Thanks for your thoughtful answer. Let me give you some missing details.
>We are developing the application that requires loading images from the
>net. Some sort of news reader. Several times I saw the following
>exception on our logs:
>
>---
>java.lang.SecurityException
>at java.lang.SecurityManager.checkPermission(Unknown Source)
>at java.lang.SecurityManager.checkConnect(Unknown Source)
>at sun.awt.image.URLImageSource.checkSecurity(Unknown Source)
>at sun.awt.image.ToolkitImage.getHeight(Unknown Source)
>...
>---
What technologies are you using in your application?
We have two main deployment options:
* Standalone
* JWS
The application
* uses HSQLDB as the database backend,
* makes http(s) connections to the outer world,
* reads and writes files in the home directory,
* involves no native code.
Most applications don't have any SecurityManager because they are
implicitly trusted. Java Web Start and RMI are two technologies that DO
NOT implicitly trust everything an application does, so if you're using
either of those, you're not in the same category as implicitly trusted
applications.
In JWS version we are using trusted deployment, so that we can access
local files and remote sites other than our own. My experiments show
that there is some SecurityManager installed when the JWS application
runs, but it permits the replacement with my own copy.
>Anyway, the main question is connected with what I decided to do. I
>decided to install my own SecurityManager implementation on application
>startup through the System.setSecurityManager() call. My implementation
>*never* throws SecurityException. I realize that some security managers
>installed by the system before my re-installation attempt could refuse
>to be replaced, but it's not the point. I'm feeling a bit uneasy about
>whether there are any negative implications connected with a security
>manager always saying 'Yes'. Does anyone have any experience with this?
Yes, but the safety of what you've done depends entirely on the
technologies you're using and the context they're used in. I've used
"grant all" SecurityManager before, but it was appropriate for the
technology and execution context, not something I'd just enable arbitrarily.
You haven't described how your app is deployed or what it's doing in enough
detail to be able to determine whether a "grant all" SecurityManager is a
possible problem or not.
I think I described everything that uses outer resources. What would you say?
