WWW:Beyond the Basics

14 Java Security

14 Java Security Features

14.4.5 SecurityManager

Each Java application can have its own security manager object that acts as a full-time security guard. The SecurityManager class in the java.lang package is an abstract class that provides the programming interface and partial implementation for all Java security managers. By default an application does not have a security manager. That is, the Java runtime system does not automatically create a security manager for every Java application. So by default an application allows all operations that are subject to security restrictions. To change this default lenient behavior, an application must create and install its own security manager. Table 14.2 gives the public methods of the SecurityManager class and what they do.

Method Description
getInCheck Determine whether a security check is in progress
checkCreateClassLoader Check to prevent the installation of additional ClassLoaders.
checkAccess Check to see if a thread or thread group can modify the thread group.
checkExit Checks if the Exit command can be executed.
checkExec Checks if the system commands can be executed.
checkLink Checks if dynamic libraries can be linked (used for native code).
checkRead Checks if a file can be read from.
checkWrite Checks if a file can be written to.
checkConnect Checks if a network connection can be created.
checkListen Checks if a certain network port can be listened to for connections.
checkAccept Checks if a network connection can be accepted.
checkProperties Checks if the System properties can be accessed.
checkTopLevelWindow Checks whether a window must have a special warning.
checkPackageAccess Checks if a certain package can be accessed.
checkPackageDefinition Checks if a new class can be added to a package.
checkSetFactory Check if an Applet can set a networking-related object factory.
TABLE 14.2: SecurityManager public methods

The SecurityManager provides an extremely flexible and powerful mechanism for conditionally allowing access to resources thus allowing an application to customize its security policy.

Using the ClassLoader attack described earlier, an attacker can change any variable in the system, including SecurityManager's private variables. The attacker can also change the variable used by the SecurityManager to determine where the class was loaded from, thereby tricking the SecurityManager to believe that the class is trusted.

[PREV][NEXT][UP][HOME][VT CS]

Copyright © 1996 Virginia Polytechnic Institute & State University
All Rights Reserved

Vijay Sureshkumar <vijay@csgrad.cs.vt.edu>
Last modified: Sun Oct 20 21:52:09 1996