...
Java SE 1.2 added two methods — checkPermission(Permission perm) and checkPermission(Permission perm, Object context) — to the SecurityManager class. The motivations for this change included
- Eliminating eliminating the need to hard code names of checks in method names.
- Encapsulating encapsulating the complicated algorithms and code for examining the Java runtime in a single
checkPermission()method. - Supporting supporting introduction of additional permissions by subclassing the
Permissionclass.
The single argument checkPermission() method uses the context of the currently executing thread environment to perform the checks. If the context has the permissions defined in the local policy file, the check succeeds; otherwise, a SecurityException is thrown.
...
Occasionally, the security check code exists in one context (such as a worker thread), while the check has to be conducted on a different context, such as another thread. The two argument checkPermission() method is used in this case. It accepts an AccessControlContext instance as the context argument. The effective permissions are those of the context argument only and are not computed as the intersection of the permissions of the two contexts.
...
Identifying sensitive operations requires assistance from the programmer; fully - automated identification of sensitive operations is beyond the current state of the art.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="87eac331fd7151fc-4ba2b711-446049ac-abc88362-8811d08378daf585659b7787"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | ]]></ac:plain-text-body></ac:structured-macro> |
...