Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by NavBot

...

An alternative is to read the file names from a source existing in a secure directory, inaccessible to an attacker. The security policy file may grant permissions to the application to read files from a specific directory. The security manager must be used when running the application (ENV02ENVxx-J. Create a secure sandbox using a Security Manager). It is also possibe to define a custom permission to control access to specific programs and using a security manager to enforce this permission (SEC08-J. Define custom security permissions for fine grained security).

...