java.lang.RuntimePermission翻译

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<HTML>

<HEAD>

<TITLE>

RuntimePermission (Java 2 Platform SE v1.4.2)

</TITLE>

function windowTitle()

{

parent.document.title="RuntimePermission (Java 2 Platform SE v1.4.2)";

}

</SCRIPT>

</HEAD>

<TR>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../overview-summary.html">Overview</A> </TD>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html">Package</A> </TD>

<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev">  Class </TD>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../deprecated-list.html">Deprecated</A> </TD>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../index-files/index-1.html">Index</A> </TD>

</TR>

</TABLE>

</TD>

JavaTM 2 Platform Std. Ed. v1.4.2

</TD>

</TR>

<TR>

<A HREF="../../java/lang/Runtime.html" title="class in java.lang">PREV CLASS</A>

<A HREF="../../java/lang/SecurityManager.html" title="class in java.lang">NEXT CLASS</A></TD>

<A HREF="../../index.html" target="_top">FRAMES</A>

<A HREF="RuntimePermission.html" target="_top">NO FRAMES</A>

<!--

if(window==top) {

document.writeln('<A HREF="../../allclasses-noframe.html">All Classes</A>');

}

//-->

</SCRIPT>

<A HREF="../../allclasses-noframe.html">All Classes</A>

</NOSCRIPT>

</TD>

</TR>

<TR>

SUMMARY: NESTED | FIELD | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#methods_inherited_from_class_java.security.BasicPermission">METHOD</A></TD>

DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | METHOD</TD>

</TR>

</TABLE>

<HR>

<H2>

java.lang

Class RuntimePermission</H2>

<PRE>

<A HREF="../../java/lang/Object.html" title="class in java.lang">java.lang.Object</A>

<IMG SRC="../../resources/inherit.gif" ALT="extended by"><A HREF="../../java/security/Permission.html" title="class in java.security">java.security.Permission</A>

<IMG SRC="../../resources/inherit.gif" ALT="extended by"><A HREF="../../java/security/BasicPermission.html" title="class in java.security">java.security.BasicPermission</A>

<IMG SRC="../../resources/inherit.gif" ALT="extended by">java.lang.RuntimePermission

</PRE>

<DL>

<DT>All Implemented Interfaces: <DD><A HREF="../../java/security/Guard.html" title="interface in java.security">Guard</A>, <A HREF="../../java/io/Serializable.html" title="interface in java.io">Serializable</A></DD>

</DL>

<HR>

<DL>

<DT>public final class RuntimePermission<DT>extends <A HREF="../../java/security/BasicPermission.html" title="class in java.security">BasicPermission</A></DL>

This class is for runtime permissions. A RuntimePermission

contains a name (also referred to as a "target name") but

no actions list; you either have the named permission

or you don't.

该类用于运行时许可。RuntimePermission包括一个名称（也被称为“目标名称”），但是没有行为列表，你可以有或者没有这些命名许可。

The target name is the name of the runtime permission (see below). The

naming convention follows the hierarchical property naming convention.

Also, an asterisk

may appear at the end of the name, following a ".", or by itself, to

signify a wildcard match. For example: "loadLibrary.*" or "*" is valid,

"*loadLibrary" or "a*b" is not valid.

目标名称是运行时许可的名称（查看下面）。命名规则遵从层次属性的命名规范。

而且，星号可以出现在名称的末尾，在“.”后，或单独出现，表示通配符。例如："loadLibrary.*"、"*"有效，"*loadLibrary"、"a*b"无效。

The following table lists all the possible RuntimePermission target names,

and for each provides a description of what the permission allows

and a discussion of the risks of granting code the permission.

下表列出所有可能的RuntimePermission目标名称，每一个都给出了许可允许的描述，并讨论了授予代码该许可所面临的风险。

<table border=1 cellpadding=5 summary="permission target name,

what the target allows,and associated risks">

<tr>

<th>Permission Target Name 许可目标名称</th>

<th>What the Permission Allows 许可允许什么</th>

<th>Risks of Allowing this Permission 允许许可的风险</th>

</tr>

<tr>

<td>createClassLoader</td>

<td>Creation of a class loader 创建类加载器</td>

<td>This is an extremely dangerous permission to grant.

Malicious applications that can instantiate their own class

loaders could then load their own rogue classes into the system.

