appa.html

jdbc书

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD>
  <TITLE>Writing Advanced Applications, Appendix A: Security and Permissions</TITLE>
  <META NAME="AUTHOR" CONTENT="Monica Pawlan and Calvin Austin">
  <META NAME="KEYWORDS" CONTENT="programming, advanced, Java 2">
  <META NAME="OWNER" CONTENT="Editorial/JDC">
  <META NAME="revision" CONTENT="@(#)appA.src	1.16 09/21/99  JDC">
</HEAD>

<!-- Start Body Insert-->
<BODY BGCOLOR="#ffffff">
<!-- End Body Insert-->

<!-- Start PageTop Insert -->

<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
  <TR ALIGN="CENTER" VALIGN="TOP">
    <TD WIDTH="157" ALIGN="LEFT">
    <IMG SRC="/images/pixel.gif" HEIGHT="40" WIDTH="40" ALT="">
    <A HREF="http://java.sun.com/index.html"><IMG SRC="/images/javalogo52x88.gif" WIDTH="52" HEIGHT="88" ALT="Java Technology Home Page" BORDER="0"></A>
    <BR>
    <IMG SRC="/images/pixel.gif" WIDTH="157" HEIGHT="1" ALT=""></TD>

    <TD>

    <FORM NAME="seek1" METHOD="GET" ACTION="http://search.java.sun.com/query.html">
    <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0" WIDTH="100%">
      <TR>
        <TD ALIGN="RIGHT">
        <IMG SRC="/images/stripelt.gif" WIDTH="6" HEIGHT="14" ALT=""></TD>
        
        <TD WIDTH="100%">
        
        <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0" WIDTH="100%">
          <TR>
            <TD BGCOLOR="#CC9966" WIDTH="100%">
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
          
          <TR>
            <TD>
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
          
          <TR>
            <TD BGCOLOR="#CC9966">
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
          
          <TR>
            <TD>
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
          
          <TR>
            <TD BGCOLOR="#CC9966">
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
          
          <TR>
            <TD>
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
          
          <TR>
            <TD BGCOLOR="#CC9966">
            <IMG SRC="/images/pixel.gif" HEIGHT="2" WIDTH="1" ALT=""></TD>
          </TR>
        </TABLE>
        </TD>
        
        <TD ALIGN="LEFT">
        <IMG SRC="/images/stripert.gif" WIDTH="6" HEIGHT="14" ALT=""></TD>

        <TD>
        
        <TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
          <TR>
            <TD VALIGN="CENTER">
            <A HREF="http://java.sun.com/a-z/index.html"><IMG SRC="/images/azindex.gif" BORDER="0" WIDTH="72" HEIGHT="11" ALT="A-Z Index"></A></TD>
              
            <TD VALIGN="CENTER">
            <FONT FACE="Helvetica" SIZE="1">
            <INPUT TYPE="text" SIZE="15" MAXLENGTH="128" NAME=qt></FONT></TD>
            
            <TD VALIGN="CENTER">
            <INPUT TYPE="image" SRC="/images/search.button.gif" 
              value="search" BORDER="0" WIDTH="55" HEIGHT="14" ALT="Search"></TD>
          </TR>
        </TABLE>
        </TD>
      </TR>
    </TABLE>
    </FORM>
    <P>

    <TABLE BORDER="0" WIDTH="100%" CELLPADDING="0" CELLSPACING="0">
      <TR VALIGN="TOP">
        <TD WIDTH="100%"><IMG SRC="/images/chiclet.row.gif" WIDTH="55" 
          HEIGHT="18" ALT=""></TD>
          
        <TD ROWSPAN="4" ALIGN="RIGHT" WIDTH="152">
        <A HREF="/developer/index.html"><IMG SRC="/images/developer.connection.header.gif" BORDER="0" HEIGHT="42" WIDTH="319" ALT="Java Developer Connection(SM)"></A></TD>
      </TR>
      
