appx.html

来自「java2高级编程」· HTML 代码 · 共 1,311 行 · 第 1/5 页

setDaemon</EM>
, <EM CLASS="CODE">
setmaxPriority</EM>
, <EM CLASS="CODE">
stop</EM>
, and <EM CLASS="CODE">
suspend</EM>
 methods of the <EM CLASS="CODE">
ThreadGroup</EM>
 class. Granting this permission could allow an attacker to create thread groups and set their run priority. </P>
<P CLASS="Body">
<A NAME="pgfId-1061580"></A><EM CLASS="C-Code">
getProtectionDomain</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to retrieve the <EM CLASS="CODE">
ProtectionDomain</EM>
 instance for a class. Granting this permission allows code to obtain policy information for that code source. Although obtaining policy information does not compromise the security of the system, it does give attackers additional information, such as local file names for example, to better aim an attack. </P>
<P CLASS="Body">
<A NAME="pgfId-1061581"></A><EM CLASS="C-Code">
readFileDescriptor</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to read file descriptors. Granting this permission allows code to read the particular file associated with the file descriptor; this ability is dangerous if the file contains confidential data. </P>
<P CLASS="Body">
<A NAME="pgfId-1061582"></A><EM CLASS="C-Code">
writeFileDescriptor</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to write file descriptors. Granting this permission allows code to write to the file associated with the descriptor, which is dangerous if the file descriptor points to a local file. </P>
<P CLASS="Body">
<A NAME="pgfId-1061583"></A><EM CLASS="C-Code">
loadLibrary.{library name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to dynamically link the specified library. Granting this permission could be dangerous because the security architecture is not designed to and does not extend to native code loaded by way of the <EM CLASS="CODE">
java.lang.System.loadLibrary</EM>
 method. </P>
<P CLASS="Body">
<A NAME="pgfId-1061584"></A><EM CLASS="C-Code">
accessClassInPackage.{package name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to access the specified package by way of a classloader's <EM CLASS="CODE">
loadClass</EM>
 method when that class loader calls the <EM CLASS="CODE">
SecurityManager.checkPackageAcesss</EM>
 method. Granting this permission gives code access to classes in packages to which it normally does not have access. Malicious code may use these classes to help in its attempt to compromise security in the system. </P>
<P CLASS="Body">
<A NAME="pgfId-1061585"></A><EM CLASS="C-Code">
defineClassInPackage.{package name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to define classes in the specified package by way of a classloader's <EM CLASS="CODE">
defineClass</EM>
 method when that class loader calls the <EM CLASS="CODE">
SecurityManager.checkPackageDefinition</EM>
 method. Granting this permission allows code to define a class in a particular package; this action can be dangerous because malicious code with this permission might define rogue classes in trusted packages like <EM CLASS="CODE">
java.security</EM>
 or <EM CLASS="CODE">
java.lang</EM>
, for example. </P>
<P CLASS="Body">
<A NAME="pgfId-1061586"></A><EM CLASS="C-Code">
accessDeclaredMembers</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to access the declared members of a class. Granting this permission allows code to query a class for its public, protected, default (package), and private fields and methods. Although the code would have access to the private and protected field and method names, it would not have access to the private and protected field data and would not be able to invoke any private methods. Nevertheless, malicious code may use this information to better aim an attack. Additionally, malicious code might invoke any public methods or access public fields in the class; this action could be dangerous if the code would normally not be able to invoke those methods or access the fields because it cannot cast the object to the class or interface with those methods and fields. </P>
<P CLASS="Body">
<A NAME="pgfId-1061587"></A><EM CLASS="C-Code">
queuePrintJob</EM>
<EM CLASS="Bold">
: </EM>
This target grants permission to initiate a print job request. Granting this permission could allow code to print sensitive information to a printer or maliciously waste paper. </P>
</DIV>
<DIV>
<H4 CLASS="A">
<A NAME="pgfId-1061589"></A><A NAME="14612"></A>SecurityPermission</H4>
<P CLASS="Body">
<A NAME="pgfId-1061592"></A><EM CLASS="CODE">
java.security.SecurityPermission</EM>
<A NAME="marker-1061590"></A><A NAME="marker-1061591"></A> grants access to various security configuration parameters. The possible targets are listed by name with no action list. Security permissions currently apply to methods called on the following objects: </P>
<UL>
<LI CLASS="BL">
<A NAME="pgfId-1061593"></A><EM CLASS="CODE">
java.security.Policy</EM>
, which represents the system security policy for applications. </LI>
<LI CLASS="BL">
<A NAME="pgfId-1061594"></A><EM CLASS="CODE">
java.security.Security</EM>
, which centralizes all security properties and common security methods. It manages providers. </LI>
<LI CLASS="BL">
<A NAME="pgfId-1061595"></A><EM CLASS="CODE">
java.security.Provider</EM>
, which represents an implementation of such things as security algorithms (DSA, RSA, MD5, or SHA-1) and key generation. </LI>
<LI CLASS="BL">
<A NAME="pgfId-1061596"></A><EM CLASS="CODE">
