Java Native Interface and Security
Question
Is there any chance for the the violation of java security policy through java native interface. Which are the main areas we have to use JNI
2 answers
solution1
4 2009-08-24 10:47:17
Java's Security policies simply do not apply to native code called via JNI, so obviously the native code can violate them at will.
As for what JNI us used for, these days it's mainly to call OS-specific APIs or interface with existing non-Java code. Improving performance used to be a frequently-cited reason, but considering the state of VMs and JIT compilers today, that almost never makes sense.
solution2
1 2009-08-24 10:44:58
Yes, once you invoke native code through JNI it can do pretty much anything the current user is allowed to do - eg delete all their files. The Java system cannot police anything that native code does.
You don't have to use JNI for anything - it's typically used for eg low-level access (eg critical error handling for a removable drive) or to access a C API which doesn't have a pure-Java equivalent.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.