...
The permission java.security.AllPermission grants all possible permissions to code. This facility was included to reduce the burden of managing a multitude of permissions during routine testing as well as when a body of code is completely trusted. Code is typically granted AllPermission via the security policy file; it is also possible to programmatically associate AllPermission with a ProtectionDomain. This permission is dangerous in production environments; never . Never grant AllPermission to untrusted code.
...
The permission java.lang.RuntimePermission applied to target createClassLoader grants code the permission to code so that it can create a ClassLoader object. This is extremely dangerous because malicious code can create its own custom class loader and load classes by assigning them arbitrary permissions. A custom class loader can define a class (or ProtectionDomain) with permissions that override any restrictions specified in the systemwide security policy file.
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="95da7794280df9a7-bcc2abb7-45564d58-87129dfc-d5c30d29f396df04d76ade13"><ac:plain-text-body><![CDATA[ | [[API 2006 | AA. Bibliography#API 06]] | [Class | http://java.sun.com/javase/6/docs/api/java/security/AllPermission.html], [ | http://java.sun.com/javase/6/docs/api/java/lang/reflect/ReflectPermission.html], [ | http://java.sun.com/javase/6/docs/api/java/lang/reflect/RuntimePermission.html] | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="02de4d031ea30db2-455d4f05-44e440af-98eeb0ea-ec076181d44070b9208da832"><ac:plain-text-body><![CDATA[ | [[Gong 2003 | AA. Bibliography#Gong 03]] |
| ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e8f1e14e2e900797-8eb6be74-483449c3-80339235-08a3a194131c093d3079c848"><ac:plain-text-body><![CDATA[ | [[Long 2005 | AA. Bibliography#Long 05]] | Section 2.5, Reflection | ]]></ac:plain-text-body></ac:structured-macro> | |||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="9017ae6d04fdc65c-f35314f1-457b4252-b05f9985-c3432cc4b3ceea9242937e97"><ac:plain-text-body><![CDATA[ | [[Permissions 2008 | AA. Bibliography#Permissions 08]] | Section [ | http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#ReflectPermission] | ]]></ac:plain-text-body></ac:structured-macro> | ||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="6d624c166c92e072-64e3f322-4f254fb3-bbc98a62-cc5d93684636bbd591833101"><ac:plain-text-body><![CDATA[ | [[Reflect 2006 | AA. Bibliography#Reflect 06]] | ]]></ac:plain-text-body></ac:structured-macro> | ||||
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b9ad2caf6ccaeabe-8392f044-44d542d4-9f108e2c-182bbcc18e9cb0b964a59185"><ac:plain-text-body><![CDATA[ | [[Security 2006 | AA. Bibliography#Security 06]] | [Security Architecture | http://java.sun.com/javase/6/docs/technotes/guides/security/spec/security-spec.doc.html], Section [ | http://java.sun.com/javase/6/docs/technotes/guides/security/permissions.html#RuntimePermission] | ]]></ac:plain-text-body></ac:structured-macro> |
...