Date: Wed, 17 Feb 1999 13:32:15 -0500
From: "Joanne Beausoleil" <joanneb@segue.com>
To: java-security@java.sun.com
Subject: 1.2 Security Model and Applets
How do I get around the chicken or the egg problem with the 1.2 model?
I don't want to update the client machines when the user runs my applet
with a policy file or a policy file reference in the java.security file.
I want the user to be able to run my applet with permissions by just
bringing up their browser and hitting a web server, as we were able to
do with the IE and Netscape native jvms and signed jars and cabs.
How can I do this with the 1.2 security model, if I need to update the
java.security file with my applications policy file reference? This goes
against the no-install paradigm for applets.
What is the company position on this? Thanks, Joanne