Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Edited by sciSpider Java v3.0

...

Code Block
bgColor#FFcccc
// grant the klib library AllPermission  
grant codebase ""file:${klib.home}/j2se/home/klib.jar"" { 
  permission java.security.AllPermission; 
}; 

...

Code Block
bgColor#ccccff
grant codeBase ""file:${klib.home}/j2se/home/klib.jar"", signedBy "Admin""Admin" {
  permission java.io.FilePermission ""/tmp/*"", "read""read";
  permission java.io.SocketPermission "*""*", "connect""connect";
};

To check whether the caller has the requisite permissions, standard Java APIs use code such as:

Code Block
//security manager code
perm = new java.io.FilePermission(""/tmp/JavaFile","read"","read");
AccessController.checkPermission(perm);
//other code

...

Code Block
// Standard extensions extend the core platform and get all permissions by default
grant codeBase ""file:${{java.ext.dirs}}/*"" {
  permission java.security.AllPermission;
};

...

ENV02-J. Create a secure sandbox using a Security Manager            01. Runtime Environment (ENV)            ENV04-J. Do not grant ReflectPermission with target suppressAccessChecks