我可以信任 Java SecurityManager 沙箱吗? [英] Can I trust Java SecurityManager sandbox?
问题描述
我正在编写一个 JavaFX2 应用程序,它接受从远程位置加载的任意代码.对我来说,使用自定义 SecurityManager、ClassLoader 和 ProtectionDomain 是要走的路.不幸的是,这似乎与用于沙盒小程序的设置相同,这导致了许多安全漏洞,进而说服人们害怕 Java Web Plugin 并将其从他们的操作系统中完全删除.
I'm writing a JavaFX2 application that accepts arbitrary code to be loaded from remote locations. For me using a custom SecurityManager, ClassLoader and ProtectionDomain was the way to go. Unfortunately this seems to be the same setup that's used to sandbox applets, which has caused a lot of security exploits and that in turn has persuaded people to fear Java Web Plugin and removing it from their OS entirely.
Java 沙箱是运行不受信任代码的安全环境,还是只是 Java Web 插件作为一个整体不安全?
Is Java sandbox a secure environment to run untrusted code onto, or is it just the Java Web Plugin as a whole to be insecure?
推荐答案
安全管理器提供您的应用程序.与它提供的插件一样多的保护.考虑到安全漏洞,这不多".
The security manager provides your app. with exactly as much protection as it provided the plug-in. Which was, given the security bugs, 'not much'.
它目前可以插入已知的安全漏洞 (AFAIU).但与任何复杂的插件一样,可能还有更多尚未发现或可能在新版本或新 API 中引入.
It currently plugs the known security bugs (AFAIU). But as in any complex plug-in there are probably more, yet to be discovered, or possibly to be introduced in new versions or new APIs.
所以基本上,您的代码应该超越标准的安全管理器,将整个包列入黑名单,并(如果需要)提供实用方法,通过这些方法来执行通常由该包处理的活动.
So basically, your code should go somewhat beyond a standard security manager, black-listing entire packages and (if need be) providing utility methods through which to perform activity normally handled by that package.
但是,该建议是 20 多个点列表中的第一点,我可能能够命名应用程序中可能出现的 2 或 3 种内容.在运行不受信任的代码时可能需要防范.虽然这不是问题..
But then, that advice is the first point of a 20+ point list that I might be able to name 2 or 3 of the possible things an app. might need to guard against, in running untrusted code. Though that is not the question..
Java 沙箱是一个安全的环境来运行不受信任的代码吗?
Is Java sandbox a secure environment to run untrusted code onto..
没有.Java 安全性可能为针对不受信任的代码的安全性提供了一个很好的起点,但它需要针对应用程序进行扩展,并具有其他元素以适合所需的任务.即便如此,仍有未知的安全漏洞"(在 JRE 以及您自己的安全工作中)需要考虑.
No. Java security might provide a good starting point for security against untrusted code, but it would need to be expanded specific to the app., and have other elements in order to be suited to the task required. Even then, there are the 'unknown security bugs' (in both the JRE as well as your own security efforts) to consider.
这篇关于我可以信任 Java SecurityManager 沙箱吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
