15.2 Security Promises of the JVM

Here are some of the promises the Java virtual machine makes about programs that have passed the verification algorithm:

  • Every object is constructed exactly once before it is used.

  • Every object is an instance of exactly one class, which does not change through the life of the object.

  • If a field or method is marked private, then the only code that ever accesses it is found within the class itself.

  • Fields and methods marked protected are used only by code that participates in the implementation of the class.

  • Every local variable is initialized before it is used.

  • Every field is initialized before it is used.

  • It is impossible to underflow or overflow the stack.

  • It is impossible to read or write past the end of an array or before the beginning of the array.

  • It is impossible to change the length of an array once it has been created.

  • Final methods cannot be overridden, and final classes cannot be subclassed.

  • Attempts to use a null reference as the receiver of a method invocation or source of a field cause a NullPointerException to be thrown.

The Java platform security architecture depends on all these promises and many more. The verification algorithm, which enforces these promises, was outlined in chapter 6. A more complete description is available in The Java Virtual Machine Specification, chapter 4. You can check the algorithms out for yourself. Part of the strength of the Java platform security architecture lies in the fact that many independent reviewers have checked the algorithms.

Programming for the Java Virtual Machine
Programming for the Javaв„ў Virtual Machine
ISBN: 0201309726
EAN: 2147483647
Year: 1998
Pages: 158
Authors: Joshua Engel

Similar book on Amazon

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net