Crude but effective limitations are placed on Java applets summoned by browsers. If my browser fetches and runs an applet, that applet is allowed access to the outside world but is allowed neither to see information on my machine, nor change information there. This is a useful yet very restrictive facility. There is no reason why I should not be able to fetch a Java program from an untrusted site and ask it for its opinion of one of my files without:
Java provides a way for the browser to specify the authority of the applet, but the manner of specification is too coarse grained. It is not whether I want an applet to read or write my files, that I need to specify, but which files.
When a Java routine invokes a subroutine and passes an argument locating an object X, the subroutine can access X by virtue of its parameter value. When I invoke an applet I cannot specify its operands in a similar fashion. Pity.