It is possible for an applet to read a file on the users system. In the previous Security model 1.1 this is not allowed. In java 1.2 the new security model impose very structured security system. The applets that are trying to access (read file) the resources from the client machine should have permissions and certification to do the same action. To get more details regarding this please go through the JDK1.2 Security model. Check out the policytool which is a policy editor through which you can define policies for programs (applet and application) to access various system resources.