|
[求助]
急求帮助我翻译成中文
The java.security.AccessController class is part of Java’s security mechanism; it is
responsible for enforcing the applicable security policy. This class’s static doPrivileged() method executes a code block with a relaxed security policy. The doPrivileged() method stops permissions from being checked further down the call chain. Consequently, any method that invokes doPrivileged() must assume responsibility for enforcing its own security on the code block supplied to doPrivileged(). Likewise, code in the doPrivileged() method must not leak sensitive information or capabilities. For example, suppose that a web application must maintain a sensitive password file for a web service and also run untrusted code. The application could then enforce a security policy preventing the majority of its own code—as well as all untrusted code—from accessing the sensitive file. Because it must also provide mechanisms for adding and changing passwords, it can call the doPrivileged() method to temporarily allow untrusted code to access the sensitive file for the purpose of managing passwords. In this case, any privileged block must prevent any information about passwords from being accessible to untrusted code. |
|