public final class Sandbox extends Object
"To execute through a class" means that the execution stack includes the class. E.g., if a method of class A invokes a method of class B, which then invokes a method of class C, and any of the three
classes were loaded by a previously confined class loader,
then for all actions that are executed by class C the intersection of the three PermissionCollections applies.
Once the permissions for a class loader are confined, they cannot be changed; this prevents any attempts (e.g. of a confined class itself) to change the confinement.
This class is a stripped-down copy of de.unkrig.commons.lang.security.Sandbox.
| Modifier and Type | Method and Description |
|---|---|
static void |
confine(ClassLoader classLoader,
AccessControlContext accessControlContext)
All future actions that are executed through classes that were loaded through the given classLoader
will be checked against the given accessControlContext.
|
static void |
confine(ClassLoader classLoader,
PermissionCollection permissions)
All future actions that are executed through classes that were loaded through the given classLoader
will be checked against the given permissions.
|
static void |
confine(ClassLoader classLoader,
ProtectionDomain protectionDomain)
All future actions that are executed through classes that were loaded through the given classLoader
will be checked against the given protectionDomain.
|
public static void confine(ClassLoader classLoader, AccessControlContext accessControlContext)
public static void confine(ClassLoader classLoader, ProtectionDomain protectionDomain)
SecurityException - Permissions are already confined for the classLoaderpublic static void confine(ClassLoader classLoader, PermissionCollection permissions)
SecurityException - Permissions are already confined for the classLoaderCopyright © 2019. All rights reserved.