Java sandbox that we’ve outlined are possible elements of a Java application, but they are not required elements of an application. The remainder of this book will show us how and when those elements can be introduced into a Java application. First, however, we’re going to discuss the techniques by which Java applications can be run.

There are two techniques that we’ll introduce in this section: the JavaRunner technique and the Launcher technique. While both allow you to run an application securely, the examples in this chapter do not provide any security. We’ll fill in the security pieces bit by bit, while we flesh out the security story. At that point, we’ll show how to run Java applications securely.^[2]

Typically, we’re used to running Java applications simply by specifying on the command line the name of a class that contains a main() method. Consider this application that reads the file specified by a command-line argument:

public class Cat {
	public static void main(String args[]) {
		try {
			String s;
			FileReader fr = new FileReader(args[0]);
			BufferedReader br = new BufferedReader(fr);
			while ((s = br.readLine()) != null)
				System.out.println(s);
		} catch (Exception e) {
			System.out.println(e);
		}
	}
}

This is a regular Java application; if we wanted to run it and print out the contents of the password file on a Unix system, we could run the command:

piccolo% java Cat /etc/passwd root:x:0:1:0000-Admin(0000):/:/usr/bin/csh daemon:x:1:1:0000-Admin(0000):/: ...