Because an applet, resident on a Web server, is invoked by a browser on a client machine, most browsers place security restrictions on what an applet can do on a client machine. For example, applets cannot read, write, delete files, or list directories on the client machine. Applets cannot make network connections other than to the Web server it was loaded from. Applets cannot start new programs. Applets cannot read certain system properties such as the user's home directory or account name. The applet code cannot contain native methods, that is, methods written in a language other than Java.
Note that some browsers relax some of these restrictions when dealing with trusted, or signed, applets. An applet is held in a digitally signed jar (Java Archive) file. The technique of digitally signing a jar file is beyond the scope of this book. The recipient of this signed applet uses encryption techniques to verify the source of the applet. The applet
is then ''trusted" to perform most of the activities barred to untrusted applets.
Note that some browsers relax some of these restrictions when dealing with trusted, or signed, applets. An applet is held in a digitally signed jar (Java Archive) file. The technique of digitally signing a jar file is beyond the scope of this book. The recipient of this signed applet uses encryption techniques to verify the source of the applet. The applet
is then ''trusted" to perform most of the activities barred to untrusted applets.
No comments:
Post a Comment