malicious program from disabling your computer or erasing
malicious program from disabling your computer or erasing data on your disk? Most computing platforms have no answer for these questions. Java 2 offers powerful ways to limit the actions of running code. Before Java 2, much of the buzz about security had to do with the security of applets. The applet ran with security restrictions that prevented the applet from doing questionable things like reading from or writing to the disk or contacting arbitrary computers on the network. In Java 2, it’s just as easy to apply applet-style security to applications. Furthermore, it’s easy to fine-tune the access you allow applications. For example, you can allow an application to access the disk, but only in a specific directory, or you can allow network access to certain addresses. Why is this important? Let’s suppose that you need a certain application, like a calendar or an address manager. You go to your favorite Internet search engine and find a promising-looking Java application that does just what you want. You download and run it. But it’s entirely possible that what you’ve downloaded is not what you wanted. It could be a computer virus that infects your computer. Or it could simply be a malicious program that erases files from your disk. In this case, it would have been a really good idea to restrict the application’s actions. 3.2.1 The Default Security Manager You can use an option of the java interpreter to install a default security manager. This security manager enforces many of the same rules as for applets. To see how this works, let’s write a little program that does something questionable, making a network connection to some computer on the Internet. (We’ll cover the specifics of network programming later, in Chapter 11 and Chapter 12.) //file: EvilEmpire.javaimport java.net.*; public class EvilEmpire { public static void main(String[] args) throws Exception{ try { Socket s = new Socket(”207.46.131.13″, 80); System.out.println(”Connected!”); } catch (SecurityException e) { System.out.println(”SecurityException: could not connect.”); } } } If you just run this program with the Java interpreter, it will make the network connection: C:> java EvilEmpireConnected! C:> This is kind of scary. Let’s install the default security manager, like this: C:> java -Djava.security.manager EvilEmpireSecurityException: could not connect. C:> - 56
Note: If you are looking for good and high quality web space to host and run your application check Lunarwebhost JSP Web Hosting services