Java安全管理器-它检查什么? [英] Java Security Manager - What does it check?

问题描述

此文章关于Java安全性的问题说:

This article about Java security says:

Java库中的代码参考 遇到危险时的安全管理器 将要尝试操作.

Code in the Java library consults the Security Manager whenever a dangerous operation is about to be attempted.

那么，这到底是什么意思?说，如果我已经实现了自己的安全管理器并为整个JVM启用了它.现在，java运行时是否针对每个Java调用(例如System.out.println()等)都向我的securitymanager咨询，还是仅针对诸如System.exit()和文件操作等dangerous api调用来咨询我?

So, what does this exactly mean? Say, if I've implemented my own securitymanager and enabled it for the whole JVM. Now, does the java runtime consults my securitymanager for each and every java call(like System.out.println() etc) or it consults only for dangerous api calls like System.exit() ,file operations etc?

编辑:让我澄清我的问题，

edit: let me clarify my question,

我没有质疑安全经理的可能性.我只是问是否仅对危险API进行了安全检查，或者对每个方法调用都进行了完成.在具有大量代码的应用程序中，这反过来会导致极大的性能下降.

I'm not questioning the possiblities of the securitymanager. I'm just asking if the security checks are done for the dangerous api's alone or it is done for each and every method call. Which inturn causes a huge performance degradation in case of applications with large amounts of code.

推荐答案

仅在代码表明正确的情况下，才咨询SecurityManager.它不会对每个操作都执行此操作.

It will only consult the SecurityManager if the code says so. It won't do it for every single operation.

例如，在Runtime.exit中，您看到使用了SecurityManager:

For example in Runtime.exit, you see that the SecurityManager is consulted:

public void exit(int status) {
SecurityManager security = System.getSecurityManager();
if (security != null) {
    security.checkExit(status);
}
Shutdown.exit(status);
}

类似地，在File中，您将看到大多数方法都咨询了SecurityManager.示例:

Similarly, in File, you will see that most methods consult the SecurityManager. Example:

public boolean canWrite() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
    security.checkWrite(path);
}
return fs.checkAccess(this, FileSystem.ACCESS_WRITE);
}

如果编写的方法可能是危险的"，则还应该咨询SecurityManager.

If you are writing a method which might be "dangerous" then you should also consult the SecurityManager.

这篇关于Java安全管理器-它检查什么?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！