Welcome to the framework of Java Security-- sandbox. It's true that the sandbox which is one of nature characters belonging to all interpreting programming languages. Not like C/C++ which nears with operating system, Java lives and works in itself world, a virtual world under Java macro instructions totally controlling. So security for Java doesn't matter.
The chapter does not focus on the Java Virtual Machine Security Mechanism but security policys. From this point, the chapter is fit for those end users and administratives only.
So from adminstrative point of view, the sandbox is composed of five elements:
Permissions
Code sources
Protection domains
Policy files
Keystores
Java developers say it's platform technique. You're right. Before Java application runs in Java Virtual Machine including sandbox mechanism, administrative also program or configurate above elements to implement their security policy.
Now let's come closer to five elements.
Permission:
No matter who wants to manage Java platform, he has to cope with Java API. Permission management follow such rule. You must take advantage of Java.security.Permission to achieve your goal. That means all Java class is under monitored because there is one respective set of permissions map with one Java class to define the activities that the class is allowed to perform. However, the compromise is that the core Java API always get permission to perform anything. Now the key question is how to set permission or how to work with permission? To be frankly, I also don't know how to do this. But the book will introduce the details.
Here are core Java API permission.
**********************************************************************
File Permissions
[Type]: java.io.FilePermission
[Name]
Because the file name is different in different operating system, the specific file name should be universal.
${/}----------------/
${user.home}----------------/home/userid
${user.home}${/}file-------------------/home/userid/file
[Actions]read,write, delete and execute
So when we define one file permission, the most like statement is
permission java.io.FilePermission “<<ALL FILES>>”,
“read,write,delete,execute”;
permission java.io.FilePermission “${user.home}$/mypassword”,“read”;
I need to highlight one thing here that the file permission defined above can only take effect in Java Virtual Machine. It's eay to be destroyed by operatinh system configuration. For instance, one file is allowed to be deleted by user but has been set to read only under UNIX. If user is noy super user, he still can not delete the file as he wants.
**********************************************************************
Socket Permissions
[Type]java.net.SocketPermission
[Name]
hostname:port ,such as java.sun.com:1020.
Of couse a wildcard can be used like:127.1.10.*:8080.
Another flexible usage is '-'. You can set :
1024- means 1024 and all ports geater than 1024
-1024 means 1024 and all ports less than 1024
1-204 means from 1 to 1024 but exclude two ends
[Actions]accept, listen, connect and resolve.
permission java.net.SocketPermission “127.*:1-”,”accept, listen, connect, resolve”;
**********************************************************************
Property Permission
[Type]java.util.PropertyPermission
[Name]
Any java class or package name just like what you define in the front of source code.
[Actions]read and write
permission java.util.PropertyPermission “java.*“, “read“;
**********************************************************************
Runtime Permissions
[Type]java.lang.RuntimePermission
[Name]
There are a lot of various definitions. Please refer to sun java api document. Because many of them relate to very low level Java runtime configuration. This portion is the essential part of Java sandbox processing.
permission java.lang.RuntimePermission “queuePrintJob“;
**********************************************************************
AWT Permissions
[Type]java.awt.AWTPermission
[Name]
accessClipboard
accessEventQueue
accessRobot
listenToAllAWTEvents
readDisplayPixels
showWindowWithoutWarningBanner
[Actions]NA
So you can easy write the permission script like
permission java.awt.AWTPermission “createRobot”;
**********************************************************************
Net Permission
[Type]java.net.NetPermission
[Name]
I am not sure that what it exactly means. So I have to write the original text here for your information.
”There are three names associated with this class. specifyStreamHandler allows new stream handlers to be installed into the URL class. HTTP authentication(which is not exactly implemented by default Java implementations) requires two permissions: setDefaultAuthenticator to install the authentication class and requestPasswordAuthentication to complete the authentication.”
[Action]NA
permission java.net.NetPermission “specifyStreamHandler”;
**********************************************************************
Security Permission
[Type]java.security.SecurityPermission
[Name]
Various.
addIdentityCertificate
clearProviderProperties
...
No comment on this portion. Maybe when I finish the first five chapters, I could understand what the author states here.
**********************************************************************
Serializable Permission
[Type]java.io.SerializablePermission
[Name]
enableSubstitution and enableSubclassImplementation.
No comment too.
**********************************************************************
Reflection Permission
[Type]java.lang.reflect.ReflectPermission
[Name]
suppressAccessChecks. If granted, this permission allows reflection to examine the private variables of arbitrary classes.
No comment as well.
**********************************************************************
All Permission
[Type]java.security.AllPermission
No need to introduction. This is that famous but dummy one.
