java – How to load the policy file without sending parameters to the JVM?

Question:

I have a Dynamic web project, specifically I am working with an applet that in turn calls other Jars. Locally, in the Run configurations section of Eclipse, I can tell the vm to load the file using the arguments:

-Djava.security.manager -Djava.security.policy=/path/to/other.policy

Or I can also modify the java.policy file that Java has by default in the folder:

/lib/security/java.policy

Then

How do I do it if the app is going to be on user machines or on third-party servers? I cannot modify the java.policy file of each user or that of the third-party server or send parameters to the vm.

How to make the vm load the policy of each Jar? Not all jars have the same access permissions to resources.

Answer:

How do I do it if the app is going to be on user machines or on third-party servers? I cannot modify the java.policy file of each user or that of the third-party server or send parameters to the vm.

You can't because it would be a serious security flaw: If an applet could use a policy file that was, for example, in a URL external to the client's machine, the whole system would be compromised.

If you want the system to trust your Applet (something that is considered obsolete today), it must be signed , with which you could ask the user for permission to access system resources (for example, files).

Scroll to Top