Featured White Papers

• Why choose an Open Source BPM?
• 10 FAQs on Business Process Management
• Best Practices for Getting Started with BPM
• Free Your Devs From The Pain Of Java Redeploys
• Increase Velocity 40% by Using JRebel
• What Developers Want: The End of Application Redeploys
• Developer Productivity Report: Java Tools, Tech, Devs, and Data
• Coding with JRebel: Java Forever Changed
• Utilizing Fast Testing to Transform Java Development
• Do You Really Get Classloaders?
• Pragmatic Continuous Delivery with Jenkins, Nexus, and LiveRebel
• Your Next Java Web App: Less XML, No Long Restarts, Fewer Hassles
• Coding with JRebel, Java Forever Changed
• 2012 Developer Productivity Report: Java Tools, Tech, Devs, and Data

Sponsored Links

• APIs for Java Programmers: Manage & Convert DOC, XLS, PPT, PDF & More

• Instantly Preview Java Code Changes: JRebel.com

Sponsored Links

Optimize with a SATA RAID Storage Solution
Range of capacities as low as $1250 per TB. Ideal if you currently rely on servers/disks/JBODs

Java security: How to install the security manager and customize your security policy

Learn about the security manager and the Java API, what remains unprotected by the security manager, and security beyond the JVM architecture

By Bill Venners, JavaWorld.com, 11/01/97

Page 2 of 7

Areas unprotected by the security manager

Two actions not present in the above list that could potentially be unsafe are allocation of memory and invocation of threads. Currently, a hostile applet can crash a user's browser by:

• Allocating memory until it runs out
• Firing off threads until everything slows to a crawl

These kinds of attacks are called denial of service attacks, because they deny users the ability to use their own computers. The security manager does not allow you to enforce any kind of limit on allocated memory or thread creation. (There are no checkAllocateMemory() or checkCreateThread() methods in the security manager class.) The following are other kinds of hostile applets that currently are possible:

• Applets that send unauthorized e-mail from the user's computer
• Applets that make annoying noises even after you leave the Web page
• Applets that display offensive images or animations

So, a security manager isn't enough to prevent every possible action that could offend or inconvenience a user. Other than the attacks listed here, however, the security manager attempts to provide a check method that allows you to control access to any potentially unsafe action.