      <TR VALIGN="TOP">
        <TD BGCOLOR="#FFFFFF" HEIGHT="1" WIDTH="100%">
        <IMG SRC="/images/pixel.gif" HEIGHT="1" WIDTH="1" ALT=""></TD>
      </TR>
      
      <TR VALIGN="TOP">
        <TD BGCOLOR="#CC9966" HEIGHT="1" WIDTH="100%">
        <IMG SRC="/images/pixel.gif" HEIGHT="1" WIDTH="1" ALT=""></TD>
      </TR>
      
      <TR VALIGN="TOP">
        <TD><A HREF="/developer/onlineTraining/"><IMG SRC="/images/online-training.gif" ALT="Online Training" BORDER=0></A></TD>
      </TR>
    </TABLE>

    </TD>
  </TR>
</TABLE>

<!-- End PageTop Insert -->

<!-- Start NavBar Insert -->
<TABLE BORDER="0" CELLSPACING="0" CELLPADDING="3" BGCOLOR="#FFFFFF" WIDTH="157" ALIGN="LEFT">

<!-- tab categories -->

<TR>
<TD><A HREF="http://java.sun.com/products/"><IMG SRC="/images/side.tab.products.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="Downloads, APIs, Documentation"></A></TD>
</TR>

<TR>
<TD><A HREF="/developer/index.html"><IMG SRC="/images/side.tab.developer.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="Java Developer Connection"></A></TD>
</TR>

<TR>
<TD><A HREF="/developer/infodocs/index.shtml"><IMG SRC="/images/side.tab.docs.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="Tutorials, Tech Articles, Training"></A></TD>
</TR>

<TR>
<TD><A HREF="/developer/support/index.html"><IMG SRC="/images/side.tab.support.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="Online Support"></A></TD>
</TR>

<TR>
<TD><A HREF="/developer/community/index.html"><IMG SRC="/images/side.tab.community.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="Community Discussion"></A></TD>
</TR>

<TR>
<TD><A HREF="http://java.sun.com/industry/"><IMG SRC="/images/side.tab.news.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="News &amp; Events from Everywhere"></A></TD>
</TR>

<TR>
<TD><A HREF="http://java.sun.com/solutions"><IMG SRC="/images/side.tab.solutions.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="Products from Everywhere"></A></TD>
</TR>

<TR>
<TD><A HREF="http://java.sun.com/casestudies"><IMG SRC="/images/side.tab.case.gif" HEIGHT="15" WIDTH="130" BORDER="0" ALT="How Java Technology is Used Worldwide"></A></TD>
</TR>

<TR><TD>&nbsp;</TD></TR>


<!-- End NavBar Insert -->


<!-- START SUB-NAV -->

<TR>
  <TD><!-- INSERT SUB-NAV INFO -->
  </TD>
</TR>


<!-- END SUB-NAV -->

</TABLE>

<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
<TR>
<TD>

<!-- Template Version 2.0 -->

<!-- ================== -->
<!-- Start Main Content -->
<!-- ================== -->


<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
<TR>
<TD VALIGN="TOP">
<FONT FACE="Verdana, Arial, Helvetica, sans-serif">

  <A NAME="top"></A>
  <DIV ALIGN="RIGHT">
  <FONT SIZE="-1"><A HREF="/developer/onlineTraining/index.html">Training Index</A></FONT>
  <H2>Writing Advanced Applications<BR>
  <FONT SIZE="3">Appendix A: Security and Permissions</FONT></H2>
  
  <FONT SIZE="-1">[<A HREF="signed2.html">&lt;&lt;BACK</A>] [<A HREF="index.html#contents">CONTENTS</A>] [<A HREF="appB.html">NEXT&gt;&gt;</A>]</FONT></DIV>

<P>
All applets and any applications invoked with a security manager
must be granted explicit permission to access local system 
resources apart from read access to the directory and its
subdirectories where the program is invoked. 
The Java<FONT SIZE="-2"><SUP>TM</SUP></FONT> platform provides
permissions to allow various levels of access to different types 
of local information.  

