[Jmol-users] Signed applet v Mountain Lion

[Greeves, Nick <ngreeves@li...>]

If you try Mountain Lion and sites with the signed applet you may find you are unable to enable the applet.
This may help
up vote1down voteaccepted


It is new security feature in Mac OS X, by default only apps from Mac Store & from trusted developers are allowed to run there. Fortunatelly, it is easy to change, you have to allow this in Mac OS X preferences.

Go to Preferences -> Security & Privacy and click on padlock to allow changes.

Then in "Allow appications downloaded from" select "Anywhere".

After that, the button in Java dialog will be enabled.







All the best
Nick
Sent from my iPad 2

[Jmol-users] Signed applet v Mountain Lion

[Greeves, Nick <ngreeves@li...>]

If you try Mountain Lion and sites with the signed applet you may find you are unable to enable the applet.
This may help
up vote1down voteaccepted


It is new security feature in Mac OS X, by default only apps from Mac Store & from trusted developers are allowed to run there. Fortunatelly, it is easy to change, you have to allow this in Mac OS X preferences.

Go to Preferences -> Security & Privacy and click on padlock to allow changes.

Then in "Allow appications downloaded from" select "Anywhere".

After that, the button in Java dialog will be enabled.







All the best
Nick
Sent from my iPad 2

Re: [Jmol-users] Signed applet v Mountain Lion

[Philip Bays <pbays@sa...>]

Is this true in all browsers, or only safari?


On Jul 26, 2012, at 6:32 AM, Greeves, Nick wrote:

> If you try Mountain Lion and sites with the signed applet you may find you are unable to enable the applet.
> This may help
> up vote
> 1
> down vote
> accepted
> It is new security feature in Mac OS X, by default only apps from Mac Store & from trusted developers are allowed to run there. Fortunatelly, it is easy to change, you have to allow this in Mac OS X preferences.
> 
> Go to Preferences -> Security & Privacy and click on padlock to allow changes.
> 
> Then in "Allow appications downloaded from" select "Anywhere".
> 
> After that, the button in Java dialog will be enabled.
> 
> 
> 
> 
> 
> 
> All the best
> Nick
> Sent from my iPad 2
> ------------------------------------------------------------------------------
> Live Security Virtual Conference
> Exclusive live event will cover all the ways today's security and 
> threat landscape has changed and how IT managers can respond. Discussions 
> will include endpoint security, mobile security and the latest in malware 
> threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/_______________________________________________
> Jmol-users mailing list
> Jmol-users@...
> https://lists.sourceforge.net/lists/listinfo/jmol-users

J. Philip Bays
Emeritus Professor of Chemistry
Department of Chemistry and Physics
Saint Mary's College
Notre Dame, IN 46556
pbays@...

Re: [Jmol-users] Signed applet v Mountain Lion

[Rzepa Henry <h.rzepa@im...>]

On 26 Jul 2012, at 11:32, "Greeves, Nick" <ngreeves@...> wrote:

> If you try Mountain Lion and sites with the signed applet you may find you are unable to enable the applet.
> It is new security feature in Mac OS X, by default only apps from Mac Store & from trusted developers are allowed to run there. Fortunatelly, it is easy to change, you have to allow this in Mac OS X preferences.
> 
> Go to Preferences -> Security & Privacy and click on padlock to allow changes.
> 
> Then in "Allow appications downloaded from" select "Anywhere".
> 
> After that, the button in Java dialog will be enabled.
> 

Can anyone reproduce this?  Although doing the above allows OS X Mountain lion to run signed Jmol from a remote server, trying to run the same from a local hard drive produces the message "You do not have Java applets enabled in your web browser, or your browser is blocking this applet" (which comes from jmol.js).  I have tried this on two quite separate  Mountain Lion installs with the same result.

However, it is specific  to Safari; Chrome and  Firefox are fine on the same systems (i.e. Java is present). 

[Jmol-users] Signed applet v Mountain Lion: local file restrictions!

[Rzepa Henry <h.rzepa@im...>]

On 31 Jul 2012, at 08:15, Rzepa Henry <rzepa@...> wrote:

> 
> On 26 Jul 2012, at 11:32, "Greeves, Nick" <ngreeves@...> wrote:
> 
> 
> Can anyone reproduce this?  Although doing the above allows OS X Mountain lion to run signed Jmol from a remote server, trying to run the same from a local hard drive produces the message "You do not have Java applets enabled in your web browser, or your browser is blocking this applet" (which comes from jmol.js).  I have tried this on two quite separate  Mountain Lion installs with the same result.
> 
> However, it is specific  to Safari; Chrome and  Firefox are fine on the same systems (i.e. Java is present). 
> 


I have found an answer to my own question.  There is a new setting in  Safari, accessed only  through the developer menu (which is off  by default) called "Disable local file restrictions".  It would appear that Apple, via Safari are now implementing a sandboxing policy by default, which in effect allows Safari to access only to its own trusted files (this policy taken from IOS). Apparently, if a  Java applet is local, it does not (by default) belong to the Safari sandbox, and hence is prevented from running within the  Java virtual environment in that browser.

I guess Apple was stung by a  Mac Trojan a month or so back which was embedded in a  Java applet, and has decided that local applets have by default to be treated as potential security vectors.  Lets hope that this entry in the developers menu continues to remain.  I have to wonder whether third party developers such as  Google (Chrome) and Mozilla (Firefox)  will be forced by  Apple to adopt similar policies on OS X.  Thus for example, if you want to take advantage of another recently introduced technology, Apple's cloud,  you only have access to the API if you distribute via their  App store. Currently,  And the cloud is similarly sandboxed.  Chrome and Firefox are not distributed in this manner. 

I am also intrigued by how  WebGL can only be switched on in  IOS by having access to an  Apple ID which is registered as a developer.  No normal user can switch  WebGL on. I read somewhere that, like  Java, there may be subtle security issues hidden in the use of  WebGL (although this does sound far fetched).  I mention  WebGL because Bob's excellent merging of scripts for both  Jmol and  GLMol  is only effective if  WebGL is on (i.e. not possible for regular users of IOS).    Has anyone yet spotted any  WebGL on by default in Android-land?  Does it have to be switched on there by invoking developer mode again?