Memory of the Java Classic sandbox concept

Although the concept is now rich in content, and is no longer limited to applets, but the original sandbox, still memorable.





A security measure in the Java development environment. The sandbox is a set of rules this are used when creating an applet this prevents certain when the applets is Sen T as part of a Web page. When a browser requests a Web page with applets applets are sent automatically and can is executed as soon as the Pag E arrives in the browser. If the applet is allowed unlimited access to memory and operating system resources, it can does harm in the hands of someone With malicious intent. The sandbox creates a environment in which there are strict limitations on what system resources the applet can request O R access. Sandboxes are used when executable code comes from unknown or untrusted sources and allow the user to run untrusted code s Afely.


The Java sandbox relies on a three-tiered defense. If any one of the following three elements fails, the security model are completely compromised and vulnerable to attack:





byte Code Verifier--This is one way so Java automatically checks untrusted outside code before it is allowed to R Un. When a Java source program was compiled, it compiles down to platform-independent Java byte code, which is verified before It can run. This is helps to establish a base set of the security guarantees.


Applet class Loader--all Java objects belong to classes, and the Applet class loader determines when and the app Let can add classes to a running Java environment. The Applet class loader ensures that important elements of the Java run-time environment are no replaced by code Applet tries to install.


Security Manager--the security manager was consulted by code into the Java library whenever a dangerous operation is about To is carried out. The security manager has the "option to veto" operation by generating a security exception.