SecurityManager surprises

About

Asked 3/8, 2011 at 5:20 Answered 3/8, 2011 at 5:30

I wanted to create a very restrictive security manager, so I extended SecurityManager and overridden all the custom checkXXX methods.

But then I found out that my security manager is useless, because anyone can just:

System.setSecurityManager(null);

So I have to add:

@Override    public void checkPermission(Permission perm)  {
    if (perm.getName().equals("setSecurityManager")) {
        throw new SecurityException("You shall have no other security manager but me!");
    }
}

Are there any more surprises? Any other things I have to do to make my SecurityManager hermetic?

Cascara answered 3/8, 2011 at 5:20 Comment(1)

I don't know why this this is a surprise. It's specified in the Javadoc. – Linguist 3/8, 2011 at 10:33

There are at least a couple of things I can think of:

Someone could use reflection to set the System.security field to accessible, and then set it to whatever they want.
Someone could use sun.misc.Unsafe to directly overwrite your instance in memory with whatever random thing they want.

I think your SecurityManager can guard against these things, since they both rely on calls to Field.setAccessible(). But better to test it out to make sure.

Pentylenetetrazol answered 3/8, 2011 at 5:30 Comment(2)

1. I tried this: systemSecurityField = java.lang.Class.forName("java.lang.System").getDeclaredField("security"); but got java.lang.NoSuchFieldException: security – Cascara 7/8, 2011 at 10:46

Strange, it works for me (using Java 6, update 24). Using: System.class.getDeclaredField("security"); – Pentylenetetrazol 7/8, 2011 at 11:36

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags