54 lines
3.4 KiB
HTML
54 lines
3.4 KiB
HTML
|
<?xml version="1.0" encoding="UTF-8"?>
|
|||
|
<!DOCTYPE html
|
|||
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|||
|
<html lang="en-us" xml:lang="en-us">
|
|||
|
<head>
|
|||
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|||
|
<meta name="security" content="public" />
|
|||
|
<meta name="Robots" content="index,follow" />
|
|||
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|||
|
<meta name="DC.Type" content="concept" />
|
|||
|
<meta name="DC.Title" content="Risk: Trust signed applets" />
|
|||
|
<meta name="abstract" content="This topic describes security risks from signed Java applets and provides recommendations for reducing these risks." />
|
|||
|
<meta name="description" content="This topic describes security risks from signed Java applets and provides recommendations for reducing these risks." />
|
|||
|
<meta name="DC.Relation" scheme="URI" content="rzamvsecurityinternet.htm" />
|
|||
|
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
|
|||
|
<meta name="DC.Format" content="XHTML" />
|
|||
|
<meta name="DC.Identifier" content="riskapplets" />
|
|||
|
<meta name="DC.Language" content="en-us" />
|
|||
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|||
|
<!-- US Government Users Restricted Rights -->
|
|||
|
<!-- Use, duplication or disclosure restricted by -->
|
|||
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|||
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|||
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|||
|
<title>Risk: Trust signed applets</title>
|
|||
|
</head>
|
|||
|
<body id="riskapplets"><a name="riskapplets"><!-- --></a>
|
|||
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|||
|
<h1 class="topictitle1">Risk: Trust signed applets</h1>
|
|||
|
<div><p>This topic describes security risks from signed Java™ applets
|
|||
|
and provides recommendations for reducing these risks.</p>
|
|||
|
<p>Your users might have followed your advice and set up their browsers to
|
|||
|
prevent applets from writing to any PC drives. However, your PC users need
|
|||
|
to be aware that a signed applet can override the setting for their browser.</p>
|
|||
|
<p>A signed applet has an associated digital signature to establish its authenticity.
|
|||
|
When a user accesses a Web page that has a signed applet, the user sees a
|
|||
|
message. The message indicates the applet’s signature, who signed it and when
|
|||
|
it was signed. When your user accepts the applet, the user grants the applet
|
|||
|
an override to the security settings for the browser. The signed applet can
|
|||
|
write to the PC’s local drives, even though the default setting for the browser
|
|||
|
prevents it. The signed applet can also write to mapped drives on your server
|
|||
|
because they appear to the PC to be local drives.</p>
|
|||
|
<p>For your own Java applets that come from your server, you might need
|
|||
|
to use signed applets. However, you should instruct your users in not
|
|||
|
to accept signed applets from unknown sources.</p>
|
|||
|
</div>
|
|||
|
<div>
|
|||
|
<div class="familylinks">
|
|||
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvsecurityinternet.htm" title="Use this information to learn about common security threats from using Internet browsers.">Security considerations for internet browsers</a></div>
|
|||
|
</div>
|
|||
|
</div>
|
|||
|
</body>
|
|||
|
</html>
|