You can always see such kind of security check for some method calls. I know how it works but I don't know the reason to check them. Or saying the fittest use case for using them? I am just surprised how often to find them in JDK source code , but hardly knowing the purpose.开发者_运维百科 Have you guys used them in your work? And in which cases?
I need to add a constaint here. File permission is very straightfoward. What I mean is those function call permission check. What kind of function calls are considered dangerous and should be checked with Security Manager?
For example,
jaav.security.Policy.
private static void checkPermission(String type) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new SecurityPermission("createPolicy." + type));
}
}
Some Java applications run in a sandboxed environment (applets, WebStart applications, etc.) in order to prevent them to be nasty (for example, an applet executing in some random HTML page shouldn't be able to access the file system and read all your personal data). These checks constitute the sandbox.
There are ways to enable some of these restricted operations (by signing the jars and requesting approval from the end user).
The security manager handles what is allowed and what is not. Read http://download.oracle.com/javase/6/docs/technotes/guides/security/permissions.html. It lists all the permissioins and describe which risks are encountered by allowing them.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论