Can I avoid using third-party code to create new threads, start new virtual machines, or leak data using the custom SecurityManager?
Creating a topic leads to a call securityManager.checkAccess(g)where g- ThreadGroup. This, in turn, requires SecurityConstants.MODIFY_THREADGROUP_PERMISSION.
securityManager.checkAccess(g)
g
ThreadGroup
SecurityConstants.MODIFY_THREADGROUP_PERMISSION
The only way to create a new instance of the JVM is to start a new process. This will require SecurityConstraints.FILE_EXECUTE_ACTION.
SecurityConstraints.FILE_EXECUTE_ACTION
So, if your SecurityManager throws an exception for both of these permissions, your first 2 cases will be covered.
, " ". ? , ..?
( ).
, SecurityManager ( , , ). , , ( , ..) - , SecurityManager.
, . , Java Sun 3-4 (Java 6u15 ) Java. 3-4 ( , , Oracle). , ~ 12 .
- , SecurityManager , . ( , Java, SecurityManager, .)
You can certainly do the first two things. However, I'm not sure what you mean by "data leakage."
Please note: you do not need a special SecurityManager, you only need a policy file.
Source: https://habr.com/ru/post/1738350/More articles:Is there a function in Javascript that returns the number of times a given string has? - javascriptWhat information should I register if I discover that my site has been attacked? - securityNeed to understand Python signals and modules - pythonSharepoint WebPart - asp.netApple iPhone Developer Program - iphoneTemporary staging table - performanceFailed to start code analysis from command line using msbuild - visual-studio-2010CLASSPATH on Mac, and how Mac is looking for mysql-connector-java-bin.jar - javaCan I use jMonkeyEngine for Android devices? - androidComplex SQL query with a group and two rows in one - sqlAll Articles