These newly loaded classes could be placed into any protection

domain by the class loader, thereby automatically granting the

classes the permissions for that domain. 相当危险的许可授予。恶意的应用程序可以实例化自身的类加载器，使得有可能

将恶意类载入系统。新载入的类可能被放入类加载器的任何保护域，因此自动授予这些类访问域的许可。</td>

</tr>

<tr>

<td>getClassLoader</td>

<td>Retrieval of a class loader (e.g., the class loader for the calling

class) 获取类加载器</td>

<td>This would grant an attacker permission to get the

class loader for a particular class. This is dangerous because

having access to a class's class loader allows the attacker to

load other classes available to that class loader. The attacker

would typically otherwise not have access to those classes.

将可能授予入侵者以获取特定类的类加载器的许可。可以访问类的类加载器这是很危险的

，会允许入侵者利用类加载器加载其他的类。入侵者通常不应该能访问那些类。</td>

</tr>

<tr>

<td>setContextClassLoader</td>

<td>Setting of the context class loader used by a thread

设置线程使用的上下文类加载器</td>

<td>The context class loader is used by system code and extensions

when they need to lookup resources that might not exist in the system

class loader. Granting setContextClassLoader permission would allow

code to change which context class loader is used

for a particular thread, including system threads.

当系统代码和扩展部分需要查找可能不存在于系统类加载器的资源时使用上下文类加载器。

授予setContextClassLoader许可将允许代码改变用于特定线程包括系统线程的上下文类加载器。</td>

</tr>

<tr>

<td>setSecurityManager</td>

<td>Setting of the security manager (possibly replacing an existing one)

设置安全管理器（可能替代现存的）

</td>

<td>The security manager is a class that allows

applications to implement a security policy. Granting the setSecurityManager

permission would allow code to change which security manager is used by

installing a different, possibly less restrictive security manager,

thereby bypassing checks that would have been enforced by the original

security manager.

安全管理器类允许应用程序实现安全策略。授予setSecurityManager许可将允许代码安装一个不同的，可能限制低的安全管理器

来替代，因此绕过了原安全管理器的强制检查。</td>

</tr>

<tr>

<td>createSecurityManager</td>

<td>Creation of a new security manager 创建一个安全管理器</td>

<td>This gives code access to protected, sensitive methods that may

disclose information about other classes or the execution stack.

这将使代码可以访问受保护的敏感方法，可能暴露关于其他类或执行堆栈的信息。</td>

</tr>

<tr>

<td>exitVM</td>

<td>Halting of the Java Virtual Machine 停止Java虚拟机</td>

<td>This allows an attacker to mount a denial-of-service attack

by automatically forcing the virtual machine to halt.

Note: The "exitVM" permission is automatically granted to all code

loaded from the application class path, thus enabling applications

to terminate themselves.

这将允许入侵者通过强迫虚拟机自动退出来实施拒绝服务攻击。

注：exitVM许可会自动授予所有从应用程序类路径加载的代码，于是使应用程序终于自身。</td>

</tr>

<tr>

<td>shutdownHooks</td>

<td>Registration and cancellation of virtual-machine shutdown hooks

注册和取消虚拟机关闭hook</td>

<td>This allows an attacker to register a malicious shutdown

hook that interferes with the clean shutdown of the virtual machine.

这将允许入侵者注册一个恶意关闭hook，阻止虚拟机正常关闭。</td>

</tr>

<tr>

<td>setFactory</td>

<td>Setting of the socket factory used by ServerSocket or Socket,

or of the stream handler factory used by URL

设置ServerSocket和Socket使用的套接字工厂，或者是URL使用的流处理器工厂</td>

<td>This allows code to set the actual implementation

for the socket, server socket, stream handler, or RMI socket factory.

An attacker may set a faulty implementation which mangles the data

stream.

这允许代码设置套接字、服务器套接字、流处理器或RMI套接字工厂的实际实现方式。

侵入者可以设置有缺陷的实现方式来操纵数据流。</td>

</tr>

<tr>

<td>setIO</td>

<td>Setting of System.out, System.in, and System.err

设置System.out、System.in和System.err</td>

<td>This allows changing the value of the standard system streams.

An attacker may change System.in to monitor and

steal user input, or may set System.err to a "null" OutputSteam,

which would hide any error messages sent to System.err.

