Date: Tue, 8 Jul 1997 12:40:49 -0700
Message-Id: <199707081940.MAA00857@games.eng.sun.com>
From: Li Gong <gong@games.eng.sun.com>
To: Tabrez Syed <tabrez@cs.utexas.edu>
Subject: Re: [Q] Security Manager extensibility
In-Reply-To: Tabrez Syed's mail of Tue, 8 July, 1997
>From the next major version of JDK (coming to you shortly ...), we
have introduced typed, parameterized, and extensible Permission class
and its subclasses, so that you can do precisely the features you
described, totally in your own code base, without modifying or
subclassing the SecurityManager class.
I understand that documentation will be available this week at JDC
(Java Developer Connection), and you can registerto become a member
for free at our web site java.sun.com.
Best regards,
Li
-- Li Gong, PhD Java Security Architect and Senior Engineering Manager JavaSoft, Cupertino, California, USA Email: gong@eng.sun.com Web: http://java.sun.com/people/gong Tel: 408-343-1825 and Fax: 408-343-1993Tabrez Syed writes: > > Hello, > > I've been looking through the functioning of the Security Manager and Java > security in general and have the following observations. I hope someone can > correct me if I am wrong, or shed some light on the unclear portions. > > Currently all Security Sensitive calls are checked in the Security Manager. > The Security Manager has methods like checkRead() etc which verify if that > function call can proceed. > > My concern is: Supposing I were to write a program to control a resource that > is very specific to my situation. I would like to use the Security Manager to > control access to the resource. That is: in my program I would like to do > something like > > SecurityManager SM = System.getSecurityManager(); > try{ > SM.checkfoo(); > } > catch (SecurityException se) > {} > > My problem is that checkfoo() is not part of the SecurityManager. I would have > to subclass the SecurityManager and provide ,say TabrezSecurityManager which > would implement checkfoo(), to my customers. And say if my competitor had a > competing program that needed to call checkbar() in the SecurityManager, he is > unlikely to distribute a SecurityManger which implements both checkfoo() and > checkbar(). As a result there are now two different SecurityManagers; one that > can support my program and one that can support my competitors program. > > The only thing that makes sense to me is that if say the JDK specs evolve to > support the resource in the original SecurityManager itself. This however is > unlikely, especially if my resource is very specific and unlikely to be used > by more than a few people. > > It is quite possible that my understanding is flawed and there might be a way > to extend the security manager. As of now I can only protect the system > libraries with the SecurityManager. I dont know much about specifics behind > browsers, but I do recall reading that system applets (ones that have system > privileges) in Netscape 3.x had to call SecurityManager.setScopeManager() and > SecurityManager.unsetScopePermission() to enable and disable their powers. I > doubt Microsoft would be very keen on supporting the same convention in > Internet Explorer. > > I welcome ANY comments or suggestions you may have. > > Thank you in Advance > > Tabrez > > > ________________________________________________________________ > Anything worth doing is worth overdoing. > ________________________________________________________________ > Tabrez Syed > Dept. of Computer Sciences UPE Events Chair > University of Texas at Austin > URL: http://www.cs.utexas.edu/users/tabrez > > >