Microsoft HomeProductsSearchSupportShopWrite Usspacer.gif Microsoft Home
Release Notes
  In this topic
 

Release Notes   Release Notes
Security Model   Introduction

 


The previous version of the Microsoft VM (shipped in Internet Explorer 3.02) allowed signed code to be treated as trusted. Essentially, classes were placed in a cab file and signed. When downloaded onto the user's machine, the user was presented with a certificate dialog specifying the publisher of the code and other information. If the user granted permission to the trusted code, the code was allowed access to system resources.

The permissions-based security model in Internet Explorer 4.0 extends this security model by providing a granular approach to allowing applets out of the "sandbox." The Java code may be signed with default permissions of High, Medium and Low safety settings.

In addition to the default settings of High, Medium, and Low, developers may sign their code with a fine-grained set of custom permissions by specifying them in a .ini file. For example, developers may sign their code requesting permission to access only a particular file on the user's hard drive.

The High safety setting is a restrictive set of permissions that are the equivalent of "sandboxed" Java code. This set of permissions enables the applet to:

  • Have thread access in the current execution context.
  • Create a top-level popup Window with a warning banner.
  • Access Reflection API’s for classes from the same loader.
  • Read system properties with the applet suffix.
  • Open network connections to the host machine.

The Medium safety setting consists of the following set of permissions (in addition to the permissions in the High setting):

  • Scratch Space
  • User Directed File I/O

The Low safety setting enables all permissions (in addition to the permissions in the High and Medium settings). This enables the applet to:

  • Execute other applications on the client.
  • Perform file I/O.
  • Perform multimedia operations.
  • Open network connections to machines other than the host.
  • Perform printing operations.
  • Read system properties.
  • Access Reflection API's.
  • Perform registry operations.
  • Redirect system streams.
  • Provide thread group access in the current execution context.
  • Create a top-level popup window without a warning banner.
  • Implement user-interface dialogs.

Signing Tools

Tools for signing code are available in the BIN\PACKSIGN directory of this release of the SDK for Java. These tools provide developers the capability to sign their Java code with the default settings and with the fine-grained custom permission settings.

The general-purpose signing tools MakeCert.exe, Cert2SPC.exe, signcode.exe, ChkTrust.exe, setreg.exe, and CertMgr.exe are included in this release of the SDK for Java. The Java specific tools JavaSign.dll and ChkJava.exe are also included.

For a short description of these tools, please see the Tools topic. For more detailed instructions on using the tools, see the SDK documentation.

To get more information on working with the Microsoft VM, please check out the SDK documentation on this subject.



Top © 1997 Microsoft Corporation. All rights reserved. Terms of use.