...
Normally, execution of untrusted code causes loss of privileges; the Java security model rescinds priveleges when a trusted method invokes an untrusted one. When trusted code calls untrusted code that attempts to perform some action requiring permissions withheld by the security policy, the Java security model disallows that action. However, privileged code may use a class that exists in an untrusted container and performs only unprivileged operations. If the attacker were to replace the class in the untrusted container with a malicious class, the trusted code might receive incorrect results and misbehave at the discretion of the malicious code.
Wiki Markup
A package sealed within a JAR specifies that all classes defined in that package must originate from the same JAR. Otherwise, a
SecurityExceptionis thrown.
...
Bibliography
...
[[EMA 2011AA. References#EMA 2011]] | Optional Package Sealing | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="7641fa97-bb79-49bd-ba76-16ef10525b7e"><ac:plain-text-body><![CDATA[ |
[[McGraw 1999AA. References#Ware 99] ] | Rule 7, If you must sign your code, put it all in one archive file | ]]></ac:plain-text-body></ac:structured-macro> | <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="745bb22e-e89c-45cf-8be6-569a312aa3cf"><ac:plain-text-body><![CDATA[ |
[[Ware 2008AA. References#Ware 08]] | ]]></ac:plain-text-body></ac:structured-macro> |
...