Date: Tue, 25 Nov 1997 11:24:16 -0800 (PST)
From: Roland Schemers <Roland.Schemers@Eng>
Subject: Re: class marked as nonpublic to untrusted code
To: java-security@web2.javasoft.com, samlu@lehman.com
This behavior is up to each class loader to implement. Most browsers do not
allow access to sun.* classses. Also note that using sun.* classes
has a few caveats:
- using sun.* classes is not a 100% pure. Browsers are not expected/required
to include any sun.* classes.
- sun.* classes are not public/supported classes and are subject to change
(or go away) from release to release.
roland
> From: "Samuel W Lu" <samlu@lehman.com>
> Date: Tue, 25 Nov 1997 10:58:53 -0500
> To: java-security@web2.javasoft.com
> Subject: class marked as nonpublic to untrusted code
> Mime-Version: 1.0
>
>
> I wrote the following applet:
>
> import java.applet.*;
> import java.security.Principal;
> import java.security.acl.*;
> import sun.security.acl.*;
>
> public class x extends Applet
> {
> public void init() { Principal x = new PrincipalImpl("x"); }
> }
>
> If I run this in IE 4.0 with SDK-Java.20, I get the following exception in
> the javalog.txt file:
> java.lang.IllegalAccessError: sun/security/acl/PrincipalImpl has been
> marked asnonpublic to untrusted code.
> at x.init
> at com/ms/applet/AppletPanel.securedCall0
> at com/ms/applet/AppletPanel.securedCall
> at com/ms/applet/AppletPanel.processSentEvent
> at com/ms/applet/AppletPanel.processSentEvent
> at com/ms/applet/AppletPanel.run
> at java/lang/Thread.run
>
> Is it a feature of the JDK 1.1 class loader to mark certain classes as
> nonpublic to untrusted code? Or is this another Microsoft "extension"?
>
> --
> s a m
> ----- 3 World Financial Ctr, 11th Fl, New York, NY 10285. 212.526.3653