matt_idea wrote:all of this information (well, some is system type specific) is available in the jvm. you could write your own SecurityManager which utilized this information. and, you'd have to do this within a SecurityManager because a jvm is inherently insecure without one.
RUNTIME SPECIAL TOKEN
It would be even more cool if there is some immutable runtime special tokens:
1) __LOGIN__ // Current user login id, eg: johnchia
2) __UID__ // User login number, eg: 0, 304,1234,...
3) __PID__ // Current program process id
4) __PPID__ // Parent process id
5) __STIME__ // Start time, date time,2011-02-23 14:45, to see if there is a long over due program.
6) __CMDLINE__ // prints full path name C:\Program Files\Notepad++\notepad.exe
These runtime tokens will be very useful for developer to do secure coding to check for some runtime Access Control Information or
preventing denial of servicenot sure what any of this does to prevent DOS.
and maybe anti buffer over flowing attacks.java proper doesn't suffer from buffer overflow attacks. (there have been issues within the jvm impl itself, but that's a separate issue).