开发者

SecurityManager frameworks that offer finer control over resources

开发者 https://www.devze.com 2023-03-30 07:04 出处:网络
I always thought that SecurityManagers included a check method whic开发者_如何学编程h was called when Method/Field.setAccessible() was attempted that included a Permission that included the name of th

I always thought that SecurityManagers included a check method whic开发者_如何学编程h was called when Method/Field.setAccessible() was attempted that included a Permission that included the name of the method/field enclosing class and member name etc. Apparently it does not which is a shock.

I had an idea that it would be possible to solve this problem by using a ClassLoader that rewrote attempts such as

Method.setAccessible() 

to

MethodHelper.setAccessible( Method );

The MethodHelper method could set a thread local which my security manager look at and clear to get the actual Method.

  • This of course has some potential flaws as it requires class file rewriting which of course can only happen for non system classes.

The same approach could be taken for retrieving methods, fields, etc which today do make the member available to the SecurityManager in any form.

Are there any FOSS libraries that package the above functionality ?

0

精彩评论

暂无评论...
验证码 换一张
取 消