Since this is a java-LINUX news group, I think the following should be said. It is implicitly insecure to allow any access to clients local system information through an html applet, or any remotely controlled means, irregardless of any signature validation methods used. The client machine should both control access to information and provide it only through it own permanent servers. Otherwise, any protection mechanism, no matter how seeming secure is easily abused. The fact that this observation has not been grasped by companies like MicroSoft, systems like NT (which is commonly felt to have a better protection model than Unix) has remained plagued by viruses. Barry Fishman ---------------------------------------------------------------------- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]