devxlogo

Accessing Client Disk with 1.1

Accessing Client Disk with 1.1

Why Trust Us

Question:
I read(somewhere) that the Java spec. allows for applet access to the local diskin a restricted way. That is, the client should be able to specify adirectory on the disk that Java can access. Is this true? Netscape’simplementation does not support this. Is this a Java language issue orNetscape implementation issue? How else could I implement some sort of fileupload in Java?

Answer:
What an applet can or cannot do at runtime is determined by the particularimplementation of the Java Security Manager that comes with the browserrather than the version of the Java language itself. In general, theSecurity Manager in a browser prevents applets from reading, writing,renaming or removing any files, but the details of how the policy isenforced is up to the browser. For example, the security manager in Netscape prevents applets from reading,writing or accessing any files whatsoever.

However, the security managers in Sun’s Hotjava and Appletviewer are moreconfigurable. They allow applets to read files when they are explicitlynamed on user-defined access control lists. The access control list is nullby default but can be defined in the ~/.hotjava/properties file by the user.

(The “~” symbol refers to the user’s home directory on UNIX systems. On aPC, if the web browser is installed in the C: drive, then the propertiesfile resides in C:.hotjavaproperties)

The acl.read property specifies which files or directories are readable byapplets and the acl.write property specifies which files or directories canbe written by applets. When acl.read is not defined, no applet can read anyfile and likewise, so long as acl.write hasn’t been defined, applets cannotwrite to any files.

See also  Professionalism Starts in Your Inbox: Keys to Presenting Your Best Self in Email

You can define individual files or directories to be readable or writeableby simply adding a line to the properties file as follows:

                acl.read=/home/docs/resume                acl.write=/htdocs/visitorcounter                        -or-                acl.read=/home/published/papers                acl.write=/home/incoming/images
To define multiple items on the access control list, separate the entries,with a “:”
                acl.read=/home/docs/resume:/home/published/papers                acl.write=/home/incoming/images:/htdocs/visitorcounter
Allowing an applet to read/write a directory means that it can read/writeall the files in that directory, including any files in any subdirectoriesthat might be hanging off that directory.

Also note that allowing write access to files or directories opens up yoursystem to potential mischief by applets that might rename files, consumelarge amounts of disk space, remove your files, etc. Be cautious in usingthis scheme and avoid it if at all possible. Instead have your applets keepany state they need back on the server where they reside.

devxblackblue

About Our Editorial Process

At DevX, we’re dedicated to tech entrepreneurship. Our team closely follows industry shifts, new products, AI breakthroughs, technology trends, and funding announcements. Articles undergo thorough editing to ensure accuracy and clarity, reflecting DevX’s style and supporting entrepreneurs in the tech sphere.

See our full editorial policy.

About Our Journalist

Charlie Frank

Charlie has over a decade of experience in website administration and technology management. As the site admin, he oversees all technical aspects of running a high-traffic online platform, ensuring optimal performance, security, and user experience.
View Author
Show More