--- old/modules/graphics/src/main/java/javafx/concurrent/Task.java	2014-11-20 16:35:45.843621100 -0800
+++ new/modules/graphics/src/main/java/javafx/concurrent/Task.java	2014-11-20 16:35:45.116579500 -0800
@@ -25,6 +25,9 @@
 
 package javafx.concurrent;
 
+import java.security.AccessController;
+import java.security.Permission;
+import java.security.PrivilegedAction;
 import javafx.application.Platform;
 import javafx.beans.property.BooleanProperty;
 import javafx.beans.property.DoubleProperty;
@@ -994,9 +997,20 @@
         return cancel(true);
     }
 
+    // Need to assert the modifyThread permission so an app can cancel
+    // a task that it created (the default executor for the service runs in
+    // its own thread group)
+    // Note that this is needed when running as an applet or a web start app.
+    private static final Permission modifyThreadPerm = new RuntimePermission("modifyThread");
+
     @Override public boolean cancel(boolean mayInterruptIfRunning) {
         // Delegate to the super implementation to actually attempt to cancel this thing
-        boolean flag = super.cancel(mayInterruptIfRunning);
+        // Assert the modifyThread permission
+        boolean flag = AccessController.doPrivileged(
+            (PrivilegedAction<Boolean>) () -> super.cancel(mayInterruptIfRunning),
+            null,
+            modifyThreadPerm);
+
         // If cancel succeeded (according to the semantics of the Future cancel method),
         // then we need to make sure the State flag is set appropriately
         if (flag) {
--- old/modules/web/src/main/java/com/sun/webkit/network/NetworkContext.java	2014-11-20 16:35:53.886081100 -0800
+++ new/modules/web/src/main/java/com/sun/webkit/network/NetworkContext.java	2014-11-20 16:35:53.109036600 -0800
@@ -40,6 +40,7 @@
 import java.util.logging.Logger;
 
 import com.sun.webkit.WebPage;
+import java.security.Permission;
 
 final class NetworkContext {
 
@@ -193,6 +194,13 @@
         private final ThreadGroup group;
         private final AtomicInteger index = new AtomicInteger(1);
 
+        // Need to assert the modifyThread and modifyThreadGroup permission when
+        // creating the thread from the URLLoaderThreadFactory, so we can
+        // create the thread with the desired ThreadGroup.
+        // Note that this is needed when running as an applet or a web start app.
+        private static final Permission modifyThreadGroupPerm = new RuntimePermission("modifyThreadGroup");
+        private static final Permission modifyThreadPerm = new RuntimePermission("modifyThread");
+
         private URLLoaderThreadFactory() {
             SecurityManager sm = System.getSecurityManager();
             group = (sm != null) ? sm.getThreadGroup()
@@ -201,13 +209,19 @@
 
         @Override
         public Thread newThread(Runnable r) {
-            Thread t = new Thread(group, r,
-                    "URL-Loader-" + index.getAndIncrement());
-            t.setDaemon(true);
-            if (t.getPriority() != Thread.NORM_PRIORITY) {
-                t.setPriority(Thread.NORM_PRIORITY);
-            }
-            return t;
+            // Assert the modifyThread and modifyThreadGroup permissions
+            return
+                AccessController.doPrivileged((PrivilegedAction<Thread>) () -> {
+                    Thread t = new Thread(group, r,
+                            "URL-Loader-" + index.getAndIncrement());
+                    t.setDaemon(true);
+                    if (t.getPriority() != Thread.NORM_PRIORITY) {
+                        t.setPriority(Thread.NORM_PRIORITY);
+                    }
+                    return t;
+                },
+                null,
+                modifyThreadGroupPerm, modifyThreadPerm);
         }
     }
 }