这将允许改变标准流的值。入侵者可以改变屏幕的System.in，窃取用户输入，或者可以将System.err

设置为null，这将隐藏发动给System.err的任何错误信息。。</td>

</tr>

<tr>

<td>modifyThread</td>

<td>Modification of threads, e.g., via calls to Thread <code>stop</code>,

<code>suspend</code>, <code>resume</code>, <code>setPriority</code>,

and <code>setName</code> methods

通过Thread的stop、suspend、resume、setPriority和setName方法修改线程</td>

<td>This allows an attacker to start or suspend any thread

in the system.

这将允许入侵者启动或挂起任何系统中的线程。</td>

</tr>

<tr>

<td>stopThread</td>

<td>Stopping of threads via calls to the Thread <code>stop</code>

method 通过Thread的stop方法停止线程</td>

<td>This allows code to stop any thread in the system provided that it is

already granted permission to access that thread.

This poses as a threat, because that code may corrupt the system by

killing existing threads.

这将允许代码停止系统提供的任何线程（已被授予访问线程的许可），这可能是个威胁，因为这些代码可能通过杀死存在的线程使系统崩溃</td>

</tr>

<tr>

<td>modifyThreadGroup</td>

<td>modification of thread groups, e.g., via calls to ThreadGroup

<code>destroy</code>, <code>getParent</code>, <code>resume</code>,

<code>setDaemon</code>, <code>setMaxPriority</code>, <code>stop</code>,

and <code>suspend</code> methods

通过调用ThreadGroup的destroy、getParent、resume、setDaemon、setMaxPriority、stop和suspend方法修改线程组</td>

<td>This allows an attacker to create thread groups and

set their run priority.

这将允许入侵者创建线程组，设置运行优先级。</td>

</tr>

<tr>

<td>getProtectionDomain</td>

<td>Retrieval of the ProtectionDomain for a class

获取类的ProtectionDomain</td>

<td>This allows code to obtain policy information

for a particular code source. While obtaining policy information

does not compromise the security of the system, it does give

attackers additional information, such as local file names for

example, to better aim an attack.

这将允许代码获取特定代码源的策略信息。然而获取策略信息并不能降低系统安全级别，但是它给了入侵者其它的信息，比如本地文件名称，

这会使攻击目标更准确。</td>

</tr>

<tr>

<td>readFileDescriptor</td>

<td>Reading of file descriptors

读取文件描述符</td>

<td>This would allow code to read the particular file associated

with the file descriptor read. This is dangerous if the file

contains confidential data.

这将允许代码读取特定文件的文件描述符，如果文件中包含隐私数据将很危险。</td>

</tr>

<tr>

<td>writeFileDescriptor</td>

<td>Writing to file descriptors

写入文件描述符</td>

<td>This allows code to write to a particular file associated

with the descriptor. This is dangerous because it may allow

malicious code to plant viruses or at the very least, fill up

your entire disk.

这将允许代码写入特定文件的文件描述符，这很危险，因为允许恶意代码种植病毒，至少充满你的整个磁盘。</td>

</tr>

<tr>

<td>loadLibrary.{library name}</td>

<td>Dynamic linking of the specified library

动态链接指定的库</td>

<td>It is dangerous to allow an applet permission to load native code

libraries, because the Java security architecture is not designed to and

does not prevent malicious behavior at the level of native code.

这很危险，因为允许applet加载本地代码库，Java安全体系没有被设计成阻止底层代码的恶意行为。</td>

</tr>

<tr>

<td>accessClassInPackage.{package name}</td>

<td>Access to the specified package via a class loader's

<code>loadClass</code> method when that class loader calls

the SecurityManager <code>checkPackageAcesss</code> method

当类加载器调用SecurityManager的checkPackageAccess方法时，利用类加载器的loadClass方法在特定包中访问类</td>

<td>This gives code access to classes in packages

to which it normally does not have access. Malicious code

may use these classes to help in its attempt to compromise

security in the system.这使代码可以访问正常情况下不能访问的包中的类。恶意代码可以使用这些类来降低系统的安全级别。</td>

</tr>

<tr>

<td>defineClassInPackage.{package name}</td>

<td>Definition of classes in the specified package, via a class

loader's <code>defineClass</code> method when that class loader calls

the SecurityManager <code>checkPackageDefinition</code> method.

