HotJava(tm) Browser Applet Security

Basic Applet Security
Advanced Applet Security
Applet Security Developer Notes
HotJava Browser trustProxy Property

Use the Applet Security page to set the level of security applied to applets running in the HotJava Browser on your system. Access this page by selecting Edit->Preferences->Applet Security.

Applets are small programs included on some Web pages that the HotJava Browser downloads to your computer when you access that page. These programs are executable code that runs on your computer system. HotJava can prevent them from affecting your system in any way.

When you download an applet, you don't know what that applet does. It is probably benign and useful, but without security restrictions, it has the potential to erase or alter data, infect your system with a virus, make your system crash, or damage it in some other way.

So how do you know which applets are trustworthy, and which are not? For signed applets, the applet's signature gives you a clue. A signature is a sequence of characters embedded in the applet's code. It is placed there by the originator of the applet, and it can't be altered or duplicated. It tells who the applet comes from, and that the applet has not been tampered with. A signature doesn't tell you anything about the content or quality of the applet, just that it comes from the source it's signed by. If an applet is signed with a name you recognize and trust, you can probably have confidence in it.

The majority of applets currently on the Web are unsigned applets. Unsigned applets are probably reliable, but you have no way to know for sure. It's also possible for an unsigned applet to have been tampered with in such a way that it does things its author didn't intend.

Use the Applet Security page to set a default security level that will apply to all signed applets, and one that will apply to all unsigned applets. You can allow signed applets any of four security levels, as defined below. Unsigned applets may be assigned only untrusted, high, or medium security.

Untrusted: Applets marked as untrusted can start, but they can't connect to any other computer, can't read, write, or delete any files, can't access other information about your computer, can't change settings, and can't launch local applications or access the print queue or clipboard.
High Security: Applets granted the High Security level run with safe constraints and are blocked from unsafe actions. They can't read, write, or delete files, and they can't access most HotJava Browser settings. They may connect to, and accept connections from, the server of their origin, but no other. They may only listen on network ports above 1024. They cannot access the print queue or clipboard.
Medium Security: Applets granted the Medium permission level run with safe constraints. If they attempt any of the actions listed under High Security, above, the HotJava Browser will give you a warning, and you may then grant permission for that action if you want.
Low Security: Applets granted Low security run with minimal constraints, without warning of potentially unsafe actions. The HotJava Browser will warn you if the applet tries to launch local applications, but all the other actions listed above are permitted without warnings. Of all the possible default security settings, this setting carries the greatest risk.

If you would like to see a more specific and complete list of what the various security settings above allow, if you are using the JDK's javakey utility, or for information about a potential problem when loading multiple applets from a single CODEBASE, please see Applet Security Developer Notes.

Advanced Applet Security Page

Use the Advanced Security page for setting more specific security options for signed applets, and to manage certificates. This page is only available through the Advanced Security link or the Advanced button on the basic Applet Security page. It is not available directly from the Edit->Preferences menu.

On this page, you can override the global security levels you set on the basic Applet Security page and allow applets access to some parts of your system. You can grant certain system permissions, access to files, and access to networks. You can also specify that HotJava should warn you whenever an applet attempts a particular action, such as writing a file. When warned, you're given the option to accept or deny the action. If you accept the action, the applet will keep that permission until the end of the current HotJava Browser session, or until you make a change on the Advanced Security Settings page that disallows the action.

There are various reasons that you might want to grant applets access to your system. You might want to allow a downloaded word processor, for example, to save a file to your hard disk. You might want to allow applets that originate within your company firewall to have full access to your system. You might want to allow applets to "listen" on a network port, which means that an applet can accept certain connections on that port.

A signed applet is accompanied with a certificate, which identifies the applet signer and prevents others from tampering with the applet. Certificates are issued by certificate authorities, such as the U.S. Postal Service or Verisign. Certificate authorities are organizations that issue certificates.

You can set a security level for all applets with a particular certificate, or all applets with a certificate from a particular certificate authority. You can also set a security level for all applets from a certain Web site server. This can be risky, however, as you have no guarantee that the applet will be safe to use. It's best to allow access to your system only to applets from sites you know and trust.

Besides setting permissions for a specific certificate or a particular site, you can create a group of several certificates or Web sites, and provide all applets in that group the same permissions. To create a group, click the Add Group button. In the dialog box, name the group folder and drag the certificates and sites from the scrolling list that you want to group together into the folder.

To use the Advanced Security page:

Select a certificate name, site, or group from the scrolling list.
The permissions you grant will apply to all applets with that certificate, or from that site. If you select a group, permissions apply to all applets with any certificate or from any site in that group.
Certificates that appear in this scrolling list are those used by applets or sites you have accessed.
Choose System Permissions, Access to Files, or Network Access, and select from the options that appear.
Initially, System Permissions is selected, and the permissions are set to be the default set of permissions for signed applets, as specified on the Basic Security page. You must deselect Use default permissions for this site or certificate to have access to the other System Permissions, Access to Files, or Network Access.

Choose System Permissions to indicate that the designated applets are allowed to start, open windows, access HotJava properties, access the clipboard, launch applications, or any combination of these permissions. You can also specify whether you want to see warning messages before applets can launch local applications, which will provide you with the chance to deny the permission at the time.

Choose Access to Files to indicate which of the files and directories on your system the designated applets are allowed to read to and write to. You can list these files separately by name, or you can specify groups of files by using the wildcard character * to substitute for any text. For example, "java.*.com" can mean "java.sun.foo.com", "java.sun.com", "java.crazy.com", and so on. This applies to all entry fields on this page.

Choose Network Access to specify which sites the designated applets may connect to, through which ports, and also on which ports they may "listen." An applet authorized to listen on a port does not have access to all the data that comes through that port. It is only listening for requests to connect to sites you've specified. It's like a person waiting for a phone to ring, rather than listening to an actual conversation.

In addition to the security settings available on the Basic and Advanced Applet Security pages, there is also a property you can set to increase security (but severely limit the ability to load applets) for users running the HotJava Browser within a network that is separated from the main Internet by a firewall. For information, see the HotJava Browser trustProxy Property.

For information about writing your own applets, see The Java Tutorial. For information on including existing applets in your HTML Web page, see The Applet Tag.

Back to HotJava User's Guide Table of Contents

Back to HotJava Browser Menus

Continue to HotJava Browser Troubleshooting (next topic)

Follow these links for information about other Preferences pages: