Describes the application's security requirements.
By default every application runs in a restricted execution environment (aka sandbox).
If an app runs in a secure sandbox, it must follow these restrictions:
- No access to local disk.
- All your jars must be downloaded from the same host. Note, however, that you can download extensions and JREs from any host
as long as they are signed and trusted.
- Network connections are allowed only to host from which your jars were downloaded. ("Phone home restriction.")
- No security manager can be installed.
- No native libraries (not even in extensions).
- Limited access to system properties. (The application has read/write access to all system properties defined in the jnlp file,
as well as read-only access to the same set of properties as applets
(see System Properties Available for Unsigned Apps for a complete list).)
If you specify
all-permissions, the app can do whatever it wants and has full access to the user's machine and local network.
Send your comments, suggestions, praise or coconuts to email@example.com
Copyright © 2002, 2003 Gerald Bauer