Now that you've seen how to use extensions, you may be wondering what security privileges extensions have. If you're developing an extension that does file I/O, for example, you'll need to know how your extension is granted the appropriate permissions for file reading and writing. Conversely, if you're thinking about using an extension developed by someone else, you'll want to understand clearly what security privileges the extension has, and how to change those privileges should you desire to do so.
This lesson shows you how the JavaTM platform's security architecture treats extensions. You'll see how to tell what privileges are granted to extension software, and you'll learn how to modify extension privileges by following some simple steps. In addition, you'll learn how to seal packages within your extensions to restrict access to specified parts of your code.
This lesson has two sections:
Setting Privileges for ExtensionsThis section contains some examples that show you what conditions must be met for extensions to be granted permissions to perform security-sensitive operations.
Sealing Packages in ExtensionsYou can optionally seal packages in extension JAR files as an additional security measure. If a package is sealed, it means that all classes defined in that package must originate from a single JAR file. This section shows you how to modify an extension's manifest to seal extension packages.
Additional DocumentationYou'll find links and references to relevant security documentation at appropriate places throughout this lesson.
For complete information on security, you can refer to the following:
- the Security in JDK 1.2 trail in this tutorial.
- the security section of the JDKTM documentation.