Why can't untrusted code change the log level under Java Logging?

Posted by cdmckay on Stack Overflow See other posts from Stack Overflow or by cdmckay
Published on 2010-03-16T22:07:06Z Indexed on 2010/03/16 22:11 UTC
Read the original article Hit count: 268

Filed under:
|
|
|
|

I'm have a Java app that also runs as an applet. The app also happens to use a library called BasicPlayer to play .ogg files. BasicPlayer has a built-in logger that uses Apache Logging Commons to create a logger for BasicPlayer.class using the built-in Java logger. The only way that I know about to turn off the BasicPlayer logging is to run this code:

Logger.getLogger(BasicPlayer.class.getName()).setLevel(Level.OFF);

This works fine when running as a regular app. However, when running as an applet, this code will throw a SecurityException because for some reason applets can't change the log level of non-anonymous loggers (see here for a sorta-explanation).

Why would they do this? Who cares if an applet changes the log level?

© Stack Overflow or respective owner

Related posts about java

Related posts about logging