unsigned applet can do anything

> I don't believe the policy file has ever been touched

I am quite sure it has been, or the applet is signed and selected something like "allways trust" the first

time.

in the java.security you can add locations for policy files and with runtime parameters you can probably set

some as well.

You should open the applet and check the trace:

To turn the full trace on (windows) you can start the java console, to be found here:

C:\Program Files\Java\j2re1.4...\bin\jpicpl32.exe

In the advanced tab you can fill in something for runtime parameters fill in this:

-Djavaplugin.trace=true -Djavaplugin.trace.option=basic|net|security|ext|liveconnect

The trace is here:

C:\Documents and Settings\your user\Application Data\Sun\Java\Deployment\log\plugin...log

harmmeijer at 2007-7-4 22:33:05 >