- Forward


Java Security - Deployment
An Introduction


Prof. David Bernstein
James Madison University

Computer Science Department
bernstdh@jmu.edu

Print

Overview/Review
Back SMYC Forward
  • The Architecture:
    • Many participants are involved in Java security
  • Specification:
    • Some of the participants involved in specification are Permission and Policy
  • Enforcement:
    • Some of the participants involved in enforcement are SecurityManager and AccessController
Policy Files
Back SMYC Forward
  • Overview:
    • Policy information can be read from one or more ASCII (UTF-8) policy files
  • Editing:
    • Policy files can be edited by hand or using the policytool
Policy Files (cont.)
Back SMYC Forward
  • Types:
    • System-wide (at java.home/lib/security/java.policy)
    • User (at user.home/.java.policy)
    • Additional
  • An Important Note:
    • The different policy files will be combined into one Policy
  • Format:
    • grant signedBy "signers", codeBase "URL" {
      • permission permissionClass "target", "action", signedBy "signers";
      • ...
    • };
Specifying Additional Policy Files
Back SMYC Forward
  • At Run-Time:
    • java -Djava.security.manager -Djava.security.policy=policyfile application
    • Note: the -Djava.security.manager argument ensures that the default security manager is installed
  • In a Class:
    • System.setProperty("java.security.policy", "policyfile");
An Example Policy File
Back SMYC Forward
grant codeBase "file:/home/sysadmin/" { permission java.io.FilePermission "file:/home/public/", "read"; }; grant { permission java.lang.RuntimePermission "modifyThread"; permission java.net.SocketPermission "*", "accept, connect,listen,resolve"; permission java.util.logging.LoggingPermission "control"; };

Note: An application can always read from the directory it was started in (and all subdirectories of that directory).

Internals
Back SMYC Forward
  • The Policy Class:
    • Encapsulates a security policy (essenially a matrix with rows corresponding to Principal objects, columns corresponding to CodeSource objects, and Permission objects in the body)
  • How it is Used:
    • public boolean implies(ProtectionDomain, Permission) is called to see whether the Permission is granted
  • Remember:
    • Though multiple Policy objects can be constructed, only one is in effect at any point in time
There's Always More to Learn
Back -