Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Suppose there’s a java thread, where classes get loaded which are provided by multiple parties. Can those providers specify their own security managers and policies s.t. they can restrict the access among those providers?
You can only have one
SecurityManagerset as the security manager.Threads have little to do with security in Java. Objects are passed between threads, so it doesn’t make much sense to use a thread-based access model.
In Java each class gets assigned a
ProtectionDomainand hence a set of permissions (these might be in some sense “dynamic” but for most purposes it’s effectively constant). When the security manager is asked to check a permission, it delegates to theAccessControllerwhich checks eachProtectionDomainactive on the stack (roughly). In practice you need to isolate code from multiple parties, but each party can have its ownProtectionDomainand hence permissions.