Java安全管理器:如何指定“无权限”?
[英]Java Security Manager: how to specify “No Permission”?
问题描述
The Java Security Manager allows to specify the permissions of some piece of code by defining clauses like: 
Java安全管理器允许通过定义以下子句来指定某些代码的权限:
...
grant codebase http://foo.bar.com/test.jar {
permission java.io.FilePermission "${user.dir}/*", "read,write"; };
...
in a policy file (default: <JRE_root>\\lib\\security . This grants code stemming from the given URL to read and write from/to the user's home directory (which is of course a no-no but that's another story). 在策略文件中(默认值: <JRE_root>\\lib\\security 。这将授予源于给定URL的代码来读写用户的主目录(当然,这是不可以的,但这是另一回事了)。
But how do I define "NO permission", ie if that piece of code should NOT be allowed to read or write anywhere? 但是,如何定义“没有权限”,即,是否不允许该段代码在任何地方读取或写入? I tried to specify: 我试图指定:
...
permission java.io.FilePermission "/-", "";
...
"/-" means the root directory and everything below it (ie everything) and the second argument "" was meant to signal "". "/-"表示根目录及其下的所有内容(即所有内容),第二个参数""表示信号“”。 But when I specify this like above I get a "token error". 但是当我像上面这样指定时,会出现“令牌错误”。 Apparently "" is not a valid "action". 显然, ""不是有效的“动作”。 But how else does one then express "nothing" or "no permission" in these policy files? 但是,在这些策略文件中又如何表达“无”或“没有权限”呢?
1 个解决方案
解决方案1
1 2013-07-08 14:59:45
Simply don't add any permissions lines. 只需不添加任何权限行。 Classes will typically be given permissions to read their own code and resources. 通常,将授予类读取其自己的代码和资源的权限。 (See the API docs for java.io.FilePermission .) (请参阅API文档中的java.io.FilePermission 。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.