Discussions
Categories
- 196.7K All Categories
- 2.2K Data
- 235 Big Data Appliance
- 1.9K Data Science
- 449.8K Databases
- 221.6K General Database Discussions
- 3.8K Java and JavaScript in the Database
- 31 Multilingual Engine
- 549 MySQL Community Space
- 477 NoSQL Database
- 7.9K Oracle Database Express Edition (XE)
- 3K ORDS, SODA & JSON in the Database
- 532 SQLcl
- 4K SQL Developer Data Modeler
- 186.9K SQL & PL/SQL
- 21.3K SQL Developer
- 295.4K Development
- 17 Developer Projects
- 138 Programming Languages
- 292.1K Development Tools
- 104 DevOps
- 3.1K QA/Testing
- 645.9K Java
- 28 Java Learning Subscription
- 37K Database Connectivity
- 153 Java Community Process
- 105 Java 25
- 22.1K Java APIs
- 138.1K Java Development Tools
- 165.3K Java EE (Java Enterprise Edition)
- 17 Java Essentials
- 158 Java 8 Questions
- 85.9K Java Programming
- 79 Java Puzzle Ball
- 65.1K New To Java
- 1.7K Training / Learning / Certification
- 13.8K Java HotSpot Virtual Machine
- 94.2K Java SE
- 13.8K Java Security
- 203 Java User Groups
- 24 JavaScript - Nashorn
- Programs
- 395 LiveLabs
- 37 Workshops
- 10.2K Software
- 6.7K Berkeley DB Family
- 3.5K JHeadstart
- 5.6K Other Languages
- 2.3K Chinese
- 170 Deutsche Oracle Community
- 1.1K Español
- 1.9K Japanese
- 230 Portuguese
Why there is AccessController.doProvileged()
Aacc-Oracle
Member Posts: 361
I know AccessController.doProvileged() making magic that "+Marking code as "privileged" enables a piece of trusted code to temporarily enable access to more resources than are available directly to the code that called it+. " as described here: http://download.java.net/jdk8/docs/technotes/guides/security/doprivileged.html
However, what I don't understand is that why this introduced at all. if certain resource is secured, it should not be able to accessed at all unless caller get permission. what does "*temporarily enable access*" mean here? if the resource is enabled to be accessed through doProvileged(), there is nothing to prevent it from accessed permanently, right? programmer won't remove doProvileged() code when they deliver the code to make the resource unaccessable
in the example mentioned in above document:
"+This is necessary in some situations. For example, an application may not be allowed direct access to files that contain fonts, but the system utility to display a document must obtain those fonts, on behalf of the user. In order to do this, the system utility becomes privileged while obtaining the fonts+."
user is able to put doProvileged() code in his code to access system font just like the system utility does, the system font is not secured to user as well.
Could someone explain? thanks
However, what I don't understand is that why this introduced at all. if certain resource is secured, it should not be able to accessed at all unless caller get permission. what does "*temporarily enable access*" mean here? if the resource is enabled to be accessed through doProvileged(), there is nothing to prevent it from accessed permanently, right? programmer won't remove doProvileged() code when they deliver the code to make the resource unaccessable
in the example mentioned in above document:
"+This is necessary in some situations. For example, an application may not be allowed direct access to files that contain fonts, but the system utility to display a document must obtain those fonts, on behalf of the user. In order to do this, the system utility becomes privileged while obtaining the fonts+."
user is able to put doProvileged() code in his code to access system font just like the system utility does, the system font is not secured to user as well.
Could someone explain? thanks
This discussion has been closed.