Using Java SecurityManager to grant/deny access to system functions
In Java it is possible to restrict access to specific functions like reading/writing files and system properties, thread control, networking, object serialization and much more for the running application. Such restrictions may be crucial(重要的;决定性的;定局的;决断的) for guaranteeing security of the system and are implemented for example in Applets, Java Web Start or Java EE Servers.
Class witch takes care of all that security is SecurityManager whose currently registered instance can be accessed through System.getSecurityManager() method. Normally for stand-alone Java applications there is no SecurityManager registered, which means a call to getSecurityManager() would return null. In such case, all the system functions are allowed.
We will show here a simple example of how security in Java works. Take a look at the class below:
import java.io.FileInputStream;
import java.io.FileNotFoundException; public class SecurityTest {
public static void main(String[] args)
throws FileNotFoundException {
//Is there a SecurityManger registered?
System.out.println("SecurityManager: " +
System.getSecurityManager()); //Checking if we can open a file for reading
FileInputStream fis = new FileInputStream("test.txt");
System.out.println("File successfully opened"); //Checking if we can access a vm property
System.out.println(System.getProperty("file.encoding"));
}
}
The class first gets the SecurityManager’s instance and prints it out. Note that this step has no influence on two proceeding steps. It’s purpose is just to show clearly if SecurityManager is there or not. Next step is opening a file called ‘test.txt’ for reading. For this step you should create a file ‘text.txt’ (it may be empty) and put it in the application’s directory. Last step reads a system property “file.encoding” which on most systems should be set by default to “UTF-8″.
Now run the program! If you got any exceptions, check if you copied everything well and if you created the file ‘text.txt’ in the program’s directory. If everything went right, you should get the following output:
SecurityManager: null
File successfully opened
UTF-8
First note that the instance of SecurityManager we got from System.getSecurityManager() is null. There is no SecurityManager so everything is allowed and we were able to successfully open a file and read the system property.
Now let’s put security to play! We will need a file defining current security policy. It is a file that tells the SecurityManager what it should allow and what it should deny. Below is an example of such a file:
grant {
};
As you see, there is nothing written inside the ‘grant’ block. It means that there are no permissions specified and (almost) all system functions will be denied. Put that in a file called ‘test.policy’ and place it in the application’s directory (along with file ‘text.txt’). You can read much more about structure of .policy files here.
With the policy file in place, we should tell the JVM to create a SecurityManager and use file ‘test.policy’ for the security policy. We do it by specifying two system properties while running the SecurityTest program: -Djava.security.manager and -Djava.security.policy=test.policy. You can specify them for example in Eclipse in ‘Run Configurations…->Arguments->VM arguments:’ dialog. Alternatively you can specify them straight from the command line (supposing you exported your code to SecurityTest.jar and put it in the same directory where ‘test.policy’ is:
java -Djava.security.manager -Djava.security.policy=test.policy
-jar SecurityTest.jar
Using these parameters run the program! If everything goes well, this time SecurityManager activates and you should see something like this:
SecurityManager: java.lang.SecurityManager@1a46e30
Exception in thread "main"
java.security.AccessControlException: access denied
(java.io.FilePermission test.txt read)
...
First line indicates that SecurityManager is registered. The exception you see on the next line is proper behavior. InputFileReader’s constructor internally checks if there is a SecurityManager installed. If so, it calls it to check if reading the specified file is allowed according to the current security policy. The security policy (which we specified in ‘test.policy’ file) contains no permissions for reading a file, so SecurityManager throws AccessControlException.
What to do to allow reading files? We have to put a specific rule to ‘test.policy’. Rules for accessing files are implemented by FilePermission class. You can specify which file the rule applies to and what kind of access is being granted. Below you see what must be written in ‘test.policy’ file:
grant {
permission java.io.FilePermission "test.txt", "read";
};
This rule grants reading on file ‘text.txt’ (you could also use “<<ALL FILES>>” to grant the reading of all files). With this permission in place, let’s run the program once again:
SecurityManager: java.lang.SecurityManager@1a46e30
File successfully opened
Exception in thread "main"
java.security.AccessControlException:
access denied (java.util.PropertyPermission file.encoding read)
As you see this time file was successfully opened, but next exception appeared while trying to read the property “file.encoding”. Permission allowing programs to access system properties is called PropertyPermission. We define it following way:
grant {
permission java.io.FilePermission "test.txt", "read";
permission java.util.PropertyPermission "file.encoding", "read";
};
It will allow reading of property “file.encoding”. This time when we run the program, everything will be allowed by the SecurityManager and we should get following output:
SecurityManager: java.lang.SecurityManager@1a46e30
File successfully opened
UTF-8
Writing .policy files for a big application can be tedious, especially if you don’t know yet the correct syntax. Fortunately there is help in form of ‘policytool’, which is a small program distributed along with JDK. You can read something about it here.
