Interdependence of the Three Java Security Legs
Although the three legs of Java security—class-loading system, class file verifier, and security manager—each have unique functions, they are interdependent.
The class-loading system relies on the security manager to prevent untrusted code from loading its own class loader, which could flag untrusted code as trusted. Conversely, the security manager relies on the class-loading system to keep untrusted classes and local classes in separate name spaces and to prevent the local trusted classes from being overwritten. Both the security manager and the class-loading system rely on the class file verifier to make sure that class confusion is avoided and that class protection directives are honored.
The bottom line is this: If an attacker can breach one of the three defenses, the security of the whole system is usually compromised.
|
