Re: Suggestion

Marianne Mueller (Marianne.Mueller@Eng)
Mon, 8 Jun 1998 17:47:00 -0700 (PDT)

Date: Mon, 8 Jun 1998 17:47:00 -0700 (PDT)
From: Marianne Mueller <Marianne.Mueller@Eng>
Subject: Re: Suggestion
To: java-security@web2.javasoft.com, redpath@us.ibm.com


> Certificate controlled access for Applets is fantastic and I would
> like to make a suggestion. The Java VM should allow a security
> properties option to apply this control to an Java application. Finally a secure
> way to use executable applications.

thanks! Seldom do we hear an encouraging word on this alias :-)

In JDK 1.2, any Java class can be identified in the security policy file
by either (or both, or neither) attribute

URL where the code came from == codebase
who signed the code == signer

The codebase+signer we call CodeSource. A CodeSource is associated with
exactly one protection domain. The VM establishes, keeps track of, and
separates the protection domains. A protection domain has a set of
permissions, which are described in the policy file. For example
one CodeSource might have permission to read the file named "/etc/mail/duke"
and other CodeSource might be given permission to establish a network
connection to "us.ibm.com."

Note that CodeSource != applet, CodeSource != application. A single
application or applet could possibly be made up of multiple protection
domains (although this is not the usual case.) But if someone combines
several JavaBeans into one application and each bean is signed by a different
vendor and gets a different set of permissions, then you'd have multiple
protection domains.

For information on JDK 1.2 security, see
http://java.sun.com/products/jdk/1.2/docs/guide/security/index.html