问题描述
我正在尝试了解Java的权限模型.我尝试了以下示例代码:
I am trying to learn about Java's permission model. I tried this sample code:
public static void main(String[] args) {
File file = new File("/etc/passwd");
try (BufferedReader reader = new BufferedReader(new FileReader(file));) {
reader.lines().forEach(s -> System.out.println(s));
} catch (IOException e) {
e.printStackTrace();
}
FilePermission perm = new FilePermission("/etc/passwd", "read");
AccessController.checkPermission(perm); // throws Exception
}
这可以很好地打印/etc/passwd
的内容,但最终会引发异常:
This prints the contents of /etc/passwd
fine, but throws an exception in the end:
Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "" "read")
Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "" "read")
为什么读取的文件可以正常工作,但是检查权限却得到否定的结果?
Why is it that the file read works fine, but a check for the permission gives a negative result?
推荐答案
可能是因为JVM没有配置SecurityManager.如果未配置SecurityManager,将不会进行AccessController调用.
Likely because the JVM doesn't have a SecurityManager configured. Without a SecurityManager configured there will be no AccessController call made.
http: //docs.oracle.com/javase/8/docs/technotes/guides/security/spec/security-spec.doc6.html#a19349
这篇关于AccessController.checkPermission的奇怪行为的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!