9.5. Privileged Code
Recall from Chapter 6 that a security-sensitive operation is typically allowed only if all the code in the execution environment has been granted the required permission by the security policy, but you can use an AccessController.doPrivileged method to mark a segment of code as privileged. The privileged code can then perform operations allowed for that code, whether or not its callers have been granted the required permissions. If a piece of trusted code (such as system code, which is granted all permissions) is privileged, it can load libraries (including native code), read any file, read system properties, and so on, independent of what its callers would normally be allowed to do. A privileged code segment is a critical ...
Get Inside Java™ 2 Platform Security: Architecture, API Design, and Implementation, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