java.security.Signer</EM>
, which manages private keys. Even though <EM CLASS="CODE">
Signer</EM>
 is deprecated, the related permissions are available for backward compatibility. </LI>
<LI CLASS="BL">
<A NAME="pgfId-1061597"></A><EM CLASS="CODE">
java.security.Identity</EM>
, which manages real-world objects such as people, companies, or organizations whose identities can be authenticated using their public keys. </LI>
</UL>
<PRE CLASS="CODE"><A NAME="pgfId-1061598"></A>grant {   
  permission java.security.SecurityPermission &quot;getPolicy&quot;;   permission java.security.SecurityPermission &quot;setPolicy&quot;;   permission java.security.SecurityPermission &quot;getProperty.os.name&quot;;   permission java.security.SecurityPermission &quot;setProperty.os.name&quot;;   permission java.security.SecurityPermission &quot;insertProvider.SUN&quot;;   permission java.security.SecurityPermission &quot;removeProvider.SUN&quot;;   permission java.security.SecurityPermission &quot;setSystemScope&quot;;   permission java.security.SecurityPermission &quot;setIdentityPublicKey&quot;;   permission java.security.SecurityPermission &quot;setIdentityInfo&quot;;   permission java.security.SecurityPermission &quot;addIdentityCertificate&quot;;   permission java.security.SecurityPermission &quot;removeIdentityCertificate&quot;;   permission java.security.SecurityPermission &quot;clearProviderProperties.SUN&quot;;   permission java.security.SecurityPermission        
                             &quot;putProviderProperty.&lt;provider name&gt;&quot;;   permission java.security.SecurityPermission &quot;removeProviderProperty.SUN&quot;;   permission java.security.SecurityPermission &quot;getSignerPrivateKey&quot;;   permission java.security.SecurityPermission &quot;setSignerKeyPair&quot;;
};</PRE>
<P CLASS="Body">
<A NAME="pgfId-1061599"></A><EM CLASS="C-Code">
getPolicy</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to retrieve the system-wide security policy. Granting this permission discloses which permissions would be granted to a given application or applet. Although revealing the policy does not compromise the security of the system, it does provide malicious code with additional information that it could use to better aim an attack. </P>
<P CLASS="Body">
<A NAME="pgfId-1061600"></A><EM CLASS="C-Code">
setPolicy</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to set the system-wide security policy. Granting this permission could allow malicious code to grant itself all the necessary permissions to successfully mount an attack on the system. </P>
<P CLASS="Body">
<A NAME="pgfId-1061601"></A><EM CLASS="C-Code">
getProperty.{key}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to retrieve the security property specified by <EM CLASS="CODE">
{key}</EM>
. Depending on the particular key for which access has been granted, the code may have access to the list of security providers and the location of the system-wide and user security policies. Although revealing this information does not compromise the security of the system, it does provide malicious code with additional information that it may use to better aim an attack. </P>
<P CLASS="Body">
<A NAME="pgfId-1061602"></A><EM CLASS="C-Code">
setProperty.{key}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to set the security property specified by <EM CLASS="CODE">
{key}</EM>
. This could include setting a security provider or defining the location of the system-wide security policy. Malicious code that has permission to set a new security provider may set a rogue provider that steals confidential information such as cryptographic private keys. In addition, malicious code with permission to set the location of the system-wide security policy may point it to a security policy that grants the attacker all the necessary permissions it requires to successfully mount an attack on the system. </P>
<P CLASS="Body">
<A NAME="pgfId-1061603"></A><EM CLASS="C-Code">
insertProvider.{provider name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to add the new security provider specified by <EM CLASS="CODE">
{provider name}</EM>
. Granting this permission allows the introduction of a possibly malicious provider that could do such things as disclose the private keys passed to it. This is possible because the <EM CLASS="CODE">
Security</EM>
 object, which manages the installed providers, does not currently check the integrity or authenticity of a provider before attaching it. </P>
<P CLASS="Body">
<A NAME="pgfId-1061604"></A><EM CLASS="C-Code">
removeProvider.{provider name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to remove the provider specified by <EM CLASS="CODE">
{provider name}</EM>
. Granting this permission could change the behavior or disable execution of other parts of the program. If a provider requested by the program has been removed, execution might fail. </P>
<P CLASS="Body">
<A NAME="pgfId-1061605"></A><EM CLASS="C-Code">
setSystemScope</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to set the system identity scope. Granting this permission could allow an attacker to configure the system identity scope with certificates that should not be trusted. This could grant code signed with those certificates privileges that would be denied by the original identity scope. </P>
<P CLASS="Body">
<A NAME="pgfId-1061606"></A><EM CLASS="C-Code">
setIdentityPublicKey</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to set the public key for an <EM CLASS="CODE">
