Skip to main content

Security and the Java classloader

The Java classloader plays an important part in the overall security of a Java application.

The classloader works along with the SecurityManager and the Access Controller to make a Java system secure. The classloader is important because it is the entity that first loads the classes. The classloader knows the codebase from where the code was loaded, and if the code was signed. The classloader works in three ways to help make a Java system secure:

  1. It helps the JVM to maintain the integrity of namespaces.
  2. It maps permissions with each class. The permissions associated with every class are also known as the protection domain of the class. This mapping helps the access controller determine which classes have which permissions.
  3. It ensures that code which accesses or defines classes has the appropriate permissions to do so. The classloader works in conjunction with the SecurityManager to enforce this.
Each of these topics are fairly long, and I will not go into intricate details. I will however explain the first topic briefly below.

Definition of namespaces:
We all know that each class in Java is uniquely identified by it's package name. But that's not all. In reality a class is uniquely identified by it's fully qualified name and the classloader that loaded it. Can you imagine why this is needed? It is needed to prevent the integrity of code that is running in Applets. Assume you load Applets from www.sun.com and some malicious website in your browser. If the malicious website uses package names such as com.sun.*, then it is possible that their classes might be used when the Applet from www.sun.com tries to invoke a class, thus causing damage. However this will not happen because classes are unique to the package name and the classloader that loaded them. A different instance of the classloader is used to load the Applet from www.sun.com and the Applet from the malicious website. Hence even if both of them use classes with the same package names, unique instances of these classes will be created for both the Applets amd they will not be able to access each other's classes.

Mapping permissions of classes:
We can configure the Java policy file to restrict or allow certain actions to code loaded from a particular codebase. We can also grant certain priviledges to code that has been signed by a trusted entity. For example we might want to provide I/O access to Applet code that has been signed by sun.com. It is the classloader that helps in managing this information. The classloader works in conjunction with the security manager and the access controller to enforce the permissions.
 
You might want to read the links below to better understand how the classloader works.

References:


Notes: This text was originally posted on my earlier blog at http://www.adaptivelearningonline.net

Comments

Popular posts from this blog

Planning a User Guide - Part 3/5 - Co-ordinate the Team

Photo by  Helloquence  on  Unsplash This is the third post in a series of five posts on how to plan a user guide. In the first post , I wrote about how to conduct an audience analysis and the second post discussed how to define the overall scope of the manual. Once the overall scope of the user guide is defined, the next step is to coordinate the team that will work on creating the manual. A typical team will consist of the following roles. Many of these roles will be fulfilled by freelancers since they are one-off or intermittent work engagements. At the end of the article, I have provided a list of websites where you can find good freelancers. Creative Artist You'll need to work with a creative artist to design the cover page and any other images for the user guide. Most small to mid-sized companies don't have a dedicated creative artist on their rolls. But that's not a problem. There are several freelancing websites where you can work with great creative ar

Inheritance vs. composition depending on how much is same and how much differs

I am reading the excellent Django book right now. In the 4th chapter on Django templates , there is an example of includes and inheritance in Django templates. Without going into details about Django templates, the include is very similar to composition where we can include the text of another template for evaluation. Inheritance in Django templates works in a way similar to object inheritance. Django templates can specify certain blocks which can be redefined in subtemplates. The subtemplates use the rest of the parent template as is. Now we have all learned that inheritance is used when we have a is-a relationship between classes, and composition is used when we have a contains-a relationship. This is absolutely right, but while reading about Django templates, I just realized another pattern in these relationships. This is really simple and perhaps many of you may have already have had this insight... We use inheritance when we want to allow reuse of the bulk of one object in other

Running your own one person company

Recently there was a post on PuneTech on mom's re-entering the IT work force after a break. Two of the biggest concerns mentioned were : Coping with vast advances (changes) in the IT landscape Balancing work and family responsibilities Since I have been running a one person company for a good amount of time, I suggested that as an option. In this post I will discuss various aspects of running a one person company. Advantages: You have full control of your time. You can choose to spend as much or as little time as you would like. There is also a good chance that you will be able to decide when you want to spend that time. You get to work on something that you enjoy doing. Tremendous work satisfaction. You have the option of working from home. Disadvantages: It can take a little while for the work to get set, so you may not be able to see revenues for some time. It takes a huge amount of discipline to work without a boss, and without deadlines. You will not get the benefits (insuranc