当类加载器调用SecurityManager的checkPackageDefinition方法时，利用类加载器的defineClass方法在特定包中定义类。</td>

<td>This grants code permission to define a class

in a particular package. This is dangerous because malicious

code with this permission may define rogue classes in

trusted packages like <code>java.security</code> or <code>java.lang</code>,

for example. 这将授予代码定义特定包中类的许可。这很危险，因为恶意代码使用该许可可能在受信任的包中（比如java.security或者java.lang）定义恶意的类。</td>

</tr>

<tr>

<td>accessDeclaredMembers</td>

<td>Access to the declared members of a class 访问类的声明成员</td>

<td>This grants code permission to query a class for its public,

protected, default (package) access, and private fields and/or

methods. Although the code would have

access to the private and protected field and method names, it would not

have access to the private/protected field data and would not be able

to invoke any private methods. Nevertheless, malicious code

may use this information to better aim an attack.

Additionally, it may invoke any public methods and/or access public fields

in the class. This could be dangerous if

the code would normally not be able to invoke those methods and/or

access the fields because

it can't cast the object to the class/interface with those methods

and fields.

这将授予代码访问类的私有域和方法。尽管代码已经可以访问私有和受保护的域和方法名称，但它不会访问

私有/受保护的域数据，不能调用任何私有方法。然而，恶意代码可以使用这些信息使攻击目标更准确。

另外，它可以调用类中任何公开的方法，访问公开的域。如果这些代码正常情况下不能调用这些方法，访问这些域将会很危险，

因为它不能转化这些方法和域中的类和接口。

</td>

</tr>

<tr>

<td>queuePrintJob</td>

<td>Initiation of a print job request 初始化打印工作请求</td>

<td>This could print sensitive information to a printer,

or simply waste paper. 可能打印出敏感信息，或者只是浪费纸张。</td>

</tr>

</table>

<DL>

<DT>See Also:<DD><A HREF="../../java/security/BasicPermission.html" title="class in java.security"><CODE>BasicPermission</CODE></A>,

<A HREF="../../java/security/Permission.html" title="class in java.security"><CODE>Permission</CODE></A>,

<A HREF="../../java/security/Permissions.html" title="class in java.security"><CODE>Permissions</CODE></A>,

<A HREF="../../java/security/PermissionCollection.html" title="class in java.security"><CODE>PermissionCollection</CODE></A>,

<A HREF="../../java/lang/SecurityManager.html" title="class in java.lang"><CODE>SecurityManager</CODE></A>,

<A HREF="../../serialized-form.html#java.lang.RuntimePermission">Serialized Form</A></DL>

<HR>

Constructor Summary</TD>

</TR>

<TD><CODE><A HREF="../../java/lang/RuntimePermission.html#RuntimePermission(java.lang.String)">RuntimePermission</A>(<A HREF="../../java/lang/String.html" title="class in java.lang">String</A> name)</CODE>

          Creates a new RuntimePermission with the specified name.

创建一个指定名称的RuntimePermission对象。</TD>

</TR>

<TD><CODE><A HREF="../../java/lang/RuntimePermission.html#RuntimePermission(java.lang.String, java.lang.String)">RuntimePermission</A>(<A HREF="../../java/lang/String.html" title="class in java.lang">String</A> name,

<A HREF="../../java/lang/String.html" title="class in java.lang">String</A> actions)</CODE>

          Creates a new RuntimePermission object with the specified name.

创建一个指定名称的RuntimePermission对象。</TD>

</TR>

</TABLE>

<TD>Methods inherited from class java.security.<A HREF="../../java/security/BasicPermission.html" title="class in java.security">BasicPermission</A></TD>

</TR>

<TD><CODE><A HREF="../../java/security/BasicPermission.html#equals(java.lang.Object)">equals</A>, <A HREF="../../java/security/BasicPermission.html#getActions()">getActions</A>, <A HREF="../../java/security/BasicPermission.html#hashCode()">hashCode</A>, <A HREF="../../java/security/BasicPermission.html#implies(java.security.Permission)">implies</A>, <A HREF="../../java/security/BasicPermission.html#newPermissionCollection()">newPermissionCollection</A></CODE></TD>

</TR>

</TABLE>

<TD>Methods inherited from class java.security.<A HREF="../../java/security/Permission.html" title="class in java.security">Permission</A></TD>

</TR>

<TD><CODE><A HREF="../../java/security/Permission.html#checkGuard(java.lang.Object)">checkGuard</A>, <A HREF="../../java/security/Permission.html#getName()">getName</A>, <A HREF="../../java/security/Permission.html#toString()">toString</A></CODE></TD>

