How can an applet read files on the local file system (and circumvent other security restrictions) ?
As security precaution, Applets run in a sandbox inside a browser, which restricts what it is allowed to do. E.g., it can’t access the local file system, it can only make network connections back to the host where it came from, and it can’t read some of the system properties that a Java application can read. Signing an applet The way to allow an applet to do all those things is to digitally sign it. In effect the signer says “This applet is safe to use, and if you trust me, you can trust this applet, because through my signature you can be assured that it has not been tampered with since I signed it.” The user will then be asked if she wants to trust the signer (usually in a little dialog box), and if she does, the applet can proceed with full privileges. If the trust is denied, the applet continues to run inside the sandbox with limited privileges. The decision of whether to trust an applet should be made very judiciously, because a trusted applet has the same privileges a locally sta
