In general, Java security should consist of two things: the security of the Java platform (that is, the Java Runtime) and the security of the Java-language-developed application. Since we are not a developer of the Java language itself, the first security does not require our consideration. The second security is our key consideration, generally we can through the security Manager mechanism to improve security, security Manager is the security of the implementers, this class can be extended, it provides security measures added to the application, by configuring security policy files to reach the network, The effect of access restrictions on local files and other parts of the program.
Java from the application layer provides us with security management mechanism-security Manager, each Java application can have its own security manager, it will be in the run phase to check the resources needed to protect the access rights and other specified operational permissions, to protect the system from malicious operations to attack, to achieve the security policy of the system. Figure 3-1-5-1 shows how the security manager works, when running a Java program, the security Manager will assign permissions to different modules of the program according to the policies described in the policy file, assuming that the application is divided into three blocks, each with different permissions, and the first block has permission to read a file. The second block also has the permission to read a file and memory, and the third block has the permission to listen to the socket. Through this mechanism can well control the various parts of the operation of the permissions, from the application layer provides us with security management policy. Figure 3-1-5-2 The process of managing the file operations of the security manager, when the application reads the local file, SecurityManager intercepts it before reading, determines if there is permission to read the file, or throws an access exception if one is read successfully. Many methods of checking permissions are available in the SecurityManager class, for example, the Checkpermission method determines the operation based on the permissions described by the security policy file, and the Checkread method is used to determine access to the file. A security exception is thrown when no permissions are found.
Figure 3-1-5-1 Security Management mechanism
Figure 3-1-5-2 Check Operation permissions
Generally speaking, the Java program does not start automatically when the security manager is started, you can start the security manager in the following two ways:
① One is implicit, the simplest way to start the default security manager is to add the-djava.security.manager parameter directly to the startup command.
② is an object that explicitly instantiates a java.lang.SecurityManager or inherits its subclasses, and then sets and starts a security manager by System.setsecuritymanager ().
You can specify a security policy file by using the-djava.security.policy option when you start the security manager. If you do not specify a path to the policy file, the Security Manager uses the default security policy file, which is located in Java.policy under the%java_home%/jre/lib/security directory. To illustrate, = indicates that the policy file will work with the default policy file; = = indicates that only this policy file is used. The policy file contains more than one grant statement, and each grant describes the permissions that some code has for certain operations. When you start the Security Manager, a policy object is generated based on the policy file, and at any time an application can have only one policy object.
So how do you implement your own security Manager and configure permissions? The following is a simple example to illustrate the implementation steps, generally divided into the following two steps: ① create a SecurityManager subclass, and rewrite some methods as needed. ② the policy file is configured according to the permissions of the application code. If you omit the first step using the default security manager, here is an example of how Security Manager is used:
Public class securitymanagertest {
Public static void main (string[] args)throws FileNotFoundException {
System. out. println ("SecurityManager:" + System. getSecurityManager());
FileInputStreamfis = new fileinputstream ("C:\\protect.txt");
System. out. println (System. GetProperty("file.encoding"));
}
}
Run the program in several situations:
(1) If you do not add the startup parameters to run directly, it is equivalent to not start the security manager, SecurityManager print out null, and can read the Protect.txt file and the File.encoding property correctly.
(2) Add the start parameter-djava.security.manager-djava.security.policy=c:/protect.policy, respectively, to start the default security manager and indicate the policy configuration file path. At this point the SecurityManager prints out as NOT null, but since Protect.policy does not have any authorization at this time, the Accesscontrolexcepti on exception is thrown when the file is read.
(3) Add the following authorization statement in the Protect.policy file,
Grant {
Permissionjava.io.FilePermission "C:/protect.txt", "read";
};
At this point SecurityManager is not empty and has permission to read the Protect.txt file, but eventually throws a accesscontrolexception exception because there is no permission to read the File.encoding system properties.
(4) Change the Protect.policy authorization statement to read as follows:
Grant {
Permissionjava.io.FilePermission "C:/protect.txt", "read";
Permissionjava.util.PropertyPermission "File.encoding", "read";
};
This time the read file and read the system properties have permissions, the program runs normally, no longer throws a security exception.
We have a clear understanding of the use of the security manager in the above scenarios by simply configuring the policy file to achieve application security management. Java's permission class is used to define the permissions that a class has, and Java itself includes some permission classes, as follows:
Java.security.AllPermission |
A collection of all permissions |
Java.util.PropertyPermission |
System/Environment Attribute permissions |
Java.lang.RuntimePermission |
Run-time permissions |
Java.net.SocketPermission |
Socket permissions |
Java.io.FilePermission |
File permissions, including read/write, delete, execute |
Java.io.SerializablePermission |
Serialization permissions |
Java.lang.reflect.ReflectPermission |
Reflection Permissions |
Java.security.UnresolvedPermission |
Non-resolved permissions |
Java.net.NetPermission |
Network permissions |
Java.awt.AWTPermission |
AWT Permissions |
Java.sql.SQLPermission |
Database SQL permissions |
Java.security.SecurityPermission |
Access to security controls |
Java.util.logging.LoggingPermission |
Log control permissions |
Javax.net.ssl.SSLPermission |
Secure connection Permissions |
Javax.security.auth.AuthPermission |
Authentication Permissions |
Javax.sound.sampled.AudioPermission |
Access rights to audio system resources |