2

I have a JFrame with a JPanel in it. I'm loading some untrusted 3rd party code that needs to add some components to my JPanel. How can I sandbox my JPanel such that to make it impossible for the 3rd party components to access resources outside the JPanel (eg. the JFrame)?

Flavio
  • 846
  • 1
  • 9
  • 21
  • You could try loading the 3rd party code in a security based class loader. Not done this myself, but you could look at [this](http://stackoverflow.com/questions/1791060/java-security-classloader) – MadProgrammer Aug 30 '13 at 10:02
  • Have you looked into the [Security Manager](http://docs.oracle.com/javase/7/docs/api/java/lang/SecurityManager.html) ? – Marc Aug 30 '13 at 10:02
  • Doesn't the security manager handle stuff like file access and so on? I didn't knew that it can restrict access to objects, like Flavio wants. – treeno Aug 30 '13 at 10:10

1 Answers1

0

This will be difficult since your JPanel extends JComponent that has getParent() which would return your JFrame... Since every component in Swing implement that, it is likely that your third-party component also implement that. You could try to overwrite these methods, but I don't think that swing will still work correctly because you would cut of the ComponentTree by doing that...

Could you explain how you load that untrusted code? Is it a library or do you load that at runtime by reflection or something similar?

treeno
  • 2,510
  • 1
  • 20
  • 36
  • Sorry I forgot to mention that. I'm loading code at runtime with URLClassLoader. Basically I load the Class dynamically, create a new instance and then I call some methods on that instance which return SWING components like JPanel or JButton. Should I perhaps create a new JFrame instead of adding them to a JPanel? – Flavio Aug 30 '13 at 11:27
  • Mmmh the JFrame would be the root of the ComponentTree.. that sounds good to me. But that would change the gui-usage and design... Maybe it is more important to restrict acces to the filesystem and network. Even if you find a way to restrict access to Swing-Classes, that would not restirct foreign code from accessing other data on your local maschine and sending it to some server on the internet. – treeno Aug 30 '13 at 13:00
  • Actually I do have a custom SecurityManager in place. Loading external components "safely" on my window is the only problem I can't solve, because for instance they can call .getParent() and modify that. Creating a new JFrame may work, but it really messes up the whole UI. I'm still trying to see if I can do something useful with a JPanel – Flavio Aug 30 '13 at 13:26