public final class RuntimePermission extends BasicPermission
The target name is the name of the runtime permission (see below). The naming convention follows the hierarchical property naming convention. Also, an asterisk may appear at the end of the name, following a ".", or by itself, to signify a wildcard match. For example: "loadLibrary.*" and "*" signify a wildcard match, while "*loadLibrary" and "a*b" do not.
The following table lists all the possible RuntimePermission target names, and for each provides a description of what the permission allows and a discussion of the risks of granting code the permission.
Permission Target Name | What the Permission Allows | Risks of Allowing this Permission |
---|---|---|
exitVM.{exit status} | Halting of the Java Virtual Machine with the specified exit status | This allows an attacker to mount a denial-of-service attack by automatically forcing the virtual machine to halt. Note: The "exitVM.*" permission is automatically granted to all code loaded from the application class path, thus enabling applications to terminate themselves. Also, the "exitVM" permission is equivalent to "exitVM.*". |
setSecurityManager | Setting of the security manager (possibly replacing an existing one) | The security manager is a class that allows applications to implement a security policy. Granting the setSecurityManager permission would allow code to change which security manager is used by installing a different, possibly less restrictive security manager, thereby bypassing checks that would have been enforced by the original security manager. |
createSecurityManager | Creation of a new security manager | This gives code access to protected, sensitive methods that may disclose information about other classes or the execution stack. |
setIO | Setting of System.out and System.err | This allows changing the value of the standard system streams. An attacker may set System.err to a "null" OutputStream, which would hide any error messages sent to System.err. |
modifyThread | Modification of threads, e.g., via calls to Thread interrupt, setPriority and setName methods | This allows an attacker to modify the behaviour of any thread in the system. |
BasicPermission
,
Permission
,
PermissionCollection
,
SecurityManager
Constructor and Description |
---|
RuntimePermission(String name)
Creates a new RuntimePermission with the specified name.
|
RuntimePermission(String name,
String actions)
Creates a new RuntimePermission object with the specified name.
|
equals, getActions, hashCode, implies, newPermissionCollection
getName, toString
public RuntimePermission(String name)
name
- the name of the RuntimePermission.NullPointerException
- if name
is null
.IllegalArgumentException
- if name
is empty.public RuntimePermission(String name, String actions)
name
- the name of the RuntimePermission.actions
- should be null.NullPointerException
- if name
is null
.IllegalArgumentException
- if name
is empty.Copyright (c) 2014, Oracle and/or its affiliates. All rights reserved. Use of this specification is subject to license terms.