我可以信任的Java SecurityManager的沙箱？ [英] Can I trust Java SecurityManager sandbox?

问题描述

我正在写一个接受任意code被从远程位置加载JavaFX2应用。对我来说，使用自定义的SecurityManager，并且的ClassLoader是的ProtectionDomain的路要走。不幸的是，这似乎是已使用沙箱的小程序同样的设置，这已经引起了很多安全漏洞，并且，反过来已经说服人们担心的Java Web插件，并从完全是他们的操作系统中删除。

I'm writing a JavaFX2 application that accepts arbitrary code to be loaded from remote locations. For me using a custom SecurityManager, ClassLoader and ProtectionDomain was the way to go. Unfortunately this seems to be the same setup that's used to sandbox applets, which has caused a lot of security exploits and that in turn has persuaded people to fear Java Web Plugin and removing it from their OS entirely.

是Java沙箱安全的环境中运行不受信任的code上，还是仅仅在Java Web插件作为一个整体是不安全的？

Is Java sandbox a secure environment to run untrusted code onto, or is it just the Java Web Plugin as a whole to be insecure?

推荐答案

安全管理器提供了您的应用程序。与完全一样多的保护，因为它提供的插件。这是，考虑到安全漏洞，没有多少。

The security manager provides your app. with exactly as much protection as it provided the plug-in. Which was, given the security bugs, 'not much'.

目前，它插入已知的安全漏洞（AFAIU）。但如在任何复杂的插件有可能更多，尚未被发现，或可能在新版本或新的API被引入

It currently plugs the known security bugs (AFAIU). But as in any complex plug-in there are probably more, yet to be discovered, or possibly to be introduced in new versions or new APIs.

所以基本上，你的code应该有些超出标准的安全管理器，黑色上市整个包和（如果需要的话）提供，通过它来执行活动通常由该包处理。实用方法

So basically, your code should go somewhat beyond a standard security manager, black-listing entire packages and (if need be) providing utility methods through which to perform activity normally handled by that package.

不过，他的意见是，我也许能说出2或可能的事情3应用程序一个20+点列表的第一个点。可能需要警惕，在运行不可信code。虽然这不是问题。

But then, that advice is the first point of a 20+ point list that I might be able to name 2 or 3 of the possible things an app. might need to guard against, in running untrusted code. Though that is not the question..

是Java沙箱安全的环境中运行不受信任的code到..

Is Java sandbox a secure environment to run untrusted code onto..

没有。 Java安全可能规定对不可信code安全性一个很好的起点，但它需要特定的应用进行扩展，并有其他要素，以要适合需要的任务。即使这样，也有未知的安全漏洞（均JRE，以及你自己的安全工作）考虑。

No. Java security might provide a good starting point for security against untrusted code, but it would need to be expanded specific to the app., and have other elements in order to be suited to the task required. Even then, there are the 'unknown security bugs' (in both the JRE as well as your own security efforts) to consider.

这篇关于我可以信任的Java SecurityManager的沙箱？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！