Java2 Signed Applets and Security Policy Files

M. Gallant 03/26/2002

The Java2 security model supports fine grained security for Java applets and Java applications run under this JVM. For applets run within the most popular web browsers, use of Java2 currently requires specying the JavaPlugin. Starting with JavaPlugin version 1.2.2, RSA-signed applets functionality was introduced to aleviate issues with distributing/configuring end-user policy files. Properly RSA-signed Java applets provide an "all/nothing" privileges capability for these applets by default, unless the client's local policy file indicates otherwise.

The security privileges granted to a Java applet run under JavaPlugin 1.2.2+ depends on:

Is the Java applet RSA-signed? If so, does the client grant or deny requested privileges ?
Is there a local security-policy file implemented on the client machine ?
Does the policy file, if present, contain the RuntimePermission "usePolicy" ?

The examples below show several versions of a very simple single grant entry within a policy file. The information relates to J2RE version 1.3.0+.

----------------- Policy-File Issues and RSA-signed applets for JavaPlugin ----------------- grant { }; (RSA-signature examined; dialog prompt; if denied, no privileges; if granted, full privileges) grant { permission java.lang.RuntimePermission "usePolicy"; }; (RSA-signature ignored; policy file used; no privileges) grant codeBase "http://home.istar.ca/~neutron/-" { permission java.net.SocketPermission "*", "connect"; permission java.lang.RuntimePermission "usePolicy"; }; (RSA-signature ignored; policy file used; universal-connect privileges to codeBase code) [note: in this case, the applet does not need to be signed at all! no JAR is required. The class file could be deployed directly.] grant codeBase "http://home.istar.ca/~neutron/-" { permission java.net.SocketPermission "*", "connect"; }; (RSA-signature examined; dialog prompt; if denied, only policy file permissions granted; if granted, ALL permissions granted)