JavaSecurityManager

Last edit August 3, 2011
A Java class that allows applications to implement a security policy.

Usually, the JavaSecurityManager becomes visible when it denies access to a resource like local files: 
 java.security.AccessControlException: access denied (java.io.FilePermission /foo.xml read) 
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
    at java.security.AccessController.checkPermission(AccessController.java:401)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
    at java.lang.SecurityManager.checkRead(SecurityManager.java:863)
    at java.io.File.exists(File.java:678)
    at com.badguys.BadCode$BadThread.run(BadCode.java:32)
However, the most common example can be seen with Java applets which are prevented from:
  • accessing the file system
  • making network connections (for the most part)
  • creating new processes
  • creating class loaders

If there is a security manager in place, the following operations will be checked:

  • Accept a socket connection from a specified host and port number
  • Modify a thread (change its priority, stop it, and so on)
  • Open a socket connection to a specified host and port number
  • Create a new class loader
  • Delete a specified file
  • Create a new process
  • Cause the application to exit
  • Load a dynamic library that contains native methods
  • Wait for a connection on a specified local port number
  • Load a class from a specified package (used by class loaders)
  • Add a new class to a specified package (used by class loaders)
  • Access or modify system properties
  • Access a specified system property
  • Read from a specified file
  • Write to a specified file

Java applications, by default, won't use a security manager unless a policy file has been specified at the time of application launch. To specify a java policy read up on the following syntax: 

 java -Djava.security.manager -Djava.security.policy=someURL SomeApp
The system policy file is by default located at java.home/lib/security/java.policy

see more at: http://java.sun.com/j2se/1.4.2/docs/guide/security/PolicyFiles.html

An attempt to implement something similar in the RubyLanguage is being made in the SecuredRuby project.

Is there something similar in Smalltalk?

contributors: AnonymousDonors, EricHerman