Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java Security Manager on Threads

Tags:

java

security

I have an application that uses various third party API's one of the third party API gets executed in a separate thread.

I want one specific thread to have access a particular directory and restrict that thread to access other directories of my local disk.

Is this possible to be achieved through java security manager?

like image 838
user3081658 Avatar asked Dec 09 '13 05:12

user3081658


People also ask

What is the purpose of the Java Security Manager?

The Java security manager uses the Java security policy file to enforce a set of permissions granted to classes. The permissions allow specified classes running in that instance of the JVM to permit or not permit certain runtime operations.

Is Java Security Manager enabled by default?

By default, Java applications have no security restrictions placed on activities requested of the Java API. To use Java security to protect a Java application from performing potentially unsafe actions, you can enable a security manager for the JVM in which the application runs.

Can you start again same thread which was stopped?

No. After starting a thread, it can never be started again. If you does so, an IllegalThreadStateException is thrown. In such case, thread will run once but for second time, it will throw exception.

Is it recommended to extend the security manager class and override existing methods?

PropertyPermission permission. When extending the SecurityManager class and overriding existing methods, some care should be taken. For example, if you override the checkRead(String file) method so it always throws a security exception, then the JDK itself may fail to operate properly.


2 Answers

If I understand correctly, it sounds like what you want to do is restrict access to the file system for one of the third party libraries you're using. In terms of the Java SecurityManager, the fact that this particular third party library is running in a separate thread isn't relevant: Java security policies grant permissions based on where the code is loaded from, whether it's been signed, or the user who is running the code, but not on the basis of which thread the code is running in.

To restrict the access of a specific library to certain areas of the file system, you'll need a policy file that grants the necessary permissions to all your other code, and limited permissions to the library you want to restrict. Assuming the code you're running is in a set of separate jar files and you don't want to place any restrictions on any of the other code, your policy file will look something like this:

grant codebase "file:/path/to/your-application.jar" {
  permission java.security.AllPermission;
};

grant codebase "file:/path/to/trusted-library.jar" {
  permission java.security.AllPermission;
};

grant codebase "file:/path/to/another-trusted-library.jar" {
  permission java.security.AllPermission;
};

grant codebase "file:/path/to/restricted-library.jar" {
  permission java.io.FilePermission "/path/to/particular/directory", "read,write";
  // Any additional permissions this library needs
};

It might take some trial and error to discover what other specific permissions you'll need to grant to the restricted library in order for it to run correctly.

If your requirement really is to restrict access to a specific thread, you'll need to write a custom SecurityManager and override the checkPermission methods so that they check which thread is calling the method in order to determine if the permission should be granted. You would need to add methods to the custom SecurityManager to allow your application code to register which threads should be restricted, and you'd need to make sure that those additional methods couldn't be called by the restricted code, for example by creating and checking for a custom Permission.

Writing custom SecurityManagers is generally more risky than making use of the standard SecurityManager, so you'll want to do some careful testing if you take this approach.

like image 73
alphaloop Avatar answered Oct 06 '22 00:10

alphaloop


Assuming the library you are intending to trust is well written, you can set the permissions for each library in your policy file and add a calls to java.security.AccessController.doPrivileged within the thread or around its construction. Usual disclaimer that badly written trusted code will allow untrusted code to take advantage of its trust.

A "custom" security manager has generally been unnecessary since Java 2, released 1998, but it does seem to appear in much folk memory.

like image 27
Tom Hawtin - tackline Avatar answered Oct 06 '22 01:10

Tom Hawtin - tackline