在 Java 中创建安全环境的最佳方法

本文介绍了在 Java 中创建安全环境的最佳方法的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我需要创建一个将运行第三方代码的桌面应用程序，并且我需要避免以任何方式(网络、剪贴板、文件 io)从应用程序导出信息.

I need to create a desktop application that will run third party code, and I need to avoid the third party code from export by any way (web, clipboard, file io) informations from the application.

类似:

public class MyClass { private String protectedData; public void doThirdPartyTask() { String unprotedtedData = unprotect(protectedData); ThirdPartyClass.doTask(unprotectedData); } private String unprotect(String data) { // ... } } class ThirdPartyClass { public static void doTask(String unprotectedData) { // Do task using unprotected data. // Malicious code may try to externalize the data. } }

我正在阅读有关 SecurityManager 和 AccessControler 的文章，但我仍然不确定处理此问题的最佳方法是什么.

I'm reading about SecurityManager and AccessControler, but I'm still not sure what's the best approach to handle this.

我应该阅读什么来执行此实施?

What should I read about to do this implementation?

推荐答案

首先，您几乎无法阻止本地计算机上的所有信息泄漏.您当然可以限制网络访问，甚至很多文件系统访问，但是没有什么可以阻止 gui 在屏幕上弹出一个向用户显示信息的对话框，或者任何其他 100 种可能泄漏"的方式数据.

First of all, there is pretty much no way you can stop every information leak on a local computer. You can certainly restrict network access, and even a lot of file system access, but there is nothing that would stop the gui from popping up a dialog showing the information to the user on the screen, or any other 100 ways you could "leak" data.

其次，您一直在谈论用户可以更改策略文件.是的.听起来您基本上是在尝试重新创建 DRM.我建议阅读 DRM 和它的一般徒劳.它本质上归结为给某人一个上锁的盒子和盒子的钥匙，并告诉他们不要打开它.如果有人可以物理访问您的程序，您几乎无法阻止他们使用 Java 或几乎任何其他编程语言(至少，不是在今天构建的计算机上)从中获取数据.

Secondly, you keep talking about the policy file being changeable by the user. yes, it is. it sounds like you are basically trying to recreate DRM. I'd suggest reading up on DRM and the general futility of it. It essentially boils down to giving someone a locked box and the key to the box and telling them not to open it. If someone has physical access to your program, there is almost nothing you can do to stop them from getting data out of it, in java or pretty much any other programming language (at least, not on computers as they are built today).