Using Java SecurityManager to Grant/deny access to system functions

In Java it's possible to restrict access to specific functions like reading/writing files and System properties, thread C Ontrol, networking, object serialization and much more for the running application. Such restrictions may be crucial (important; decisive; definitive; decision) for guaranteeing security of the system and is implemented for example In Applets, Java Web Start or Java EE Servers.

Class Witch takes care of all, security is SecurityManager whose currently registered instance can be accessed through System.getsecuritymanager () method. Normally for stand-alone Java applications There are no SecurityManager registered, which means a call to Getsecuritymanage R () would return null. In such case, all the system functions is allowed.

We'll show here a simple example of what security in Java works. Take a look at the class below:

ImportJava.io.FileInputStream;Importjava.io.FileNotFoundException; Public classSecuritytest { Public Static voidMain (string[] args)throwsFileNotFoundException {//Is there a securitymanger registered?System.out.println ("SecurityManager:" +System.getsecuritymanager ()); //Checking If we can open a file for readingFileInputStream FIS =NewFileInputStream ("Test.txt"); System.out.println ("File successfully opened"); //Checking If we can access a VM propertySystem.out.println (System.getproperty ("file.encoding")); }}

The class first gets the SecurityManager ' s instance and prints it out. Note that this is a step with no influence on the proceeding steps. It's purpose is just to show clearly if securitymanager are there or not. Next step is opening a file called ' Test.txt ' for reading. For this step you should create a file ' Text.txt ' (it could be empty) and put it in the application ' s directory. Last step reads a system property "File.encoding" which on the most systems should is set by default to "Utf-8″.

Now run the program! If you got any exceptions, check if you copied everything well and if you created the file ' Text.txt ' in the program ' s dir Ectory. If everything went right, you should get the following output:

NULL File successfully Openedutf-8

First note the instance of SecurityManager we got from System.getsecuritymanager () is null. There is no securitymanager so everything are allowed and we were able to successfully open a file and read the system prop Erty.

Now let's put security to play! We'll need a file defining current security policy. It's a file that tells the SecurityManager what it should allow and what it should deny. Below is an example of such a file:

Grant {};

As you see, there are nothing written inside the ' grant ' block. It means that there is no permissions specified and (almost) all system functions would be denied. Put that in a file called ' Test.policy ' and place it in the application's directory (along with file ' Text.txt '). You can read much more about structure. policy files here.

With the policy file in place, we should tell the JVM to create a SecurityManager and use file ' Test.policy ' for the Secur ity policy. We do it by specifying-system properties while running the Securitytest program: -djava.security.manager and -djava.security.policy=test.policy. You can specify them for example in Eclipse in ' Run configurations...->arguments->vm Arguments: ' dialog. Alternatively you can specify them straight from the command line (supposing your exported your code to Securitytest.jar an D put it in the same directory where ' Test.policy ' is:

java-djava.security.manager-djava.security.policy=-jar Securitytest.jar

Using These parameters run the program! If everything goes well, this time SecurityManager activates and you should see something like this:

"Main"    Java.security.AccessControlException:access denied    (java.io.FilePermission test.txt Read)    ...

First line indicates this securitymanager is registered. The exception is proper behavior. Inputfilereader ' s constructor internally checks if there is a securitymanager installed. If so, it calls it to check if reading the specified file is allowed according to the current security policy. The security policy (which we specified in ' test.policy ' file) contains No. permissions for reading a file, so Securitymana Ger throws Accesscontrolexception.

What does the Allow reading files? We have to put a specific rule to ' test.policy '. Rules for accessing files is implemented by Filepermission class. You can specify which file the rule applies to and what kind of access is being granted. Below you see what must is written in ' Test.policy ' file:

Grant {  "test.txt", "read";};

This rule grants reading on file ' Text.txt ' (you could also use "<<all files>>" to grant the reading of all fi Les). With this permission on place, let's run the program once again:

"Main"    java.security.AccessControlException:    Access Denied (java.util.PropertyPermission File.encoding Read)

As you see this time file is successfully opened, but next exception appeared and trying to read the property "File.enc Oding ". Permission allowing programs to access system properties are called Propertypermission. We define it following:

Grant {  "test.txt", "read";  " File.encoding "," read ";};

It would allow reading of the property "File.encoding". This time if we run the program, everything'll be allowed by the SecurityManager and we should get following output:

SecurityManager: [Email protected]file successfully openedutf-8

Writing. Policy files for a big application can is tedious, especially if you don ' t know yet the correct syntax. Fortunately there is the help in form of ' Policytool ', which are a small program distributed along with JDK. You can read something on it here.

This short introduction shows just a tiny bit of SecurityManager ' s features. You can do a lot more with it, such as example defining your own permissions and using them in your classes. You can also set principals for every permission and specify files containing digital signatures for them, so that a user Running your program must is in possession of a key file to access specific functions. You can read about this functionality for example in this Sun ' s tutorial. There is also a bunch of useful links concering security on this site.

Using Java SecurityManager to Grant/deny access to system functions