Java Security Manager

A Java class that allows applications to implement a security policy.

Usually, the JavaSecurityManager becomes visible when it denies access to a resource like local files:

 java.security.AccessControlException: access denied (java.io.FilePermission /foo.xml read) 
    at java.security.AccessControlContext.checkPermission(AccessControlContext.java:269)
    at java.security.AccessController.checkPermission(AccessController.java:401)
    at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
    at java.lang.SecurityManager.checkRead(SecurityManager.java:863)
    at java.io.File.exists(File.java:678)
    at com.badguys.BadCode$BadThread.run(BadCode.java:32)

However, the most common example can be seen with Java applets which are prevented from:

accessing the file system
making network connections (for the most part)
creating new processes
creating class loaders

If there is a security manager in place, the following operations will be checked:

Accept a socket connection from a specified host and port number
Modify a thread (change its priority, stop it, and so on)
Open a socket connection to a specified host and port number
Create a new class loader
Delete a specified file
Create a new process
Cause the application to exit
Load a dynamic library that contains native methods
Wait for a connection on a specified local port number
Load a class from a specified package (used by class loaders)
Add a new class to a specified package (used by class loaders)
Access or modify system properties
Access a specified system property
Read from a specified file
Write to a specified file

Java applications, by default, won't use a security manager unless a policy file has been specified at the time of application launch. To specify a java policy read up on the following syntax:

java -Djava.security.manager -Djava.security.policy=someURL SomeApp

The system policy file is by default located at java.home/lib/security/java.policy

see more at: http://java.sun.com/j2se/1.4.2/docs/guide/security/PolicyFiles.html

An attempt to implement something similar in the RubyLanguage is being made in the SecuredRuby project.

Is there something similar in Smalltalk?

contributors: AnonymousDonors, EricHerman