Aleksey Gureev wrote:
>... In all other
>cases, whole security thing looks pointless to me as it can be easily
>disabled.
It's only pointless if the SecurityManager agrees to its own replacement.
Such a SecurityManager would be fatally flawed, and indeed pointless.
Java's security infrastructure is designed to cover a wide range of
possible deployment environments. In some of those environments, a
SecurityManager is indeed pointless, because the app is presumed trusted.
It's the environments where trust is limited or constrained that a
SecurityManager is necessary, so being able to choose what security to
implement, and when, is crucial.
and earlier...
>We are developing the application that requires loading images from the
>net. Some sort of news reader. Several times I saw the following
>exception on our logs:
>
>---
>java.lang.SecurityException
>at java.lang.SecurityManager.checkPermission(Unknown Source)
>at java.lang.SecurityManager.checkConnect(Unknown Source)
>at sun.awt.image.URLImageSource.checkSecurity(Unknown Source)
>at sun.awt.image.ToolkitImage.getHeight(Unknown Source)
>...
>---
What technologies are you using in your application?
Most applications don't have any SecurityManager because they are
implicitly trusted. Java Web Start and RMI are two technologies that DO
NOT implicitly trust everything an application does, so if you're using
either of those, you're not in the same category as implicitly trusted
applications.
>Anyway, the main question is connected with what I decided to do. I
>decided to install my own SecurityManager implementation on application
>startup through the System.setSecurityManager() call. My implementation
>*never* throws SecurityException. I realize that some security managers
>installed by the system before my re-installation attempt could refuse
>to be replaced, but it's not the point. I'm feeling a bit uneasy about
>whether there are any negative implications connected with a security
>manager always saying 'Yes'. Does anyone have any experience with this?
Yes, but the safety of what you've done depends entirely on the
technologies you're using and the context they're used in. I've used
"grant all" SecurityManager before, but it was appropriate for the
technology and execution context, not something I'd just enable arbitrarily.
You haven't described how your app is deployed or what it's doing in enough
detail to be able to determine whether a "grant all" SecurityManager is a
possible problem or not.
-- GG
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Java-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/java-dev/email@hidden
This email sent to email@hidden
