对未签名的 Java 小程序可以做什么的限制? [英] Restrictions on what an unsigned Java applet can do?
本文介绍了对未签名的 Java 小程序可以做什么的限制?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试编译一个对未签名 Java 小程序的所有限制的完整列表(定义为普通 Java 应用程序可以执行的操作,但未签名的 Java 小程序不能).
I'm trying to compile a complete list of all restrictions placed on unsigned Java applets (defined as things a normal Java application can do, but an unsigned Java applet cannot).
这是我目前整理的清单:
This is the list I've compiled so far:
一个未签名的 Java 小程序...
An unsigned Java applet ...
- 无法访问本地文件系统.
- 无法访问系统剪贴板.
- 无法启动打印作业.
- 无法连接到任何第三方服务器(小程序源自的服务器之外的任何服务器)或从中检索资源.
- 不能使用多播套接字.
- 无法创建或注册
SocketImplFactory
、URLStreamHandlerFactory
或ContentHandlerFactory
. - 无法侦听传入的套接字连接.
- 无法侦听数据报.
- 无法访问某些系统属性(java.class.path、java.home、user.dir、user.home、user.name).
- 无法创建或注册
SecurityManager
对象. - 无法使用
Runtime
或System
的load()
或loadLibrary()
方法动态加载本机代码库>. - 无法通过调用任何
Runtime.exec()
方法来生成新进程. - 无法在运行不受信任代码的线程组之外创建或访问线程或线程组.
- 无法在
java.*
、sun.*
和netscape.*
中定义类. - 无法从
sun.*
包中显式加载类. - 无法通过调用
System.exit()
或Runtime.exit()
退出 Java 运行时. - 无法访问系统事件队列.
- 不能使用
java.lang.Class
反射方法获取有关类的非公共成员的信息,除非该类与不受信任的代码从同一主机加载. - 不能以任何方式操纵安全身份 (java.security).
- 无法设置或读取安全属性 (java.security).
- 无法列出、查找、插入或删除安全提供程序 (java.security).
- Cannot access the local filesystem.
- Cannot access the system clipboard.
- Cannot initiate a print job.
- Cannot connect to or retrieve resources from any third party server (any server other than the server the applet originated from).
- Cannot use multicast sockets.
- Cannot create or register a
SocketImplFactory
,URLStreamHandlerFactory
, orContentHandlerFactory
. - Cannot listen to incoming socket connections.
- Cannot listen for datagrams.
- Cannot access some of the system properties (java.class.path, java.home, user.dir, user.home, user.name).
- Cannot create or register a
SecurityManager
object. - Cannot dynamically load native code libraries with the
load()
orloadLibrary()
methods ofRuntime
orSystem
. - Cannot spawn new processes by calling any of the
Runtime.exec()
methods. - Cannot create or access threads or thread groups outside of the thread group in which the untrusted code is running.
- Cannot define classes in
java.*
,sun.*
andnetscape.*
. - Cannot explicitly load classes from the
sun.*
package. - Cannot exit the Java runtime by calling
System.exit()
orRuntime.exit()
. - Cannot access the system event queue.
- Cannot use the
java.lang.Class
reflection methods to obtain information about nonpublic members of a class, unless the class was loaded from the same host as the untrusted code. - Cannot manipulate security identities in any way (java.security).
- Cannot set or read security properties (java.security).
- Cannot list, look up, insert, or remove security providers (java.security).
问题: 是否缺少任何限制?如果是,请清楚说明您认为列表中缺少哪些限制.
Question: Are there any restrictions missing? If so, please clearly state what restriction you believe is missing from the list.
推荐答案
参见 Sun 的教程:小程序可以做什么和不能做什么.
See this from Sun's tutorial: What Applets Can and Cannot Do.
这篇关于对未签名的 Java 小程序可以做什么的限制?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文