Skip to main content

Security and the Java classloader

The Java classloader plays an important part in the overall security of a Java application.

The classloader works along with the SecurityManager and the Access Controller to make a Java system secure. The classloader is important because it is the entity that first loads the classes. The classloader knows the codebase from where the code was loaded, and if the code was signed. The classloader works in three ways to help make a Java system secure:

  1. It helps the JVM to maintain the integrity of namespaces.
  2. It maps permissions with each class. The permissions associated with every class are also known as the protection domain of the class. This mapping helps the access controller determine which classes have which permissions.
  3. It ensures that code which accesses or defines classes has the appropriate permissions to do so. The classloader works in conjunction with the SecurityManager to enforce this.
Each of these topics are fairly long, and I will not go into intricate details. I will however explain the first topic briefly below.

Definition of namespaces:
We all know that each class in Java is uniquely identified by it's package name. But that's not all. In reality a class is uniquely identified by it's fully qualified name and the classloader that loaded it. Can you imagine why this is needed? It is needed to prevent the integrity of code that is running in Applets. Assume you load Applets from www.sun.com and some malicious website in your browser. If the malicious website uses package names such as com.sun.*, then it is possible that their classes might be used when the Applet from www.sun.com tries to invoke a class, thus causing damage. However this will not happen because classes are unique to the package name and the classloader that loaded them. A different instance of the classloader is used to load the Applet from www.sun.com and the Applet from the malicious website. Hence even if both of them use classes with the same package names, unique instances of these classes will be created for both the Applets amd they will not be able to access each other's classes.

Mapping permissions of classes:
We can configure the Java policy file to restrict or allow certain actions to code loaded from a particular codebase. We can also grant certain priviledges to code that has been signed by a trusted entity. For example we might want to provide I/O access to Applet code that has been signed by sun.com. It is the classloader that helps in managing this information. The classloader works in conjunction with the security manager and the access controller to enforce the permissions.
 
You might want to read the links below to better understand how the classloader works.

References:


Notes: This text was originally posted on my earlier blog at http://www.adaptivelearningonline.net

Comments

Popular posts from this blog

Running your own one person company

Recently there was a post on PuneTech on mom's re-entering the IT work force after a break. Two of the biggest concerns mentioned were : Coping with vast advances (changes) in the IT landscape Balancing work and family responsibilities Since I have been running a one person company for a good amount of time, I suggested that as an option. In this post I will discuss various aspects of running a one person company. Advantages: You have full control of your time. You can choose to spend as much or as little time as you would like. There is also a good chance that you will be able to decide when you want to spend that time. You get to work on something that you enjoy doing. Tremendous work satisfaction. You have the option of working from home. Disadvantages: It can take a little while for the work to get set, so you may not be able to see revenues for some time. It takes a huge amount of discipline to work without a boss, and without deadlines. You will not get the benefits (insuran

Testing Groovy domain classes

If you are trying to test Grails domain class constraints by putting your unit test cases in the 'test/unit' directory, then your tests will fail because the domain objects will not have the 'valdate' method. This can be resolved in two ways: Place the test cases inside test/integration (which will slow things down) Use the method 'mockForConstraintsTests(Trail)' to create mock method in your domain class and continue writing your test cases in 'test/unit' What follows is some example code around this finding. I am working on a Groovy on Grails project for a website to help programmers keep up and refresh their skills. I started with some domain classes and then moved on to write some unit tests. When we create a Grails project using grails create-app , it creates several directories, one of which is a directory called 'test' for holding unit tests. This directory contains two directories, 'unit', and 'integration' for uni

Some thoughts on redesigning education

Some time back I read a blog post on redesigning education. It asked some very good questions. Stuff which I had been thinking of myself. I left my thoughts on the blog, but I would also like to start a conversation around these ideas with those who read this blog as well. I would like to know what other people think of the issue of redesigning (college) education. I have often thought about how college education can be improved. To answer this question, we first have to ask a very basic question. What is the purpose of education? To me, we need education for 3 things: To learn more about the world around us To lead positive constructive lives To earn a good living / fulfill our ambitions I think education has to a large extent evolved to fulfill #3 (with a bias towards earning a comfortable living). The semester system, along with multiple choice tests, and grading, has made our education system into an assembly line. Students are pushed into the assembly line, given classes, admini