Niemeyer Pat, Knudsen Jonathan Learning Java

[ Pobierz całość w formacie PDF ]
.You go to your favorite Internet search engine and find a promising-lookingJava application that does just what you want.You download and run it.But it's entirely possiblethat what you've downloaded is not what you wanted.It could be a computer virus that infectsyour computer.Or it could simply be a malicious program that erases files from your disk.In thiscase, it would have been a really good idea to restrict the application's actions.3.2.1 The Default Security ManagerYou can use an option of the java interpreter to install a default security manager.This securitymanager enforces many of the same rules as for applets.To see how this works, let's write a littleprogram that does something questionable, making a network connection to some computer onthe Internet.(We'll cover the specifics of network programming later, in Chapter 11 andChapter 12.)//file: EvilEmpire.javaimport java.net.*;public class EvilEmpire {public static void main(String[] args) throws Exception{try {Socket s = new Socket("207.46.131.13", 80);System.out.println("Connected!");}catch (SecurityException e) {System.out.println("SecurityException: could not connect.");}}}If you just run this program with the Java interpreter, it will make the network connection:C:\> java EvilEmpireConnected!C:\>This is kind of scary.Let's install the default security manager, like this:C:\> java -Djava.security.manager EvilEmpireSecurityException: could not connect.C:\>That's better, but suppose that the application actually has a legitimate reason to make itsnetwork connection.We'd like to leave the default security manager in place, just to be safe, butwe'd like to grant this application permission to make a network connection.3.2.2 The policytool UtilityTo permit our EvilEmpire example to make a network connection, we need to create a policyfile that contains the appropriate permission.A handy utility called policytool, included in SDK1.2 and later, helps you make policy files.Fire it up from a command line like this:C:\> policytoolYou may get an error message when policytool starts up about not finding a default policyfile.Don't worry about this; just click OK to make the message go away.We want to add a network permission for the EvilEmpire application.The application isidentified by its origin, also called a codebase.A codebase is described by a URL.In this case, itwill be a file: URL that points to the location of the EvilEmpire application on your disk.If you started up policytool, you should be looking at its main window, shown in Figure 3.2.Click on Add Policy Entry.Another window pops up, like the one shown in Figure 3.3 (but withthe fields empty).Figure 3.2.The policytool windowFigure 3.3.Adding a policy entryFirst, fill in the codebase with the URL of the directory containing EvilEmpire as shown in thefigure.Then click on Add Permission.Yet another window pops up, shown in Figure 3.4.Figure 3.4.Creating a new permissionChoose SocketPermission from the first combo box.Then fill out the second text field on theright side with the network address that EvilEmpire will connect to.Finally, choose connectfrom the third combo box.Click on OK; you should see the new permission in the policy entrywindow, as shown in Figure 3.3.Click on Done to finish creating the policy.Then choose Save As from the File menu and savethe policy file as something memorable, like EvilEmpire.policy.You can quit policytool now;we're all done with it.There's nothing magical about the policy file you just created.Take a look at it with a text editor.Ithas a simple syntax; here's the important part, showing the policy we just created:grant codeBase "file:/c:/Projects/Exploring/" {permission java.net.SocketPermission "207.46.131.13", "connect";};You can eschew policytool entirely and just create policy files with a text editor, if you're morecomfortable that way.3.2.3 Using a Policy File with the Default Security ManagerNow that we've gone to the trouble of creating a policy file, let's use it.You can tell the defaultsecurity manager to use the policy file with another command-line option to the java interpreter:C:\> java -Djava.security.manager -Djava.security.policy=EvilEmpire.policy EvilEmpireConnected!EvilEmpire can now make its socket connection because we have explicitly granted itpermission with a policy file.The default security manager still protects us in other ways,however; EvilEmpire cannot write or read files on the disk except in the directory it came from;it cannot make connections to any other network addresses except the one we specified.Take amoment and bask in this warm fuzzy feeling.Later, in Chapter 20, you'll see policytool again when we explain signed applets.In thischapter, codebases are identified by URLs, which isn't the most secure option.Through trickynetwork shenanigans, a clever forger may be able to give you code that appears to be fromsomewhere it's not.Crytpographically signed code is even more trustworthy; see Chapter 20 forthe full details.3.3 The Class PathThe concept of a path should be familiar to anyone who has worked on a DOS or Unix platform.It's an environment variable that provides an application with a list of places to look for someresource.The most common example is a path for executable programs.In a Unix shell, thePATH environment variable is a colon-separated list of directories that are searched, in order,when the user types the name of a command.The Java CLASSPATH environment variable,similarly, is a list of locations that can be searched for packages containing Java class files [ Pobierz całość w formacie PDF ]

Wątki