The document discusses Java security and how to configure a security manager and policy in Java. It explains that a security manager creates a sandbox for Java applications and uses a security policy to define permissions. The policy grants or denies permissions to code based on code location, trust via signing, and the user running the code. It provides examples of policy syntax and common permissions.

1. Prabath Siriwardena
Twitter : @prabath

2. • Provide the Java platform as a secure, ready-built platform on
which to run Java-enabled applications in a secure fashion.
• Provide security tools and services implemented in the Java
programming language that enable a wider range of security-
sensitive applications, for example, in the enterprise world.

4. • Variables are initialized before they are used.
• Method calls match the types of object references.
• Rules for accessing private data and methods are not
violated.
• Local variable accesses fall within the runtime stack.
• The runtime stack does not overflow.

9. • To create a sandbox environment for a given Java
application Java Security Manager must be engaged.
• System.setSecurityManager(new SecurityManager());
• java –Djava.security.SecurityManager MainClass

10. • If no policy is explicitly specified Java Security Manager
uses its default security policy.
• The location of the default security policy is picked from
JAVA_HOME/lib/security/java.security file.
#The default is to have a single system-wide policy file,
# and a policy file in the user's home directory.
policy.url.1=file:${java.home}/lib/security/java.policy
policy.url.2=file:${user.home}/.java.policy

11. • By default everything is denied!
• Explicitly grants permissions for the code in execution.
• Permission = Resource (Target) + Action
grant {
permission java.io.FilePermission “mytext.txt", "read,write”;
};

12. • Java Security Manager reads the security policy.
• java –Djava.security.SecurityManager –
Djava.security.policy=mypolicy.policy MainClass
• java –Djava.security.SecurityManager –
Djava.security.policy==mypolicy.policy MainClass
• System.setProperty(“java.security.policy”,”mypolicy.policy”);
System.setSecurityManager(new SecurityManager());

14. Syntax :
permission className targetName actionList

15. Target:
File Name
Action List:
read, write, execute, delete

16. Target:
Address:Port_Or_PortRange
Action List:
accept, connect, listen, resolve

17. Target:
Property Name
Action List:
read, write

18. Target: createClassLoader
getClassLoader
setContextClassLoader
enableContextClassLoaderOverride
createSecurityManager
setSecurityManager
exitVM
getenv.variableName
shutdownHooks
setFactory
setIO
modifyThread
stopThread
modifyThreadGroup
getProtectionDomain
readFileDescriptor
writeFileDescriptor
loadLibrary.libraryName
accessClassInPackage.packageName
defineClassInPackage.packageName
accessDeclaredMembers.className
queuePrintJob
getStackTrace
setDefaultUncaughtExceptionHandler
preferences
usePolicy

19. Target: showWindowWithoutWarningBanner
accessClipboard
accessEventQueue
createRobot
fullScreenExclusive
listenToAllAWTEvents
readDisplayPixels
replaceKeyboardFocusManager
watchMousePointer
setWindowAlwaysOnTop
setAppletStub

20. Target: setDefaultAuthenticator
specifyStreamHandler
requestPasswordAuthentication
setProxySelector
getProxySelector
setCookieHandler
getCookieHandler
setResponseCache
getResponseCache

21. Target:
suppressAccessChecks

22. Target:
enableSubclassImplementation
enableSubstitution

23. Target: createAccessControlContext
getDomainCombiner
getPolicy
setPolicy
getProperty.keyName
setProperty.keyName
insertProvider.providerName
removeProvider.providerName
setSystemScope
setIdentityPublicKey
setIdentityInfo
addIdentityCertificate
removeIdentityCertificate
printIdentity
clearProviderProperties.providerName
putProviderProperty.providerName
removeProviderProperty.providerName
getSignerPrivateKey
setSignerKeyPair

24. Target:
(none)
Action List:
(none)

25. Target: doAs
doAsPrivileged
getSubject
getSubjectFromDomainCombiner
setReadOnly
modifyPrincipals
modifyPublicCredentials
modifyPrivateCredentials
refreshCredential
destroyCredential
createLoginContext.contextName
getLoginConfiguration
setLoginConfiguration
refreshLoginConfiguration

26. Target:
play
record
Action List:
(none)

27. Target:
control
Action List:
(none)

28. Target:
setLog
Action List:
(none)

29. • Based on the location of the code
• Based on the trust (code has to be signed)
• Based on the user who runs the code

30. • Based on the location of the code
grant codeBase "file:${my.code.base}/-" {
permission java.security.AllPermission;
};
grant codeBase "file://java-security/org.wso2.java.security/-" {
permission java.security.AllPermission;
};
grant codeBase "file:${java.ext.dirs}/*" {
permission java.security.AllPermission;
};
grant codeBase "file:${java.home}/lib/ext/area.jar" {
permission java.io.PropertyPermission "user.home”,"read";
permission java.io.FilePermission "${user.home}${/}test${/}*", "write";
};

31. • Based on the user who runs the code
grant principal com.sun.security.auth.UnixPrincipal "prabath" {
permission java.security.AllPermission;
};
grant principal javax.security.auth.x500.X500Principal "cn=Alice" {
permission java.io.FilePermission "/home/Alice", "read, write";
};

32. • Based on the trust (code has to be signed)
grant signedBy "wso2carbon" {
permission java.security.AllPermission;
};
keystore "file:///java-security/org.wso2.java.security/wso2carbon.jks";
keystorePasswordURL "file:///org.wso2.java.security/wso2carbon.pwd";

33. • Combinations
grant signedBy "wso2carbon" ,
codeBase "file://java-security/org.wso2.java.security/-" ,
principal com.sun.security.auth.UnixPrincipal "prabath" {
permission java.security.AllPermission;
};
keystore "file:///java-security/org.wso2.java.security/wso2carbon.jks";
keystorePasswordURL "file:///org.wso2.java.security/wso2carbon.pwd";

34. • Allow to read all the system properties except java.home ?
• Tom can access the getBeer() method only if he is older then
21 year?