In our application, users are able to define Java expressions that are executed by our main engine (those expressions are method calls only: e.g., Math.abs(42) ). They’re executed via reflection.
What are the different solutions to prevent those expressions calling for example System.exit (but as well File access and others…) either directly or via a method call that will internally call eventually System.exit ?
Note that several different expressions can be executed in different threads. Preventing for example File access with a SecurityManager does not work as the main engine must still be able to access the File system while the expressions are executed.
You are wrong to say you can’t use the
SecurityManager— this is precisely what it’s for: hosting untrusted code, as in an Applet container or RMI server. The modern SecurityManager is configured with policy files that grant specific, fine-grained rights, including limited access to the file system. You need to use the SecurityManager, but you need to become an expert in it.This is an enormous topic; the best thing to do would be to Google “Java security policy files” and just read everything you can.