runtimepermission.html

来自「API資料大全」· HTML 代码 · 共 463 行 · 第 1/2 页

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Frameset//EN""http://www.w3.org/TR/REC-html40/frameset.dtd">
<!--NewPage-->
<HTML>
<HEAD>
<!-- Generated by javadoc on Thu Apr 27 23:35:07 PDT 2000 -->
<TITLE>
Java 2 Platform SE v1.3: Class  RuntimePermission
</TITLE>
<LINK REL ="stylesheet" TYPE="text/css" HREF="../../stylesheet.css" TITLE="Style">
</HEAD>
<BODY BGCOLOR="white">

<!-- ========== START OF NAVBAR ========== -->
<A NAME="navbar_top"><!-- --></A>
<TABLE BORDER="0" WIDTH="100%" CELLPADDING="1" CELLSPACING="0">
<TR>
<TD COLSPAN=2 BGCOLOR="#EEEEFF" CLASS="NavBarCell1">
<A NAME="navbar_top_firstrow"><!-- --></A>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="3">
  <TR ALIGN="center" VALIGN="top">
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../overview-summary.html"><FONT CLASS="NavBarFont1"><B>Overview</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-summary.html"><FONT CLASS="NavBarFont1"><B>Package</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#FFFFFF" CLASS="NavBarCell1Rev"> &nbsp;<FONT CLASS="NavBarFont1Rev"><B>Class</B></FONT>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="class-use/RuntimePermission.html"><FONT CLASS="NavBarFont1"><B>Use</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="package-tree.html"><FONT CLASS="NavBarFont1"><B>Tree</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../deprecated-list.html"><FONT CLASS="NavBarFont1"><B>Deprecated</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../index-files/index-1.html"><FONT CLASS="NavBarFont1"><B>Index</B></FONT></A>&nbsp;</TD>
  <TD BGCOLOR="#EEEEFF" CLASS="NavBarCell1">    <A HREF="../../help-doc.html"><FONT CLASS="NavBarFont1"><B>Help</B></FONT></A>&nbsp;</TD>
  </TR>
</TABLE>
</TD>
<TD ALIGN="right" VALIGN="top" ROWSPAN=3><EM>
<b>Java<sup><font size=-2>TM</font></sup>&nbsp;2&nbsp;Platform<br>Std.&nbsp;Ed. v1.3</b></EM>
</TD>
</TR>

<TR>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
&nbsp;<A HREF="../../java/lang/Runtime.html"><B>PREV CLASS</B></A>&nbsp;
&nbsp;<A HREF="../../java/lang/SecurityManager.html"><B>NEXT CLASS</B></A></FONT></TD>
<TD BGCOLOR="white" CLASS="NavBarCell2"><FONT SIZE="-2">
  <A HREF="../../index.html" TARGET="_top"><B>FRAMES</B></A>  &nbsp;
&nbsp;<A HREF="RuntimePermission.html" TARGET="_top"><B>NO FRAMES</B></A></FONT></TD>
</TR>
<TR>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
  SUMMARY: &nbsp;INNER&nbsp;|&nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_summary">CONSTR</A>&nbsp;|&nbsp;<A HREF="#methods_inherited_from_class_java.security.BasicPermission">METHOD</A></FONT></TD>
<TD VALIGN="top" CLASS="NavBarCell3"><FONT SIZE="-2">
DETAIL: &nbsp;FIELD&nbsp;|&nbsp;<A HREF="#constructor_detail">CONSTR</A>&nbsp;|&nbsp;METHOD</FONT></TD>
</TR>
</TABLE>
<!-- =========== END OF NAVBAR =========== -->

<HR>
<!-- ======== START OF CLASS DATA ======== -->
<H2>
<FONT SIZE="-1">
java.lang</FONT>
<BR>
Class  RuntimePermission</H2>
<PRE>
<A HREF="../../java/lang/Object.html">java.lang.Object</A>
  |
  +--<A HREF="../../java/security/Permission.html">java.security.Permission</A>
        |
        +--<A HREF="../../java/security/BasicPermission.html">java.security.BasicPermission</A>
              |
              +--<B>java.lang.RuntimePermission</B>
</PRE>
<DL>
<DT><B>All Implemented Interfaces:</B> <DD><A HREF="../../java/security/Guard.html">Guard</A>, <A HREF="../../java/io/Serializable.html">Serializable</A></DD>
</DL>
<HR>
<DL>
<DT>public final class <B>RuntimePermission</B><DT>extends <A HREF="../../java/security/BasicPermission.html">BasicPermission</A></DL>

<P>
This class is for runtime permissions. A RuntimePermission
 contains a name (also referred to as a "target name") but
 no actions list; you either have the named permission
 or you don't.

