If you have a policy which looks like:
grant signedby "A" { permission X; };
grant signedby "B" { permission Y; };
grant signedby "A,B" { permission Z; };
grant signedby "A,C" { permission Q; };
Then you have the following:
signedBy permissions granted
A X
B Y
A and B X, Y, Z
C nothing
A and D X
You end up with the union. i.e., if something is signed by A and B,
its gets the permissions granted A, granted to B, and granted to code
signed by both A and B.
> Where can I read more about the implications of multiple signed
> JAR-files?
I think its described in the security architecture spec and the policy
file guide, both of which are included with the JDK1.2 docs.
roland