O'Reilly logo

Sams Teach Yourself J2EE™ in 21 Days by Peter Roxburgh, Andy Longshaw, Debbie Law, Dan Haywood, Martin Bond

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security and the Servlet Sandbox

A servlet runs within the Web server and, if allowed, can access the file system and network or could even call System.exit() to shutdown the Web server. Giving a servlet this level of trust is not advisable, and most Web servers run servlets in a sandbox, which restricts the damage a rogue servlet could potentially cause.

A servlet sandbox is an area where servlets are given restricted access to the server. Servlets running in the sandbox can be constrained from accessing the file system and network. This is similar to how Web browsers control applets. The implementation of the sandbox is server dependent, but a servlet in a sandbox is unlikely to be able to

  • Access server files

  • Access the network

  • Run commands on ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required