Sandbox security mechanism and Native
1. Sandbox security mechanism
The core of the Java security model is the Java sandbox.
What is a sandbox? A sandbox is an environment that restricts the running of programs. The sandbox mechanism is to limit the Java code to the specific operating range of the virtual machine (JVM), and strictly restrict the code's access to the local system resources, through such measures to ensure the effective isolation of the code and prevent damage to the local system.
The sandbox mainly restricts access to system resources. What are the system resources? CPU, memory, file system, and network. Different levels of sandboxes have different restrictions on access to these resources.
All Java programs can be run in a sandbox, and security policies can be customized.
- The core of the Java security model
- Sandbox: limit the runtime environment of the program
- Domain concept
- The java code is limited to the specific operating range of the virtual machine, and the code's access to the local system resources is strictly restricted. This measure ensures the effective isolation of the code and prevents damage to the local system
The basic components that make up the sandbox
- Bytecode verifier (bytecode verifier)
: to ensure that Java class files follow the Java language specification. This can help Java programs to achieve memory protection. But not all class files will undergo bytecode verification, such as core classes. - Class loader (class loader): Among them, the class loader plays a role in the Java sandbox in three ways
- It prevents malicious code from interfering with well-intentioned code;
- It guards the boundary of the trusted class library;
- It classifies the code into the protection domain and determines what operations the code can perform.
The virtual machine provides different namespaces for the classes loaded by different class loaders. The namespace consists of a series of unique names. Each loaded class will have a name. This namespace is created by the Java virtual machine for each The class loader maintains them, and they are not even visible to each other.
The mechanism used by the class loader is the parental delegation model.
1. Start loading from the innermost JVM's own class loader, and the outer malicious classes with the same name cannot be loaded and cannot be used;
2. Because the access domains are strictly distinguished by the package, the outer malicious classes cannot be used through the built-in code. Obtaining permission to access the inner class, the broken code will naturally not take effect.
-
Access controller: The access controller can control the access authority of the core API to the operating system, and the policy setting for this control can be specified by the user.
-
Security manager (security manager): It is the main interface between the core API and the operating system. Realize authority control, which has a higher priority than access controller.
-
Security package (security package):
classes under java.security and classes under extension packages, allowing users to add new security features to their applications, including: -
Security provider
-
Message summary
-
digital signature
-
encryption
-
Identify
二、Native
- Call the underlying c, c++ language library
- native -> jni -> native method interface -> native method library
- Native method stack
- Generally not used much, but more used for hardware development
- native: Anything with the native keyword indicates that the scope of java is not up to the reach, so go back and call the underlying C language library!
- Will enter the local method stack
- Call the local method local interface JNI (Java Native Interface)
- The role of JNI: to open up the use of Java and integrate different programming languages for Java! Initially: C, C++
- When Java was born, C and C++ were rampant. To gain a foothold, you must have programs that call C and C++.
- It has specially opened up a marked area in the memory area: Native Method Stack, registering native methods
- In the final execution, load the method in the local method library through JNI
- For example: Java program drives printers, management system, just master it, and it is less applied in enterprise level
- private native void start0();
- //Call other interfaces: Socket... WebService~...http~
The start method of the Thread class is as follows:
public synchronized void start() {
/**
* This method is not invoked for the main method thread or "system"
* group threads created/set up by the VM. Any new functionality added
* to this method in the future may have to also be added to the VM.
*
* A zero status value corresponds to state "NEW".
*/
if (threadStatus != 0)
throw new IllegalThreadStateException();
/* Notify the group that this thread is about to be started
* so that it can be added to the group's list of threads
* and the group's unstarted count can be decremented. */
group.add(this);
boolean started = false;
try {
start0();
started = true;
} finally {
try {
if (!started) {
group.threadStartFailed(this);
}
} catch (Throwable ignore) {
/* do nothing. If start0 threw a Throwable then
it will be passed up the call stack */
}
}
}
private native void start0();
There is actually a method in the Thread class that has only a declaration but no implementation, and uses nativekeywords. In terms of native, this method is system-level (underlying operating system or third-party C language) rather than language-level, and java cannot operate on it. The native method is loaded in the native method stack.