Identity</EM>
 object. If the identity is marked <EM CLASS="EM">
trusted</EM>
, this allows an attacker to introduce its own public key that is not trusted by the system's identity scope. This could grant code signed with that same public key privileges that would be otherwise denied. </P>
<P CLASS="Body">
<A NAME="pgfId-1061607"></A><EM CLASS="C-Code">
SetIdentityInfo</EM>
<EM CLASS="Bold">
: </EM>
This target grants permission to set a general information string for an <EM CLASS="CODE">
Identity</EM>
 object. Granting this permission allows attackers to set the general description for an identity. Doing so could trick applications into using a different identity than intended or prevent applications from finding a particular identity. </P>
<P CLASS="Body">
<A NAME="pgfId-1061608"></A><EM CLASS="C-Code">
addIdentityCertificate</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to add a certificate for an <EM CLASS="CODE">
Identity</EM>
 object. Granting this permission allows attackers to set a certificate for an identity's public key making the public key trusted to a wider audience than originally intended. </P>
<P CLASS="Body">
<A NAME="pgfId-1061609"></A><EM CLASS="C-Code">
removeIdentityCertificate</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to remove a certificate for an <EM CLASS="CODE">
Identity</EM>
 object. Granting this permission allows attackers to remove a certificate for an identity's public key. This could be dangerous because the public key suddenly becomes considered less trustworthy than it otherwise would be. </P>
<P CLASS="Body">
<A NAME="pgfId-1061610"></A><EM CLASS="C-Code">
printIdentity</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to print out the name of a principal, the scope in which the principal is used, and whether the principal is considered <EM CLASS="EM">
trusted</EM>
 in that scope. The printed scope could be a file name, in which case it might convey local system information. For example, here is a sample printout of an identity named <EM CLASS="CODE">
carol</EM>
, who is marked not trusted in the user's identity database:</P>
<PRE CLASS="CODE"><A NAME="pgfId-1061611"></A>carol[/home/luehe/identitydb.obj][not trusted]. </PRE>
<P CLASS="Body">
<A NAME="pgfId-1061612"></A><EM CLASS="C-Code">
clearProviderProperties.{provider name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to clear a <EM CLASS="CODE">
Provider</EM>
 object so that it no longer contains the properties used to look up services implemented by the provider. Granting this permission disables the lookup of services implemented by the provider. This could change the behavior or disable execution of other parts of the program that would normally utilize the <EM CLASS="CODE">
Provider</EM>
, as described under the <EM CLASS="CODE">
removeProvider.{provider name}</EM>
 permission above. </P>
<P CLASS="Body">
<A NAME="pgfId-1061613"></A><EM CLASS="C-Code">
putProviderProperty.{provider name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to set properties for the specified provider. The provider properties each specify the name and location of a particular service implemented by the provider. Granting this permission allows code to replace the service specification with another one with a different implementation and could be dangerous if the new implementation has malicious code. </P>
<P CLASS="Body">
<A NAME="pgfId-1061614"></A><EM CLASS="C-Code">
removeProviderProperty.{provider name}</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to remove properties from the specified provider. Granting this permission disables the lookup of services implemented by the provider, making them inaccessible. Granting this permission to malicious code could allow the malicious code to change the behavior or disable execution of other parts of the program that would normally utilize the <EM CLASS="CODE">
Provider</EM>
 object, as described under the <EM CLASS="CODE">
removeProvider.{provider name}</EM>
 permission above. </P>
<P CLASS="Body">
<A NAME="pgfId-1061615"></A><EM CLASS="C-Code">
getSignerPrivateKey</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to retrieve the private key of a <EM CLASS="CODE">
Signer</EM>
 object. Private keys should always be kept secret. Granting this permission could allow malicious code to use the private key to sign files and claim the signature came from the <EM CLASS="CODE">
Signer</EM>
 object. </P>
<P CLASS="Body">
<A NAME="pgfId-1061616"></A><EM CLASS="C-Code">
setSignerKeyPair</EM>
<EM CLASS="Bold">
:</EM>
 This target grants permission to set the public and private key pair for a <EM CLASS="CODE">
Signer</EM>
 object. Granting this permission could allow an attacker to replace the target's key pair with a possibly weaker (smaller) key pair. This would also allow an attacker to listen in on encrypted communication between the target and its peers. The target's peers might wrap an encryption session key under the target's <EM CLASS="EM">
new</EM>
 public key, which would allow the attacker (who possesses the corresponding private key) to unwrap the session key and decipher the communication data encrypted under that session key. <EM CLASS="A">
</EM>
<A NAME="SerializablePermission"></A></P>
</DIV>
<DIV>
<H4 CLASS="A">
<A NAME="pgfId-1061619"></A><A NAME="52413"></A>SerializablePermission</H4>
<P CLASS="Body">
<A NAME="pgfId-1061622"></A><EM CLASS="CODE">