问题描述:

Following a conversation on another question, an interesting issue is being raised.

Classes loaded with a security manager are protected with the corresponding security. This security could disable reflection (for example).

The question is: is it possible to break a security manager with sun.misc.unsafe? If yes, how?

EDIT

Changed SecuredClassLoader to Security Manager in question.

网友答案:

No. The sun.misc.Unsafe class requires an access check just like any other privileged action. You can block it with a custom class loader or security manager. Here's a simple example with an empty security manager that shows it'll throw an AccessControlException:

System.setSecurityManager(new SecurityManager());
Unsafe unsafe = Unsafe.getUnsafe();
网友答案:

What is "secure class loader"? SecureClassLoader? It is not secure, despite its name. All it does is limits the class loading source to a specific code location.

Therefore you don't even need any unsafe operations to "break" that. Just, for instance, make sure a replacement hacked class is in the classpath before SecureClassLoader even got the control.

Someone in that thread told you already -- you cannot have a secured spot in unsecured environment. If your code is deployed to a user machine, user is God there, and no JVM security can help you simply because JVM is a tiny layer on top of much more powerful native things.

相关阅读:
Top