1 Reply Latest reply on Apr 22, 2010 8:36 AM by 791266

    Disable Bytecode Instrumentation or Attach API


      Is there any chance to disable bytecode instrumentation or attach api?

      Security. In a pure Swing-end user app one can attach to the VM and change code.

      I understand that this is only possible, if the attacker has control over the user's OS. He therefore has the possibility to attach a native debugger, capture keyboard events, do static instrumentation... That is not what i'm asking for!

      The only way i can think of so far is to change the system class loader to avoid loading classes that were not on classpath during startup.

      Any other idea?

      Thank you!