Java Security FAQ: Reading Files

Here's an applet that tries to read the first line of the file /etc/passwd:

and here's the source.

Netscape Navigator 2.0 won't let applets read files, regardless of setting the property.

If you add the line
to your ~/.hotjava/properties file, then the appletviewer will be able to read any file in the /etc directory, including /etc/passwd.

If you add the file name specifically,
then the appletviewer will be allowed to read just that one file, but not other files in the /etc directory.

Conclusion: Don't add files or directories to in ~/.hotjava/properties, if you don't want the appletviewer to allow applets to read those files.

Back to the Java Security FAQ