Stack Overflow
Stack Overflow

Questions tagged [securitymanager]

A security manager is an object that defines a security policy for an application. This policy specifies actions that are unsafe or sensitive. Any actions not allowed by the security policy cause a SecurityException to be thrown. An application can also query its security manager to discover which actions are allowed.

218 questions
6
votes
2 answers

Java default SecurityManager policy

I am a beginner of SecurityManager. I have been trying to use a Java SecurityManager to sandbox some untrusted code (supposed to be very simple code, like calculate the weight etc.) in linux. I use the command java -Djava.security.manager to run the…
user3794582
  • 123
  • 1
  • 10
6
votes
2 answers

Java SecurityManager @Override public void checkPermission(Permission perm)

I'm building a SWING application and also need to write a custom SecurityManager. If I write an empty class which extends SecurityManager like this public class Sandbox extends SecurityManager {} it works fine, meaning that the GUI is rendered…
Flavio
  • 846
  • 1
  • 9
  • 21
6
votes
1 answer

Failing to load class definition from jar

I ran across an issue when attempting to port an application over to JApplet so it can run on a browser. Program Contents: Jar file. Contains my CustomClassLoader implementation. Stored on website. Content directory. Filled with compiled classes.…
user1181445
6
votes
2 answers

AccessController not taking a class' ProtectionDomain into account

Context I am writing a Java system where code is executed in very strict sandboxes. A query (consisting of one or more classes) should only be allowed access to exactly one folder (and subfolders and files contained within the folders) for the…
Sebastian Probst Eide
  • 111
  • 8
6
votes
1 answer

How to understand java Socket-Permissions?

permission java.net.SocketPermission "192.168.1.1:31337", "connect, accept, resolve"; What does the following permission allow? Is my Application allowed to accept connections only from 192.168.1.1:31337 (maybe an external client) or to accept…
lazydaemon
  • 2,429
  • 2
  • 17
  • 12
5
votes
1 answer

Java Reflection permission error

I'm trying to load a class via an URLClassLoader (well, it neither works with an normal class loader) and want them to not have any permission. Therefore, i created my own security manager, which genereates a key on startup, which can only by…
Philipp Spiess
  • 3,263
  • 4
  • 26
  • 34
5
votes
1 answer

SecurityManager surprises

I wanted to create a very restrictive security manager, so I extended SecurityManager and overridden all the custom checkXXX methods. But then I found out that my security manager is useless, because anyone can…
Erel Segal-Halevi
  • 33,955
  • 36
  • 114
  • 183
5
votes
4 answers

Java Policy file - Deny permissions to a codebase

In the Java policy file, the grant codeBase syntax specifies which codebase should be granted which permissions. for example, grant codeBase "file:/C:/abc.jar" { permission java.security.AllPermission; }; grants AllPermission to code inside…
securitypolicymanager
  • 135
  • 1
  • 1
  • 5
5
votes
0 answers

Configure Security Manager for application that does not allow to set security policy

I want to deploy a web application ( app.war) on wildfly server. the web app has its own custom security manager set that does not allow changing java security policy. I am able to deploy the web app successfully. But when accessing it, it throws…
Mukesh Kumar
  • 783
  • 1
  • 9
  • 24
5
votes
2 answers

Other SecurityManager implementations available?

Is there any other implementation (e.g. in an OSS project) of a Java SecurityManager available which has more features than the one in the JDK? I'm looking for features like configurable at runtime policies updateable at runtime, read from other…
mhaller
  • 14,122
  • 1
  • 42
  • 61
5
votes
1 answer

Java: Monitor the acquisition of Locks

I am currently experimenting a lot with java's security mechanisms in order to understand how to best execute untrusted code in a sandbox. One of the things you want to protect against are infinite loops which is why ideally you want to run the…
Arno Mittelbach
  • 952
  • 5
  • 12
5
votes
3 answers

Use Tomcat with Java SecurityManager?

I'm writing a web application that is supposed to run on Tomcat on Ubuntu. On Ubuntu, Tomcat is per default configured to run with the Java SecurityManager. Besides my own web application, there will only be some well known third party web…
pauline
4
votes
4 answers

How do I simulate a modal dialog from within an Applet?

On setVisible(true), I call the following code to start a modal dialog: private synchronized void startModal () { try { if (SwingUtilities.isEventDispatchThread()) { EventQueue theQueue = getToolkit().getSystemEventQueue(); while…
jsight
  • 27,819
  • 25
  • 107
  • 140
4
votes
1 answer

When load some class in checkPermission method why SecurityManager emit recursive update exception?

I'm upgrading jdk 8 to 11. I load some class in checkPermission method then security manager emit recursive update exception. but use jdk1.8.0_202 everything works fine. What causes this problem? My environment. OS: macOS 10.15.6 JDK(Oracle):…
kospi
  • 355
  • 5
  • 14
4
votes
0 answers

MissingResourceException while running

I have a large application that started receiving MissingResourceException: Can't find bundle for base name sun.text.resources.FormatData, locale en_US The error comes from my code at java.text.DecimalFormatSymbols.getInstance(Locale.US); This…
ben or
  • 653
  • 5
  • 17
1 2
3
14 15