If I set a security manager, for example:
private static class SecManager extends SecurityManager {
...
}
With:
System.setSecurityManager(new SecManager());
Which permission can I use (or rather prevent), to stop code further down the line setting the security manager again, with elevated permissions.
I am looking for a method like:
private static class SecManager extends SecurityManager {
@Override
public void checkSetSecurityManager(SecurityManager manager){
throw new AccessControlException("Not allowed to set new security Manager);
}
}
But of course, the checkSetSecurityManager doesn't exist, so i'm not sure exactly what to look for or how to deny that permission.
I would like to use the security manager to allow me to run some untrusted code, but I obviously don't want that code to be able to set it's own security manager. I did consider doing this at the OS level (create a new user for each bit of code), but that seems a little overkill. Instead, I run my own java main, which sets a security manager, then runs the untrusted code within the same JVM. I have made sure their code cannot start new processes already (as this would circumvent the security manager), but I need to make sure they cannot override the existing security manager.
I also use checkWrite and checkRead to make sure the code can only read/write in a certain dir.
Any help is much appreciated.
Thanks,
The following website https://www.securecoding.cert.org/confluence/display/jg/20.+Create+a+secure+sandbox+using+a+security+manager says the following about this:
So it looks like the
checkPermission()method is the place to check for this.The Javadoc for
RuntimePermissionhas a list of possible values to check for if other critical methods should be catched as well: https://docs.oracle.com/javase/7/docs/api/java/lang/RuntimePermission.html