<P>
Because permissions let an applet or application override the 
default security policy, you
should be very careful when you assign permissions to not
create an opening for malicious code to attack your system.

<P>
This appendix describes the available permissions and explains
how each permission can create an opening for malicious attacks.
One way to use this information is to help you limit what permissions
a given applet or application might need to successfully execute.
Another way to use this information is to educate yourself
on the ways in which a particular permission can be exploited
by malicious code. 

<P>
As a safeguard, never trust an unknown applet or application.
Always check the code carefully against the information in this 
appendix to be sure you are not giving malicious
code permission to cause serious problems on the local system. 
 
<UL>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#over">Overview</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#know">Knowing Which Permissions</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#AllPermission">AllPermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#AWTPermission">AWTPermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#FilePermission">FilePermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#NetPermission">NetPermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#PropertyPermission">PropertyPermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#ReflectPermission">ReflectPermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#RuntimePermission">RuntimePermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#SecurityPermission">SecurityPermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#SerializablePermission">SerializablePermission</A></FONT>
<LI><FONT FACE="Verdana, Arial, Helvetica, sans-serif">
<A HREF="#SocketPermission">SocketPermission</A></FONT>

</UL>

<HR>

<A NAME="over"></A>
<H3>Overview</H3>

Permissions are granted to a program with a policy file.
A policy file contains permissions for specific access. A permission consists 
of the permission name, a target, and in some cases, a comma-separated list 
of actions. 

<P>
For example, the following policy file entry specifies a 
<CODE>java.io.FilePermission</CODE> permission that grants
<CODE>read</CODE> access (the action) to the 
<CODE>${user.home}/text2.txt</CODE> target.

</FONT>

<PRE>
grant {
  permission java.io.FilePermission 
	"${user.home}/text2.txt", "read";
};
</PRE>

<FONT FACE="Verdana, Arial, Helvetica, sans-serif">

There is one policy file for Java platform installation (system)
and an optional policy
file for each user. The system policy file is in 
<CODE>{java.home}/lib/security/java.policy</CODE>, and the
user policy file is in each user's home directory.
The system and user policy files are combined.
So for example,there could be a system policy file with very few permissions
granted to all users on the system, and individual policy files
granting additional permissions to certain users.

<P>
To run an application with the security manager and a policy file
named <CODE>polfile</CODE> in the user's home directory, type:

</FONT>

<PRE>
  java -Djava.security.main 
  -DJava.security.policy=polfile  FileIO
</PRE>

<FONT FACE="Verdana, Arial, Helvetica, sans-serif">

To run an applet in appletviewer with a policy file named 
<CODE>polfile</CODE> in the user's home directory, type:

</FONT>

<PRE>
  appletviewer 
  -J-Djava.security.policy=polfile fileIO.html
</PRE>

<FONT FACE="Verdana, Arial, Helvetica, sans-serif">

When running an applet in a browser, the browser looks for
the user and system policy files to find the permissions the 
applet needs to access local system resources on behalf of the
user who downloaded the applet. 

<A NAME="know"></A>
<H3>Knowing Which Permissions</H3>

When you run an applet or invoke an application with a security
manager that needs permissions, you will get a stack
trace if you did not provide a policy file with all the needed
permissions. The stack trace contains the information you
need to add the permission to the policy file that caused the
stack trace. If the program needs additional permissions, you will
keep getting stack traces until all the required permissions
are added to the policy file.
The only drawback to this approach is you have to try every
possible code path in your application.

<P>
Another way to determine which permission your program needs is
to browse <A HREF="appB.html">Appendix B: Methods and Permissions</A>.
This appendix tells you which Java 2 platform software methods are 
prevented from executing without the listed permission. 
The information in Appendix B is also useful for developers