Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java Security Manager - What does it check?

This article about Java security says:

Code in the Java library consults the Security Manager whenever a dangerous operation is about to be attempted.

So, what does this exactly mean? Say, if I've implemented my own securitymanager and enabled it for the whole JVM. Now, does the java runtime consults my securitymanager for each and every java call(like System.out.println() etc) or it consults only for dangerous api calls like System.exit() ,file operations etc?

edit: let me clarify my question,

I'm not questioning the possiblities of the securitymanager. I'm just asking if the security checks are done for the dangerous api's alone or it is done for each and every method call. Which inturn causes a huge performance degradation in case of applications with large amounts of code.

like image 848
RubyDosa Avatar asked Mar 04 '11 11:03

RubyDosa


People also ask

What does Java security manager do?

The security manager is a class that allows applications to implement a security policy. It allows an application to determine, before performing a possibly unsafe or sensitive operation, what the operation is and whether it is being attempted in a security context that allows the operation to be performed.

Is Java security Manager enabled by default?

The Java Security Manager is disabled by default when you install the product, which can improve performance significantly for some types of applications. Enabling the Java Security Manager might improve security by restricting the rights granted to your Java EE web applications.

What is the applet security manager and what does it provide?

What is the applet security manager, and what does it provide ? The applet security manager is a mechanism to impose restrictions on Java applets. A browser may only have one security manager. The security manager is established at startup, and it cannot thereafter be replaced, overloaded, overridden, or extended.

Which class is responsible for permission checks?

The FileInputStream and SecurityManager classes are system classes for which CodeSource is null and permissions consist of an instance of the AllPermission class, which allows all operations.


2 Answers

It will only consult the SecurityManager if the code says so. It won't do it for every single operation.

For example in Runtime.exit, you see that the SecurityManager is consulted:

public void exit(int status) {
SecurityManager security = System.getSecurityManager();
if (security != null) {
    security.checkExit(status);
}
Shutdown.exit(status);
}

Similarly, in File, you will see that most methods consult the SecurityManager. Example:

public boolean canWrite() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
    security.checkWrite(path);
}
return fs.checkAccess(this, FileSystem.ACCESS_WRITE);
}

If you are writing a method which might be "dangerous" then you should also consult the SecurityManager.

like image 153
dogbane Avatar answered Oct 11 '22 02:10

dogbane


Using security manager you could control access to :

  1. File operations
  2. Reflection facility
  3. Read/Write IO
  4. Thread/Thread group operations
  5. Socket operations(listen, accept etc.)
  6. Power to create your own classloader.

For each such thing there is a check*() method in SecurityManager

For an exhaustive list check the constants in SecurityConstants

like image 26
Suraj Chandran Avatar answered Oct 11 '22 02:10

Suraj Chandran