7.5 Interdependence of the Three Java Security Legs

Previous page
Table of content
Next page
 <  Day Day Up  >  

Although the three legs of Java security ” class-loading system, class file verifier, and security manager ”each have unique functions, they are interdependent.

  • The class-loading system relies on the security manager to prevent untrusted code from loading its own class loader, which could flag untrusted code as trusted.

  • Conversely, the security manager relies on the class-loading system to keep untrusted classes and local classes in separate name spaces and to prevent the local trusted classes from being overwritten.

  • Both the security manager and the class-loading system rely on the class file verifier to make sure that class confusion is avoided and that class protection directives are honored.

The bottom line is this: If an attacker can breach one of the three defenses, the security of the whole system is usually compromised.

 <  Day Day Up  >  

Previous page
Table of content
Next page
Enterprise Java Security. Building Secure J2EE Applications
Enterprise Javaв„ў Security: Building Secure J2EEв„ў Applications
ISBN: 0321118898
EAN: 2147483647
Year: 2004
Pages: 164
Authors: Marco Pistoia, Nataraj Nagaratnam, Larry Koved, Anthony Nadalin
BUY ON AMAZON
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
The Complete Cisco VPN Configuration Guide
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
InDesign Type: Professional Typography with Adobe InDesign CS2
Sap Bw: a Step By Step Guide for Bw 2.0
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy