[英]How to protect Java application from internally running custom code?
I develop the container-like application which can accept custom JARs and run some classes from these JAR archives. 我开发了类似容器的应用程序,它可以接受自定义JAR并从这些JAR归档中运行一些类。 And I wanr to protect my application from this custom code.
我想从这个自定义代码中保护我的应用程序。
I've found SecurityManager
and Policy
classes there, but I still don't know how to protect my application from stack overflow attacks and so on. 我在那里找到了
SecurityManager
和Policy
类,但我仍然不知道如何保护我的应用程序免受堆栈溢出攻击等等。
I've found Runtime
class, but I cannot use the separate process because I need to have the instance of the custom class in my application. 我找到了
Runtime
类,但我不能使用单独的进程,因为我需要在我的应用程序中拥有自定义类的实例。
What instrument should I use? 我应该使用什么仪器? Or, maybe, I should change the architecture of my application?
或者,也许,我应该改变我的应用程序的架构?
I think you are trying to achieve what Google did with GAE . 我认为你正在努力实现Google对GAE的所作所为。 It's not a simple subject to be addressed here so I suppose this paper could be of help.
这不是一个简单的主题,所以我想这篇论文可能有所帮助。
If you have to do this, it seems better to go for a "chroot jail" or the full virtualisation . 如果你必须这样做,那么选择“chroot jail”或完全虚拟化似乎更好。 (Neither of which I no much about.)
(我也不太关心。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.