Secure Dynamic Loading

The m-let service downloads Java classes from arbitrary locations over the network. If you wish to do so, you may enable code signing to insure that only trusted classes may be downloaded. Secure loading relies on code signing which differs between the JDK 1.1 and Java 2 platforms.

On a JDK 1.1 platform, the m-let service may be instantiated in secure mode to enforce code signing. The m-let service will then only load .jar files that have been signed by a trusted party using the javakey utility. The machine where the agent is running must have the signer's certificate in its keystore.

On the Java 2 platform, the java.lang.SecurityManager property determines if code signing is enforced. When this security is enabled, again only class files signed by a trusted party will be loaded. On the Java 2 platform, users invoke the keytool, jarsigner and policytool utilities to define their security policies.