Java uses a "sandbox" security model to ensure that applets cannot cause security problems. The idea is that an applet can do whatever it wants within the constraints of its sandbox, but that nothing done inside the sandbox has any consequences outside of the sandbox.
Java implements the sandbox model using the java.lang.SecurityManager class. An instance of SecurityManager is passed to the method System.setSecurityManager() to establish the security policy for an application. Before setSecurityManager() is called, a Java program can access any resources available on the system. After setSecurityManager() is called, however, the SecurityManager object is responsible for providing a security policy. Once a security policy has been set by calling setSecurityManager, the method cannot be called again. Subsequent calls simply throw a SecurityException.
All methods in the Java API that can access resources outside of the Java environment call a SecurityManager method to ask permission before doing anything. If the SecurityManager method throws a SecurityException, the exception is thrown out of the calling method, and access to the resource is denied. The SecurityManager class defines a number of methods for asking for permission to access specific resources. Each of these methods has a name that begins with the word "check." Table 9.1 shows the names of the check methods provided by the SecurityManager class.
The SecurityManager class provides implementations of these methods that always refuse the requested permission. To implement a more permissive security policy, you need to create a subclass of SecurityManager that implements that policy.
In Java 1.0, most browsers consider an applet to be trusted or untrusted. An untrusted applet is one that does not come from the local filesystem. An untrusted applet is treated as follows by most popular browsers:
As of Java 1.1, an applet can have a digital signature attached to it. When an applet has been signed by a trusted entity, a browser may consider the applet to be trusted and relax its security policy.