JAR Signing: Clarification

[HavaTheJut]

I've read over Sun's information on jar signing, but there's still one thing that's not 100% clear to me. Can certificates alone allow file access, property permission, etc.? Or does the certificate just allow the user to change these settings in the Policy Tool for all instances of the signer of that certificate?

Relevant Link:

http://java.sun.com/docs/books/tutorial/jar/sign/index.html

HavaTheJut

 

[JavaDude32]

Well for IE at least, I'm not sure of other browsers, Certificates sign the applet thus giving it greater options as long as the user allows it, you can give trusted applets the same rights as untrusted applets or vice versa I believe just through the internet options in IE. I think in netscape it prompts the user about signed applet security accesses. You have to check with your target browsers as they are the ones that implement security. Just a reminder since you've prolly read that. By default I would think in most browsers, the restricted operations are enabled for signed applets allowing signed applets greater functionality.

 

[HavaTheJut]

thanks HavaTheJut