小程序通过浏览器插件运行从本地文件系统（文件：///）受到几乎完全一样的安全检查从加载小程序网路。不同的是从网上下载的小程序要给家里打电话，即许可。连接回小程序源自服务器，从文件系统加载的小程序需要访问同一个文件夹中的文件的权限。

Applets run via browser plug-in from the local file-system (file:///) are subject to almost exactly the same security checks as applets loaded from the web. The difference being that applets loaded from the web have the permission to "call home", ie. connect back to the server the applet originated from, and applets loaded from the filesystem have the permission to access the files in the same folder.

在默认情况下的沙箱不允许加载本地库在任何情况下。

The sandbox by default does not permit loading native libraries in either case.

您可以考虑签署的小程序。用户必须确定安全对话框。除非你有从证书颁发机构购买了code-签名证书的对话框会警告的事实，它不是由受信任的一方签署该用户。

You could consider signing the applet. The user will have to OK the security dialog. And unless you have a code-signing certificate purchased from a certificate authority the dialog will warn the user of the fact that it's not signed by a trusted party.

我没有完全理解你的使用情况，但如果你能在本地机器上运行的其他code，你总是可以改变Java安全策略，以便在一些特定的局部的位置信任一个.jar文件。这种方式没有任何安全对话获得presented。

I didn't fully understand your use-case, but if you can run other code on the local machine, you could always alter the java security policy in order to trust a .jar file in some specific local location. This way no security dialog gets presented.

要做到这一点，你改变了Java策略文件，该文件在Windows机器的Java 6很可能是：

To do this, you alter the java policy file, which on a windows machine with Java 6 would probably be in:

％PROGRAM FILES％\\ Java的\\ JRE6 \\ lib \\ security中\\的java.policy

%PROGRAM FILES%\Java\jre6\lib\security\java.policy

和添加一个新的许可，这样的事情：

And add a new permission, something like this:

grant codeBase "file:///path/yourcomponent.jar" {
      permission java.lang.RuntimePermission "loadLibrary.jzmq";
};

编辑：为了充分的权限，您可以添加一个允许这样的（这是从成功的测试，我做了刚才复制）：

To give full permissions, you could add a permission like this (this is copied from a succesful test I did just now):

grant codeBase "file:///C:/component/policytest.jar" {
      permission java.security.AllPermission;
};