Sandbox

Java has the notion of a security sandbox, where code cannot perform "unsafe" action. For example, unsigned Java applets cannot read arbitrary files on your local disk.

In Java 1.1 and earlier, the sandbox was an all or nothing feature, in Java 1.2 and later it is possible to control the sandbox with some degree of granularity. For example, an application can read a policy file that will allow it to load a native library, but still not allow access to arbitrary files on the local disk.

vergil -sandbox

If the $PTII/bin/vergil script is invoked with -sandbox, then java will be invoked with $PTII/bin/sandbox.policy.
  • allows access to port 80 so that we can download modules,
  • allows reading of the user.dir property because MoMLApplication.specToURL() calls File.getCanonicalPath(), which reads user.dir
  • Note that the file browser does not work well in the sandbox.

    To run a model, specify the model on the command line:

    vergil -sandbox $PTII/ptolemy/moml/demo/modulation.xml
    

    Note that you can use the policytool program that ships with Java to edit $PTII/bin/sandbox.policy, but if you do, then any comments in the file will be removed.

    vergil -policyfile filename

    If the $PTII/bin/vergil script is invoked with -policyfile filename, then java will be invoked with filename as the policy file. For example:
    vergil -policyfile $PTII/bin/sandbox.policy $PTII/ptolemy/moml/demo/modulation.xml
    
    is the same as
    vergil -sandbox $PTII/ptolemy/moml/demo/modulation.xml
    

    Currently, the only two policy files that are defined are

    $PTII/bin/sandbox.policy
    Allows access to port 80 and to read the user.dir property.
    $PTII/bin/comm.policy
    Allows access to the Java Communications API shared library. This file is generated by $PTII/configure reading in $PTII/bin/comm.policy.in, substituting in installation specific values and creating $PTII/bin/comm.policy.
    For a demo, try running
     $PTII/bin/vergil -policyfile $PTII/bin/comm.policy ptolemy/actor/lib/io/comm/demo/SerialPort/SerialPort.xml 
    

    Remote Resources

  • Applet Security Tutorial
  • Applet Security Article
  • Java 1.2 Unleashed- Chapter 3 - The Extended Java Security Model
  • java.security.Policy documentation