SurfSnatcher - SecurityManager
Security in SurfSnatcher is an important and ongoing task.
You can edit, compile, and test the SecurityManager in SurfSnatcher.
- If you downloaded classes.jar, unjar classes.jar.
- If you downloaded SurfSnatcher.zip, unzip classes.zip in the lib dir.
- Download the SecurityManager source code, SurfSecurity.java.
- Edit and compile SurfSecurity.java.
- Jar or zip back up your classes.
- Execute SurfSnatcher as usual.
When SurfSnatcher goes to execute an applet, it checks to see if
the SurfSecurity SecurityManager has been installed. If not, it will
install it. Once a SecurityManager is installed, it cannot be changed in any way.
Any attempts to install a new SecurityManager creates a Security violation.
SurfSecurity will only allow applets from a particular host to read or write files
in the host subdirectory under SurfSnatcher. Therefore, once SurfSnatcher has
executed an applet from one host, it will not allow an applet from another host
to be executed, or files from another host to be downloaded and saved to disk.
With the source code for the SecurityManager, you can verify the integrity of the
operations performed by applets.
I would appreciate your suggestions to the SecurityManager.
Please email me.
I never distribute email addresses.
If you wish, I will list your name and homepage below.
Thanks go to these people for all their help:
