Re: security violation

Marianne Mueller (Marianne.Mueller@Eng)
Mon, 4 May 1998 12:53:03 -0700 (PDT)

Date: Mon, 4 May 1998 12:53:03 -0700 (PDT)
From: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: security violation
To: java-security@web2.javasoft.com, lilyc@stic.net

Netscape doesn't pay attention to the ~/.hotjava/properties file, where
you set up the acl.read and acl.write.

Only appletviewer and HotJava pay attention to that file.

For more info see
http://java.sun.com/sfaq/
http://java.sun.com/security
http://java.sun.com/security/signExample
http://java.sun.com/security/usingJavakey.html

In general, I don't think untrusted applets are allowed to read and write
files in Netscape's browsers. They added some special hooks to allow
programmers to program this capability into their code. Those hooks
are non-standard (they'll only work on Netscape) - more info on
Netscape-specific hooks, see
http://developer.netscape.com/software/signedobj/index.html