与其他编程语言相比,为什么Java是安全的? [英] Why Java is secure compared with other programming languages?

查看:238
本文介绍了与其他编程语言相比,为什么Java是安全的?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Java的供应商和社区说,Java是比其他语言更安全。但我想知道怎么样?

Java vendor and community says that "Java is more secure than other languages". But i want to know how?

如果我们看一下在Java和.NET编程,它们出现类似。

If we look at programming in Java and .Net, they appear similar.

参与.NET编程步骤 点击了解更多

  1. 编写.NET程序。
  2. 编译code到MSIL (编译转换源$ C ​​$ C到Microsoft中间语言(MSIL),并生成所需的元数据)。
  3. 编译MSIL到本机code (在执行时,一个刚刚在实时(JIT)编译器会将MSIL到本地code,在此编辑,$ C $ Ç必须通过一个验证过程检查MSIL和元数据来找出code是否可以被确定为类型安全的)。
  4. 运行code (公共语言运行库提供了能够执行要发生和服务,可以执行过程中所使用的基础设施)。
  1. Write .net program.
  2. Compiling your code to MSIL (Compiling translates your source code into Microsoft intermediate language (MSIL) and generates the required metadata).
  3. Compiling MSIL to native code (At execution time, a just-in-time (JIT) compiler translates the MSIL into native code. During this compilation, code must pass a verification process that examines the MSIL and metadata to find out whether the code can be determined to be type safe).
  4. Running code(The common language runtime provides the infrastructure that enables execution to take place and services that can be used during execution).

参与Java编程步骤点击了解更多

  1. 编写Java程序
  2. 编译Java程序(Java编译器将Java源代码code到.class文件是一个字节code)
  3. 程序加载到内存由JVM (JVM装载.cla​​ss文件到内存做字节code核查和机器语言转换.clsss文件)
  4. Java程序的执行(无论行动,我们已经写在我们的Java程序,JVM国米preting字节code执行它们。如果我们谈论的老JVM的他们行动迟缓,执行和跨preTED一个字节code的时间。现代JVM使用JIT编译单元,这是我们甚至称之为即时编译)。
  1. Write a Java program
  2. Compiling a Java Program (Java compiler converts java source code to .class file which is a byte code)
  3. Program loading into memory by JVM( JVM loads .class file into memory do byte code verification and converts .clsss file in machine language)
  4. Execution of Java program (Whatever actions we have written in our Java program, JVM executes them by interpreting bytecode. If we talk about old JVM's they were slow, executed and interpreted one bytecode at a time. Modern JVM uses JIT compilation unit to which we even call just-in-time compilation).

如果我们看一下这两个语言的步骤,他们几乎是相同的和为什么就是Java与其他语言相比,更安全?

If we look the steps in both the language they are almost same then "Why is Java more secure compared with other languages?"

推荐答案

有很多原因,Java是一个的安全的语言,它肯定比一些语言更安全,但我认为这是一个延伸至说,它比的其他的语言。

There are many reasons why Java is a safe language, and it's definitely safer than some languages, but I think it's a stretch to say that it's safer than all other languages.

Java有多种安全功能的地方:

Java has a variety of safety features in place:

  1. 自动空检查引用,边界检查的阵列,核查铸件等,以prevent作出类型错误的程序。与此相比,C或C ++,而这些同样的错误(只有少数例外)导致不确定的行为。

  1. Automatic null-checking of references, bounds-checking of arrays, verification of casts, etc. to prevent the program from making type errors. Compare this to C or C++, where these same errors (with a few exceptions) cause undefined behavior.

之前执行字节code验证。这使得它不可能为程序跳转到一个未定义的指令,或尝试在不存在的对象执行操作,或在指令级做一个类型的错误,等等。与此相比,C或汇编,其中,该程序可以跳转到坏的指令,或者尝试读不存在的函数的参数(想想 va_args ),等等。)

Verification of bytecode prior to execution. This makes it impossible for the program to jump to an undefined instruction, or to try to perform an operation on a nonexistent object, or to make a type error at the instruction level, etc. Compare this to C or assembly, where the program can jump to bad instructions, or try reading nonexistent parameters to functions (think va_args), etc.)

在新的code加载时运行系统的安全检查。使用安全管理器的ClassLoader 很容易让Java运行到prevent任意code从通过介导访问系统资源和$ P $加载pventing程序或运行时生成任意code计算机上执行。与此相比,C或C ++,它可以读取和写入任意值,发出任意的系统调用,生成并执行任意code等。

Runtime security checks when loading in new code. The use of SecurityManager and ClassLoader make it easy for the Java runtime to prevent arbitrary code from executing on the computer by mediating access to system resources and preventing the program from loading or generating arbitrary code at runtime. Compare this to C or C++, which can read and write arbitrary values, issue arbitrary system calls, generate and execute arbitrary code, etc.

的某些特征库级别的安全性。例如,字符串是不可改变的,最后,以便接收字符串<函数/ code>可以验证字符串,而不必担心其他线程改变它的价值。

Library-level safety of certain features. For example, String is immutable and final, so a function that receives a String can verify the string and not have to worry about another thread changing its value.

这是不是Java的安全功能的完整列表,但它应该给你的一些设计考虑在Java中不属于present在其他语言的感觉。

This isn't a complete list of Java's safety features, but it should give you a sense of some of the design considerations in Java that are not present in other languages.

希望这有助于!

这篇关于与其他编程语言相比,为什么Java是安全的?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