5.1. Downloaded Code, Applets, and the Java Security Manager

You probably have heard discussions about what applets can do in a Java-enabled browser. These discussions often gloss over one important point. Java doesn't apply security rules specifically to instances of subclasses of the java.applet.Applet class. Rather, it uses a security manager to apply rules to all classes. Different rules are applied to different classes depending on where the particular class was loaded from, and what, if any, signature was associated with it. Generally, the security manager applies restrictions to all classes except those that are loaded from the system's boot classpath. The boot classpath is the list of locations from which core classes are loaded. Usually, ...

Get Sun Certified Enterprise Architect for J2EE™ Technology Study Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.