</TR>

</TABLE>

<TD>Methods inherited from class java.lang.<A HREF="../../java/lang/Object.html" title="class in java.lang">Object</A></TD>

</TR>

<TD><CODE><A HREF="../../java/lang/Object.html#clone()">clone</A>, <A HREF="../../java/lang/Object.html#finalize()">finalize</A>, <A HREF="../../java/lang/Object.html#getClass()">getClass</A>, <A HREF="../../java/lang/Object.html#notify()">notify</A>, <A HREF="../../java/lang/Object.html#notifyAll()">notifyAll</A>, <A HREF="../../java/lang/Object.html#wait()">wait</A>, <A HREF="../../java/lang/Object.html#wait(long)">wait</A>, <A HREF="../../java/lang/Object.html#wait(long, int)">wait</A></CODE></TD>

</TR>

</TABLE>

Constructor Detail</TD>

</TR>

</TABLE>

RuntimePermission</H3>

<PRE>

public RuntimePermission(<A HREF="../../java/lang/String.html" title="class in java.lang">String</A> name)</PRE>

<DL>

<DD>Creates a new RuntimePermission with the specified name.

The name is the symbolic name of the RuntimePermission, such as

"exit", "setFactory", etc. An asterisk

may appear at the end of the name, following a ".", or by itself, to

signify a wildcard match.

创建一个指定名称的RuntimePermission对象。名称是该RuntimePermission的标记名称，

比如“exit”，“setFactory”等。星号可以出现在名称的末尾，“.”后，或单独出现，表示通配符。

<DT>Parameters:<DD><CODE>name</CODE> - the name of the RuntimePermission.

该RuntimePermission名称。</DL>

<HR>

RuntimePermission</H3>

<PRE>

public RuntimePermission(<A HREF="../../java/lang/String.html" title="class in java.lang">String</A> name,

<A HREF="../../java/lang/String.html" title="class in java.lang">String</A> actions)</PRE>

<DL>

<DD>Creates a new RuntimePermission object with the specified name.

The name is the symbolic name of the RuntimePermission, and the

actions String is currently unused and should be null.

创建一个指定名称的RuntimePermission对象。名称是该RuntimePermission的标记名称，动作字符串当前无用，应当为null。

<DT>Parameters:<DD><CODE>name</CODE> - the name of the RuntimePermission.

该RuntimePermission名称。<DD><CODE>actions</CODE> - should be null. 应当为null。</DL>

<HR>

<TR>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../overview-summary.html">Overview</A> </TD>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="package-summary.html">Package</A> </TD>

<TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev">  Class </TD>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../deprecated-list.html">Deprecated</A> </TD>

<TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1"> <A HREF="../../index-files/index-1.html">Index</A> </TD>

</TR>

</TABLE>

</TD>

JavaTM 2 Platform Std. Ed. v1.4.2

</TD>

</TR>

<TR>

<A HREF="../../java/lang/Runtime.html" title="class in java.lang">PREV CLASS</A>

<A HREF="../../java/lang/SecurityManager.html" title="class in java.lang">NEXT CLASS</A></TD>

<A HREF="../../index.html" target="_top">FRAMES</A>

<A HREF="RuntimePermission.html" target="_top">NO FRAMES</A>

<!--

if(window==top) {

document.writeln('<A HREF="../../allclasses-noframe.html">All Classes</A>');

}

//-->

</SCRIPT>

<A HREF="../../allclasses-noframe.html">All Classes</A>

</NOSCRIPT>

</TD>

</TR>

<TR>

SUMMARY: NESTED | FIELD | <A HREF="#constructor_summary">CONSTR</A> | <A HREF="#methods_inherited_from_class_java.security.BasicPermission">METHOD</A></TD>

DETAIL: FIELD | <A HREF="#constructor_detail">CONSTR</A> | METHOD</TD>

</TR>

</TABLE>

<HR>

<a href="http://java.sun.com/cgi-bin/bugreport.cgi">Submit a bug or feature</a> For further API reference and developer documentation, see <a href="../../../relnotes/devdocs-vs-specs.html">Java 2 SDK SE Developer Documentation</a>. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples. Copyright 2003 Sun Microsystems, Inc. All rights reserved. Use is subject to <a href="../../../relnotes/license.html">license terms</a>. Also see the <a href="http://java.sun.com/docs/redist.html">documentation redistribution policy</a>.

</BODY>

</HTML>