JRE Security
Jump to navigation
Jump to search
Byte Code Verifyer
- Checks code consistent with spec - Format of files, byte code legal
- Detects inconsistencies in bounds checking/object casting
Security Manager
- Only one per runtime
- Uses security policy file for runtime permissions
- Throws AccessControlException or SecurityException
- -Djava.security.manager
Security policy
- defines access privileges
- defines permissions e.g. file/network access
- default policy $JAVA_HOME/jre/lib/security
- -Djava.security.policy
- may be
- text policy file
- binary policy class
Keystore
- Certificates are stored in a password protected database
- Stores
- public/private keys
- certificates
- Stored in file .keystore in the user's home directory
- keytool - facilitates creating/managing/administering public/private keys and certificates for authentication/authorisation
- X.509 certificates