It's pretty scary to think that a Web site can run code on your machine without your knowledge. Sun realized the potential problems with downloaded code and decided to create an applet sandbox—a restricted runtime environment that prevents an applet from corrupting the local system. The sandbox imposes several restrictions on an applet.
Some browsers relax the security policy for applets that are loaded from files on the local system—that is, files that are loaded with a type of "file:". If you load a file with "http:", even if the file is stored on you local drive, you will be under the full scrutiny of the security manager.
File access is one of the most vulnerable places for malicious ...