The permission java.security.AllPermission implies all permissions and grants all possible permissions to code. This facility was included for routine testing purposes to make it less cumbersome to deal with a multitude of permissions and for use when the code is completely trusted. Code is typically granted AllPermission using the security policy file but it is also possible to associate AllPermission with a ProtectionDomain, programatically. This permission is dangerous in production environments and must never be granted to untrusted code.
Noncompliant Code Example (
...
Security Policy File)
This noncompliant example grants AllPermission to the klib library.
...
To check whether the caller has the requisite permissions, standard Java APIs use code such as the following:
| Code Block | ||
|---|---|---|
| ||
// Security manager code
perm = new java.io.FilePermission("/tmp/JavaFile", "read");
AccessController.checkPermission(perm);
// ...
|
...