 |
返回原文..
Listing 3. SecurityOps weblet output
This weblet attempts several security-sensitive operations. Each
operation is described below, and then the operation's output is shown.
Which operations work, and which ones don't, will vary as you grant and
revoke permissions in the appropriate policy file.
Operations on the local filesystem are restricted:
Attempt to read local file...
java.security.AccessControlException: access denied
(java.io.FilePermission SecurityOps.java read)
Like applets, weblets can see some System Properties:
OS: Windows 2000
And like applets, weblets can't see some System Properties:
java.security.AccessControlException: access denied
(java.util.PropertyPermission user.name read)
Weblets cannot, by default, access the current Java Security Policy:
Attempting Policy.getPolicy()...
java.security.AccessControlException: access denied
(java.security.SecurityPermission getPolicy)
Terminating the JVM is usually a bad idea, and is restricted:
Attempt Runtime.getRuntime().exit(-1)...
java.security.AccessControlException: access denied
(java.lang.RuntimePermission exitVM)
Printing is restricted by default:
Print from a weblet...
java.security.AccessControlException: access denied
(java.lang.RuntimePermission queuePrintJob)
If loaded from a host, weblets can connect to that host:
Connect to host: pwe.endicott.ibm.com...
...socket created & closed.
Weblets cannot by default connect to other systems:
Connect to host: www.ibm.com...
java.security.AccessControlException: access denied
(java.net.SocketPermission www.ibm.com resolve)
|
返回原文.
| |
|
