Impact of System.setSecurityManager(null)

Question

I was facing some issue in Applet. Here is the links for that issue.

java.security.AccessControlException: access denied ("java.security.SecurityPermission&quo

Answer 1

Since you are talking about applet

From docs of Security manager

Typically, a web applet runs with a security manager provided by the browser or Java Web Start plugin. Other kinds of applications normally run without a security manager, unless the application itself defines one. If no security manager is present, the application has no security policy and acts without restrictions.

So by passing null, you are disabling security for your run time environment.

For example, System.exit, which terminates the Java virtual machine with an exit status, invokes SecurityManager.checkExit to ensure that the current thread has permission to shut down the application.

There are some more examples too that what happens If you disable security manager like file permissions etc.

Please read the full docs before making it null, Because of that you are welcoming security issues in your application as well as to the end user.