HotJava(tm) Browser Display Preferences

signed applet. This does not impact the security of the HotJava Browser, but it may surprise the applet developer. It is generally best for applet developers to avoid mixing signed and unsigned code.

Details on Applet Security Levels

Use the Applet Security page (Edit->Preferences->Applet Security) to set a default security level that will apply to all signed applets, and one that will apply to all unsigned applets. You can allow signed applets any of four security levels, as defined below. Unsigned applets may be assigned only untrusted, high, or medium security.

The list provided here is a complete list, some of which might only be understood by Java applet developers. Both the overview of what the security levels provide is listed here (as defined on the previous page), as well as the more detailed list.

Untrusted: Applets can start, but they can't connect to any other computer, can't read, write, or delete any files, can't access other information about your computer, can't change settings, and can't launch local applications or access the print queue or clipboard.
Applets are not permitted any of the controlled actions listed for the less restrictive security settings below.
High Security: Applets run with safe constraints and are blocked from unsafe actions. They can't read, write, or delete files, and they can't access most HotJava Browser settings. They may connect to, and accept connections from, the server of their origin, but no other. They may only listen on network ports above 1024. They cannot access the print queue or clipboard.
The complete list for the High Security setting is:
- Applets are only allowed access to HotJava Browser properties that are explicitly permitted. To permit access to a property called hotjava.property, set "hotjava.property.applet" to "true." For information about setting HotJava Browser properties, see Customizing the HotJava Browser.
- Applets are allowed read access to local files if the applet is accessed via the "file:" protocol, and the file comes from the same directory as the applet.
- Applets are allowed read and write access to files and directories listed in the properties acl.read, acl.read.default, acl.write and acl.write.default. See the Java Applet Security FAQ for more information about these properties.
- Applets are only allowed to listen on ports over 1024.
- Applets are only allowed to connect back to the server where the applet originated.
- Applets are not allowed access to methods or fields in packages that are identified using the property package.restrict.access.[packagename]=true. For example, package sun.* is not accessible to applets due to the property package.restrict.access.sun=true.
- Applets are not allowed to define classes in packages identified using the property package.restrict.definition.[packagename]=true. None are currently restricted by default.
- Applets are not allowed to set the network object factory.
- Applets are not allowed reflective access to non-public members of any class except classes loaded with the same class loader (that is, from the same site.)
- Applets are not allowed print job access, AWT event queue access, or clipboard access.
Medium Security: Applets granted the Medium permission level run with safe constraints. If they attempt any of the actions listed under High Security, above, the HotJava Browser will give you a warning, and you may then grant permission for that action if you want.
The complete list for the Medium Security setting is:
- Applets are not allowed to manipulate threads (set priority, etc.) outside of their own thread group.
- Threads are not allowed to create new thread groups.
- User is warned and can deny permission whenever an applet tries to launch an external application.
- User is warned and can deny permission whenever an applet tries to access a property value.
- Applets are allowed read access to local files if the applet is accessed via the "file:" protocol, and the file comes from the same directory as the applet.
- User is warned and can deny permission whenever an applet tries to read, write, or deletefiles.
- User is warned and can deny permission whenever an applet attempts any network access except for connecting back to the host where the applet came from.
- Applets are forced to display a warning banner on stand-alone windows the applets create.
- Applets are not allowed access to methods or fields in packages that are identified using the property package.restrict.access.[packagename]=true. For example, package sun.* is not accessible to applets due to the property package.restrict.access.sun=true.
- Applets are not allowed to define classes in packages identified using the property package.restrict.definition.[packagename]=true. None are currently restricted by default.
- Applets are not allowed to set the network object factory.
Low Security: Applets granted Low security run with minimal constraints, without warning of potentially unsafe actions. The HotJava Browser will warn you if the applet tries to launch local applications, but all the other actions listed above are permitted without warnings. Of all the possible default security settings, this setting carries the greatest risk.

Back to HotJava Browser Applet Security

dt/appconfig/hotjava/UsersGuide/display_prefs.html010044400000000000002000000104770634421607400225160ustar00rootbin00000400000016 HotJava(tm) Browser Display Preferences

Use the Display Preferences page to change the HotJava^TM Browser display properties, the location of items that appear in the header by default, and the startup page. Access this page by selecting Edit-> Preferences->Display.

When the HotJava Browser is started, and when you click the Home button, your Home Page is displayed. (This is also called your Starting Place.) You can change this to be any page you'd like by typing in a new URL in the Show Home Page text field. This field can never be empty; if you empty the field, HotJava will use its default Home Page.

For performance reasons, you can choose to have the HotJava Browser display a blank page at startup by choosing Blank Page at Startup. The HotJava Browser will still display your Home Page whenever you click on the Home button in this case.

Navigation Buttons lets you choose to display the HotJava buttons at the top of the HotJava window (the default), at the bottom of the window, vertically along the left o