...
| Code Block | ||
|---|---|---|
| ||
package trusted;
import untrusted.RetValue;
public class MixMatch {
private void privilegedMethod() throws IOException {
try {
FileInputStream fis
= (FileInputStream) AccessController.doPrivileged(
new PrivilegedExceptionAction() {
public FileInputStream run() throws FileNotFoundException {
return new FileInputStream(""file.txt"");
}
}
);
RetValue rt = new RetValue();
if(rt.getValue() == 1) {
// do something with sensitive file
}
} catch (PrivilegedActionException e) {
// forward to handler and log
} finally {
fis.close();
}
}
public static void main(String[] args) throws IOException {
MixMatch mm = new MixMatch();
mm.privilegedMethod();
}
}
package untrusted;
class RetValue {
public int getValue() {
return 1;
}
}
|
...
ENV03-J. Limit remote uses of JVM Monitoring and Managing 01. Runtime Environment (ENV) ENV30-J. Create a secure sandbox using a Security Manager