Java Security

I tried it out today. The details of Java Policy which controls what each program can and cannot do.
However there were a some grey areas which I thought I needed to jot down for further reference.

  1. It is best to put the policies in ${user.home}/.java.policy
  2. If 1 is not possible then the confusion lies as to where to put the policy
    1. You could put it in any file as long as you add it to the ${java.home}/lib/security/java.security file.
    2. The entry to be made is policy.url.3=file:/D:/JavaTest/mypolicy (windows)
    3. This works for applet viewer but not mozilla
    4. Java usually downloads the latest version of JRE and installs it. Mozilla uses the latest version so. For Mozilla it is not enough to change ${java.home}/lib/security/java.security file but the /lib/security/java.security of the latest version of JRE.