Each Java application can have its own security manager object that acts as a full-time security guard. The SecurityManager class in the java.lang package is an abstract class that provides the programming interface and partial implementation for all Java security managers. By default an application does not have a security manager. That is, the Java runtime system does not automatically create a security manager for every Java application. So by default an application allows all operations that are subject to security restrictions. To change this default lenient behavior, an application must create and install its own security manager. Table 14.2 gives the public methods of the SecurityManager class and what they do.
Method | Description |
---|---|
getInCheck | Determine whether a security check is in progress |
checkCreateClassLoader | Check to prevent the installation of additional ClassLoaders. |
checkAccess | Check to see if a thread or thread group can modify the thread group. |
checkExit | Checks if the Exit command can be executed. |
checkExec | Checks if the system commands can be executed. |
checkLink | Checks if dynamic libraries can be linked (used for native code). |
checkRead | Checks if a file can be read from. |
checkWrite | Checks if a file can be written to. |
checkConnect | Checks if a network connection can be created. |
checkListen | Checks if a certain network port can be listened to for connections. |
checkAccept | Checks if a network connection can be accepted. |
checkProperties | Checks if the System properties can be accessed. |
checkTopLevelWindow | Checks whether a window must have a special warning. |
checkPackageAccess | Checks if a certain package can be accessed. |
checkPackageDefinition | Checks if a new class can be added to a package. |
checkSetFactory | Check if an Applet can set a networking-related object factory. |
The SecurityManager provides an extremely flexible and powerful mechanism for conditionally allowing access to resources thus allowing an application to customize its security policy.
Using the ClassLoader attack described earlier, an
attacker can change any variable in the system, including SecurityManager's
private variables. The attacker can also change the variable used
by the SecurityManager
to determine where the class was loaded
from, thereby tricking the SecurityManager
to believe that the
class is trusted.
Copyright © 1996 Virginia Polytechnic Institute & State University
All Rights Reserved
Vijay Sureshkumar
<vijay@csgrad.cs.vt.edu>
Last modified: Sun Oct 20 21:52:09 1996