Java策略文件 - 拒绝对代码库的权限 [英] Java Policy file - Deny permissions to a codebase

问题描述

在Java策略文件中， grant codeBase 语法指定应授予哪些代码库哪些权限。例如，

In the Java policy file, the grant codeBase syntax specifies which codebase should be granted which permissions. for example,

grant codeBasefile：/ C：/abc.jar{
permission
java。 security.AllPermission; };

grant codeBase "file:/C:/abc.jar" { permission java.security.AllPermission; };

向abc.jar中的代码授予 AllPermission

grants AllPermission to code inside abc.jar

以类似的方式，是否有办法拒绝特定语法的权限？像这样：

In a similar way, Is there a way to deny permissions to a specific syntax? Like this:

拒绝codeBasefile：/ C：/def.jar{
permission
java。 io.FilePermission; };

deny codeBase "file:/C:/def.jar" { permission java.io.FilePermission; };

以便 def.jar 中的代码获取所有其他权限除了FilePermission？

so that the code inside def.jar gets every other permissions except the FilePermission?

这是否可能？

我知道这可以很容易地完成 SecurityManager 类，但我只想知道是否可以使用策略文件。

I know this can be easily done using the SecurityManager class, but I just want to know if this is possible by using the policy file only.

推荐答案

不。对于策略文件没有这样的实现。如果你真的很绝望，你可以编写自己的系统。

No. There is nothing like this implemented for policy files. You could write your own system, if you were really desperate.

这篇关于Java策略文件 - 拒绝对代码库的权限的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！