 <P>
 The target name is the name of the runtime permission (see below). The
 naming convention follows the  hierarchical property naming convention.
 Also, an asterisk
 may appear at the end of the name, following a ".", or by itself, to
 signify a wildcard match. For example: "loadLibrary.*" or "*" is valid,
 "*loadLibrary" or "a*b" is not valid.
 <P>
 The following table lists all the possible RuntimePermission target names,
 and for each provides a description of what the permission allows
 and a discussion of the risks of granting code the permission.
 <P>

 <table border=1 cellpadding=5>
 <tr>
 <th>Permission Target Name</th>
 <th>What the Permission Allows</th>
 <th>Risks of Allowing this Permission</th>
 </tr>

 <tr>
   <td>createClassLoader</td>
   <td>Creation of a class loader</td>
   <td>This is an extremely dangerous permission to grant.
 Malicious applications that can instantiate their own class
 loaders could then load their own rogue classes into the system.
 These newly loaded classes could be placed into any protection
 domain by the class loader, thereby automatically granting the
 classes the permissions for that domain.</td>
 </tr>

 <tr>
   <td>getClassLoader</td>
   <td>Retrieval of a class loader (e.g., the class loader for the calling
 class)</td>
   <td>This would grant an attacker permission to get the
 class loader for a particular class. This is dangerous because
 having access to a class's class loader allows the attacker to
 load other classes available to that class loader. The attacker
 would typically otherwise not have access to those classes.</td>
 </tr>

 <tr>
   <td>setContextClassLoader</td>
   <td>Setting of the context class loader used by a thread</td>
   <td>The context class loader is used by system code and extensions
 when they need to lookup resources that might not exist in the system
 class loader. Granting setContextClassLoader permission would allow
 code to change which context class loader is used
 for a particular thread, including system threads.</td>
 </tr>

 <tr>
   <td>setSecurityManager</td>
   <td>Setting of the security manager (possibly replacing an existing one)
 </td>
   <td>The security manager is a class that allows 
 applications to implement a security policy. Granting the setSecurityManager
 permission would allow code to change which security manager is used by
 installing a different, possibly less restrictive security manager,
 thereby bypassing checks that would have been enforced by the original
 security manager.</td>
 </tr>

 <tr>
   <td>createSecurityManager</td>
   <td>Creation of a new security manager</td>
   <td>This gives code access to protected, sensitive methods that may
 disclose information about other classes or the execution stack.</td>
 </tr>

 <tr>
   <td>exitVM</td>
   <td>Halting of the Java Virtual Machine</td>
   <td>This allows an attacker to mount a denial-of-service attack
 by automatically forcing the virtual machine to halt.</td>
 </tr>

 <tr>
   <td>shutdownHooks</td>
   <td>Registration and cancellation of virtual-machine shutdown hooks</td>
   <td>This allows an attacker to register a malicious shutdown
 hook that interferes with the clean shutdown of the virtual machine.</td>
 </tr>

 <tr>
   <td>setFactory</td>
   <td>Setting of the socket factory used by ServerSocket or Socket,
 or of the stream handler factory used by URL</td>
   <td>This allows code to set the actual implementation
 for the socket, server socket, stream handler, or RMI socket factory.
 An attacker may set a faulty implementation which mangles the data
 stream.</td>
 </tr>

 <tr>
   <td>setIO</td>
   <td>Setting of System.out, System.in, and System.err</td>
   <td>This allows changing the value of the standard system streams.
 An attacker may change System.in to monitor and
 steal user input, or may set System.err to a "null" OutputSteam,
 which would hide any error messages sent to System.err. </td>
 </tr>

 <tr>
   <td>modifyThread</td>
   <td>Modification of threads, e.g., via calls to Thread <code>stop</code>,
 <code>suspend</code>, <code>resume</code>, <code>setPriority</code>,
 and <code>setName</code> methods</td>
   <td>This allows an attacker to start or suspend any thread
 in the system.</td>
 </tr>

 <tr>
   <td>stopThread</td>
   <td>Stopping of threads via calls to the Thread <code>stop</code>
 method</td>
   <td>This allows code to stop any thread in the system provided that it is
 already granted permission to access that thread.
 This poses as a threat, because that code may corrupt the system by
 killing existing threads.</td>
 </tr>

 <tr>
   <td>modifyThreadGroup</td>
   <td>modification of thread groups, e.g., via calls to ThreadGroup
 <code>destroy</code>, <code>getParent</code>, <code>resume</code>, 
 <code>setDaemon</code>, <code>setMaxPriority</code>, <code>stop</code>, 
 and <code>suspend</code> methods</td>
   <td>This allows an attacker to create thread groups and
 set their run priority.</td>
 </tr>

 <tr>
   <td>getProtectionDomain</td>
   <td>Retrieval of the ProtectionDomain for a class</td>
   <td>This allows code to obtain policy information
 for a particular code source. While obtaining policy information
 does not compromise the security of the system, it does give
 attackers additional information, such as local file names for
 example, to better aim an attack.</td>
 </tr>

 <tr>
   <td>readFileDescriptor</td>
   <td>Reading of file descriptors</td>
   <td>This would allow code to read the particular file associated
with the file descriptor read. This is dangerous if the file contains
confidential data.</td>
 </tr>