This short introduction shows just a tiny bit of SecurityManager’s features. You can do a lot more with it, like for example defining your own permissions and using them in your classes. You can also set principals for every permission and specify files containing digital signatures for them, so that a user running your program must be in possession of a key file to access specific functions. You can read about this functionality for example on this Sun’s tutorial. There is also a bunch of useful links concering security on this site.
Using Java SecurityManager to grant/deny access to system functions的更多相关文章
- java.lang.IllegalAccessError: tried to access field org.slf4j.impl.StaticLoggerBinder.SINGLETON from class org.slf4j.LoggerFactory
java.lang.IllegalAccessError: tried to access field org.slf4j.impl.Static.. java.lang.IllegalAccessE ...
- java.lang.IllegalAccessError: tried to access method com.google.common.base.Stopwatch.<init>()V from 解决
在用spark的yarn-cluster模式跑fpgrowth进行频繁项集挖掘的时候,报如下错误: ERROR yarn.ApplicationMaster: User class threw exc ...
- Atitit. 。Jna技术与 解决 java.lang.Error: Invalid memory access
Atitit. .Jna技术与 解决 java.lang.Error: Invalid memory access 1. 原因与解决1 2. jNA (这个ms sun 的)1 3. Code1 4. ...
- cannot access the system temp folder
cannot access the system temp folder. please, make sure your application have full control rights on ...
- ACCESS的System.Data.OleDb.OleDbException: INSERT INTO 语句的语法错误
一直用的是SQL 数据库,突然改用Access了,使用起来就是没有SQL 顺畅,老是出来些意想不到的错误.今天用Access做的网站程序进行添加数据,调试了一下午,总是异常…… 提示ACCESS的Sy ...
- JAVA之旅(二十三)——System,RunTime,Date,Calendar,Math的数学运算
JAVA之旅(二十三)--System,RunTime,Date,Calendar,Math的数学运算 map实在是太难写了,整理得我都晕都转向了,以后看来需要开一个专题来讲这个了,现在我们来时来学习 ...
- java 标准输出与标准错误 out与 err 区别 用法 联系 java中的out与err区别 System.out和System.err的区别 System.out.println和System.err.println的区别 Java重定向System.out和System.err
本文关键词: java 标准输出与标准错误 out与 err 区别 用法 联系 java中的out与err区别 System.out和System.err的区别 System.out.pri ...
- 开源网络准入系统(open source Network Access Control system)
开源网络准入系统(open source Network Access Control system) http://blog.csdn.net/achejq/article/details/5108 ...
- java SecurityManager
---- 众所周知,Java语言具有完善的安全框架,从编程语言,编译器.解释程序到Java虚拟机,都能确保Java系统不被无效的代码或敌对的编译器暗中破坏,基本上,它们保证了Java代码按预定的规则运 ...
随机推荐
- [C#]Base使用小记
base 关键字用于从派生类中访问基类的成员: • 调用基类上已被其他方法重写的方法. • 指定创建派生类实例时应调用的基类构造函数. 基类访问只能在构造函数.实例方法或实例属性访问器中进行. 从静态 ...
- 上传文件格式控制的困惑(application/octet-stream 限制不了BAT等格式上传)问题解决
允许上传类型部分代码 $uptypes=array( //上传文件类型列表 'image/gif', 'image/jpg', 'image/jpeg', 'image/pjpeg', 'image ...
- python【第十八篇】Django基础
1.什么是Django? Django是一个Python写成的开源Web应用框架.python流行的web框架还有很多,如tornado.flask.web.py等.django采用了MVC的框架模式 ...
- VS2013发布web项目到IIS上遇到的问题总结
vs2010发布网站到本地IIS的步骤 http://blog.csdn.net/cx_wzp/article/details/8805365 问题一:HTTP 错误 403.14 - Forbid ...
- ubuntu杂记
安装ssh: sudo apt-get install openssh-server sudo /etc/init.d/ssh start 将主机中vmware8的网络改为自动获取ip,就可以ping ...
- 【转载】db blocks gets & consistent gets
LOGIC IO(逻辑读次数)= db block gets + consistent gets consistent get : 在一致读模式下所读的快数,包括从回滚段读的快数. db block ...
- microsoft office visio基本使用方法
以下是画流程图.程序内存分配等等框图用到的点滴使用方法,记录在这里以备偶尔只需. 1.画大括号“{}” 在Visio操作界面下,依次点击“文件(File)”—“形状(Shapes)”--“其他Visi ...
- C++版 Chip8游戏模拟器
很早就想写个FC模拟器,但真是一件艰难的事情.. 所以先写个Chip8模拟器,日后再继续研究FC模拟器. Chip8只有35条指令,属于RISC指令集,4k内存,2k显存,16个寄存器(其中15个通用 ...
- 常见内部函数----Python
In [10]: test = [1,2,"yes"] ---append(x) 追加到链尾 In [11]: test.append(1) In [12]: test Out[1 ...
- 使用HttpURLConnection向服务器发送post和get请求
一.使用HttpURLConnection向服务器发送get请求 1.向服务器发送get请求 @Test publicvoid sendSms() throws Exception{ String m ...