用Java创建安全环境的最佳方法
[英]Best approach to create a security environment in Java
问题描述
I need to create a desktop application that will run third party code, and I need to avoid the third party code from export by any way (web, clipboard, file io) informations from the application. 
我需要创建一个运行第三方代码的桌面应用程序,并且需要避免第三方代码通过任何方式(网络,剪贴板,文件io)从应用程序中导出信息。
Somethig like: Somethig喜欢:
public class MyClass {
private String protectedData;
public void doThirdPartyTask() {
String unprotedtedData = unprotect(protectedData);
ThirdPartyClass.doTask(unprotectedData);
}
private String unprotect(String data) {
// ...
}
}
class ThirdPartyClass {
public static void doTask(String unprotectedData) {
// Do task using unprotected data.
// Malicious code may try to externalize the data.
}
}
I'm reading about SecurityManager and AccessControler, but I'm still not sure what's the best approach to handle this. 我正在阅读有关SecurityManager和AccessControler的信息,但是我仍然不确定什么是处理此问题的最佳方法。
What should I read about to do this implementation? 我应该读什么来做这个实现?
2 个解决方案
解决方案1
2 已采纳
First of all, there is pretty much no way you can stop every information leak on a local computer. 首先,几乎没有任何方法可以阻止本地计算机上的所有信息泄漏。 You can certainly restrict network access, and even a lot of file system access, but there is nothing that would stop the gui from popping up a dialog showing the information to the user on the screen, or any other 100 ways you could "leak" data. 您当然可以限制网络访问,甚至可以限制很多文件系统访问,但是没有什么可以阻止gui弹出对话框,向用户显示信息在屏幕上,或者您可以“泄漏”任何其他100种方式数据。
Secondly, you keep talking about the policy file being changeable by the user. 其次,您一直在谈论用户可以更改的策略文件。 yes, it is. 是的。 it sounds like you are basically trying to recreate DRM. 听起来您基本上是在尝试重新创建DRM。 I'd suggest reading up on DRM and the general futility of it. 我建议您阅读DRM及其一般的徒劳性。 It essentially boils down to giving someone a locked box and the key to the box and telling them not to open it. 从本质上讲,这可以归结为给某人一个锁定的盒子和盒子的钥匙,并告诉他们不要打开它。 If someone has physical access to your program, there is almost nothing you can do to stop them from getting data out of it, in java or pretty much any other programming language (at least, not on computers as they are built today). 如果某人可以物理访问您的程序,那么您几乎无法采取任何措施阻止他们使用Java或几乎任何其他编程语言(至少在今天建造的计算机上都没有)从程序中获取数据。
解决方案2
1
A general approach would be to run your jvm with a security policy that grants java.security.AllPermission to your codebase (ie jar) and no permissions whatsoever to the third-party codebase. 一种通用方法是使用安全策略运行jvm,该策略将java.security.AllPermission授予您的代码库(即jar),而没有任何权限授予第三方代码库。 Here is some documentation on how to run with a policy file and what to put in said file. 下面是一些文档,对如何与策略文件运行,并把在上述文件的内容。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.