Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Suppose I’m writing some environment which execute clients code (Java). Clients send jar with manifest information. Environment creates some class instance from jar (suppose instance of Runnable) and run it in some thread. But I need guarantee that clients code will not start own threads or create own ExecutorService and so on.
Is there any possibility for security manager to do this level of restricting? And if so, how can I achieve this?
The best way I can think of is to use AspectJ to do some run-time weaving, and if there are any other threads/runnables created then either thrown an error or somehow inform the user that they have a problem.
Then you can implement various security protocols, for example, you may prevent not only threads, but any systems calls, for example, just as you may forbid dynamic queries and just allow prepared statements.
Otherwise you may need to do this type of implementation using the reflector API.