h01483 s 00001/00001/00040 d D 1.3 96/06/27 09:28:27 mrm 4 3 c putback the fix this time e s 00000/00000/00041 d D 1.2 96/06/25 12:08:44 mrm 3 1 c fixed broken link e s 00000/00000/00000 d R 1.2 95/12/11 22:02:09 Codemgr 2 1 c SunPro Code Manager data about conflicts, renames, etc... c Name history : 2 1 sfaq/example/readFile.html c Name history : 1 0 people/mrm/sfaq/example/readFile.html e s 00041/00000/00000 d D 1.1 95/12/11 22:02:08 mrm 1 0 c date and time created 95/12/11 22:02:08 by mrm e u U f e 0 t T I 1 Java Security FAQ: Reading Files

Java Security FAQ: Reading Files


Here's an applet that tries to read the first line of the file /etc/passwd:

and here's the source.

Netscape Navigator 2.0 won't let applets read files, regardless of setting the acl.read property.

If you add the line

	acl.read=/etc
to your ~/.hotjava/properties file, then the appletviewer will be able to read any file in the /etc directory, including /etc/passwd.

If you add the file name specifically,

	acl.read=/etc/passwd
then the appletviewer will be allowed to read just that one file, but not other files in the /etc directory.

Conclusion: Don't add files or directories to acl.read in ~/.hotjava/properties, if you don't want the appletviewer to allow applets to read those files.

D 4 Back to the Java Security FAQ E 4 I 4 Back to the Java Security FAQ E 4 E 1