JSECURITY Issue: Please also add "user approved" policy

Steve (achilles@online.no)
Fri, 27 Nov 1998 17:56:47 GMT

Name: Michael Viig
Email: achilles@online.no
Organization: Achilles Systems
Location: Europe
System: Win95
Referring URL: http://java.sun.com/features/1998/11/jdk.security.html

The administrator/developer/user of a security policy should be able to set "User approved Write" not just "Read" "Add" "Change"...

A program permited to over write a program file with
"User approved Write" will not unncontolably write Viruses to random program files, but permit a compiling or UnZipin of program files only if approved by the user leaving the user in control.

Administrator is to set this level to avoid unnessesary annoying user interaction. (Maybe user can say "Yes to all"? or "Yes to all this session")