Untrusted Java web start applications and Java applets can't do anything that could harm the real operating system. We had to buy and keep on renewing an expensive code-signing cert so our app could save a local file. Every once in a while, a security researcher claims to have gotten untrusted bytecode to run outside the boundaries of the sandbox.