charlie.lai@Eng 1998-05-06

when making policy decisions, the codebase is not canonicalized.
this leads to problems where an admin might add an entry in
the policy file -- but at runtime, the application or applet will not be
granted the those permissions because the codebase wasn't canonicalized.

for example in NT, at runtime the codebase may be:
file:/C:\JavaSoft\TESTS
however if the admin enters:
file:/C:\javasoft\tests
as the codebase in the policy file, then the necessary
permissions will NOT be granted to the running code
because the codebases do not match (since they are not canonicalized).