The permission java.security.AllPermission implies all permissions and other permissions; thus granting java.security.AllPermission indeed grants all possible permissions to code. This facility was included for routine testing purposes to make it less cumbersome to deal with both to reduce the burden of managing a multitude of permissions and during routine testing, as well as for use when the a body of code is completely trusted. Code is typically granted AllPermission using via the security policy file but ; it is also possible to programmatically associate AllPermission with a ProtectionDomain, programatically. This permission is dangerous in production environments and must never be granted ; never grant AllPermission to untrusted code.
Noncompliant Code Example (Security Policy File)
...
The permission itself is specified in the security policy file used by the security manager. Alternatively, Program code can obtain a permission object can be obtained in the code by subclassing the java.security.Permission class ( or any subclass such as of its subclasses (e.g. BasicPermission). AllPermission can be granted The code can use the resulting object to grant AllPermission to a ProtectionDomain using such an object. This is again a bad practice.
Compliant Solution
...
Always assign appropriate permissions to code. When more control over Define custom permissions when the granularity of the standard permissions is required, define custom permissionsinsufficient. ( See guideline SEC10-J. Define custom security permissions for fine grained security for more information.)
Noncompliant Code Example (PermissionCollection)
This noncompliant example shows an overridden getPermissions() method , that is defined in a custom class loader. It The class loader erroneously grants java.security.AllPermission to any class that it loads.
...
Compliant Solution
This compliant solution does not fails to grant the java.security.AllPermission to any class that it loads.
...
ENV03-EX1: It may be necessary to grant AllPermission to trusted library code so that callbacks work as expected. For example, it is a common practice to grant AllPermission to the optional Java packages (extension libraries):
...
Guideline | Severity | Likelihood | Remediation Cost | Priority | Level |
|---|---|---|---|---|---|
ENV03-J | high | likely | low | P27 | L1 |
Automated Detection
TODOStatic detection of potential uses of AllPermission is a trivial search. Automated determination of the correctness of such uses is not feasible.
Related Vulnerabilities
...