Enabling the Security Manager : SecurityManager « Security « Java Tutorial






public class Main {
  public static void main(String[] argv) throws Exception {
    System.setProperty("java.version", "data");

    try {
      SecurityManager sm = new SecurityManager();
      System.setSecurityManager(sm);
    } catch (SecurityException se) {
      se.printStackTrace();
    }

    // no longer possible; an AccessControlException is thrown
    System.setProperty("java.version", "malicious data");
  }
}
/*Exception in thread "main" java.security.AccessControlException: access denied (java.util.PropertyPermission java.version write)
  at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
  at java.security.AccessController.checkPermission(AccessController.java:546)
  at java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
  at java.lang.System.setProperty(System.java:727)
  at Main.main(Main.java:13)
*/








36.41.SecurityManager
36.41.1.extends SecurityManager
36.41.2.Use SecurityManager to check AWT permission and file permission
36.41.3.Listing All Permissions Granted to Classes Loaded from a URL or Directory
36.41.4.Define your own security manager
36.41.5.Enabling the Security Manager
36.41.6.To specify an additional policy file, set the java.security.policy system property at the command line:
36.41.7.To ignore the policies in the java.security file, and use the specified policy, use '==' instead of '='