Activator - Security

Gray + Christy Jones (haasx009@gold.tc.umn.edu)
Fri, 6 Feb 1998 17:52:57 -0600

From: "Gray + Christy Jones" <haasx009@gold.tc.umn.edu>
To: <java-security@web2.javasoft.com>
Subject: Activator - Security
Date: Fri, 6 Feb 1998 17:52:57 -0600

This is a multi-part message in MIME format.

------=_NextPart_000_002C_01BD3328.0EC2D580
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

I am researching using Activator for an applet that needs access to the
local file system. This project needs to support both Netscape and IE.
I created a simple test applet that writes a file to the local hard
drive (I basically modified the writeFile example from you). When I run
it using activator, it allows the file to be created without displaying
any warning messages, etc. The applet isn't signed either. Is there
any security in the activator? I was hoping I would have to sign and
register before being allowed access to the local disk. Does this mean
that once you load the activator you are exposing your local system to
anybody who creates a html with the activator tags? That would not be
good....

------=_NextPart_000_002C_01BD3328.0EC2D580
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">

I am researching using Activator for an applet that needs access to = the
local file system.  This project needs to support both = Netscape and=20 IE.
I created a simple test applet that writes a file to the local=20 hard
drive (I basically modified the writeFile example from = you).  When=20 I run
it using activator, it allows the file to be created without=20 displaying
any warning messages, etc.  The applet isn't signed=20 either.  Is there
any security in the activator?  I was = hoping I=20 would have to sign and
register before being allowed access to the = local=20 disk.  Does this mean
that once you load the activator you are = exposing=20 your local system to
anybody who creates a html with the activator=20 tags?  That would not be
good....
 
------=_NextPart_000_002C_01BD3328.0EC2D580--