• The Architecture:
  • Many participants are involved in Java security
• Specification:
  • Some of the participants involved in specification are Permission and Policy
• Enforcement:
  • Some of the participants involved in enforcement are SecurityManager and AccessController

• Overview:
  • Policy information can be read from one or more ASCII (UTF-8) policy files
• Editing:
  • Policy files can be edited by hand or using the policytool

• Types:
  • System-wide (at java.home/lib/security/java.policy)
  • User (at user.home/.java.policy)
  • Additional
• An Important Note:
  • The different policy files will be combined into one Policy
• Format:
  • grant signedBy "signers", codeBase "URL" {
  • permission permissionClass "target", "action", signedBy "signers";
  • ...
  • };

• At Run-Time:
  • java -Djava.security.manager -Djava.security.policy=policyfile application
  • Note: the -Djava.security.manager argument ensures that the default security manager is installed
• In a Class:
  • System.setProperty("java.security.policy", "policyfile");

grant codeBase "file:/home/sysadmin/" {
	permission java.io.FilePermission "file:/home/public/", "read";
};

grant  {
   permission java.lang.RuntimePermission "modifyThread";
   permission java.net.SocketPermission "*", "accept, connect,listen,resolve";
   permission java.util.logging.LoggingPermission "control";
};

Note: An application can always read from the directory it was started in (and all subdirectories of that directory).

• The Policy Class:
  • Encapsulates a security policy (essenially a matrix with rows corresponding to Principal objects, columns corresponding to CodeSource objects, and Permission objects in the body)
• How it is Used:
  • public boolean implies(ProtectionDomain, Permission) is called to see whether the Permission is granted
• Remember:
  • Though multiple Policy objects can be constructed, only one is in effect at any point in time