...
Sometimes, a call to System.loadLibrary() is embedded in a doPrivileged block, as shown below. An unprivileged caller can maliciously invoke this piece of code using the same technique because the doPrivileged block allows security manager checks to be forgone for other callers on the execution chain.
| Code Block |
|---|
AccessController.doPrivileged(new PrivilegedAction() {
public Object run() {
System.loadLibrary("awt");
return null;
}
});
|
...