Understanding how the various components of the Java Virtual Machine (JVM) cooperate to provide a secure execution environment will enable you to understand how to administer your own security policy using the new features of Java 2 and to know when you should consider implementing your own extensions to provide a more tailored security policy. … Read more
In this article we show you how to apply the security features of Java 2 to applets and applications running on your system. Applying a Security Manager to Applets and Applications The security manager is invoked by all the Java system code to perform access control checks based on the security policy currently in effect. … Read more
Before we go further, it’s worth underlining the various differences between a kernel module and an application. Whereas an application performs a single task from beginning to end, a module registers itself in order to serve future requests, and its “main” function terminates immediately. In other words, the task of the function init_module (the module’s entry … Read more
Version Numbering Before digging into programming, we’d like to comment on the version numbering scheme used in Linux and which versions are covered. First of all, note that every software package used in a Linux system has its own release number, and there are often interdependencies across them: you need a particular version of one … Read more
Security is an increasingly important concern in modern times. We will discuss security-related issues as they come up. There are a few general concepts, however, that are worth mentioning now. Security has two faces, which can be called deliberate and incidental. One security problem is the damage a user can cause through the misuse of … Read more
The Unix way of looking at devices distinguishes between three device types. Each module usually implements one of these types, and thus is classifiable as a char module, a block module, or a network module. This division of modules into different types, or classes, is not a rigid one; the programmer can choose to build … Read more
In a Unix system, several concurrent processes attend to different tasks. Each process asks for system resources, be it computing power, memory, network connectivity, or some other resource. The kernel is the big chunk of executable code in charge of handling all such requests. Though the distinction between the different kernel tasks isn’t always clearly … Read more
The Role of the Device Driver As a programmer, you will be able to make your own choices about your driver, choosing an acceptable trade-off between the programming time required and the flexibility of the result. Though it may appear strange to say that a driver is “flexible,” we like this word because it emphasizes … Read more
The access controller has been introduced in the Java 2 platform. Before the access controller existed, the security manager had to rely on its internal logic to determine the security policy needed to be in effect, and any change in the security policy meant changing the security manager itself. Prior to Java 2, implementing customized … Read more
The class loading mechanism plays a critical role in Java security since the class loader is responsible for locating and fetching the class files, consulting the security policy, and defining the appropriate permissions associated with the class object. In JDK 1.1, local code and correctly signed remote code were generally trusted to have full access … Read more