Java Security Manager reloaded

preview_player
Показать описание
It has become common practice to build programs by using libraries and make programs extendable by plugins. Applications deployed to application servers are also very popular nowadays. This means a serious issue for the security of the whole system. Luckily, Java has the solution - the Java Security Manager (JSM). Quick demo shows what to expect from evil applications and lazy programmers. The talk gives hints how to start with the JSM and how to write policy files. It also mentions which methods in your software should be protected by permission checks. The talk introduces a new Security Manager called ProGrade, which is backward compatible with the JSM and also allows the administrator to use ‘deny’ entries in policies. *Java Security is not a myth! The threat is out there. Be suspicious! Don’t trust your code and be paranoid when you use others’ code.*

Author:
Josef Cacek
Josef is a passionate Java developer, open-source contributor, decent runner and proud father. He joined JBoss team at Red Hat to help improve quality of security components in WildFly (JBoss AS formerly) and JBoss Enterprise Application Platform. Josef was few years involved in DirX Access project development at Atos.

  1. Parleys
  2. Devoxx 2014
  3. Devoxx
  4. 2014
  5. Java
  6. Security
Рекомендации по теме
Java Security Manager 0:28:14

Java Security Manager reloaded

From Java Security 0:07:46

From Java Security with Love - Inside Java Newscast #42

Java Security Architecture 0:30:50

Java Security Architecture Demystified by Martin Toshev

Security Control Enhancements 0:52:21

Security Control Enhancements - Jim Manico - NDC Security 2022

IQ TEST 0:00:29

IQ TEST

Future Java - 0:09:33

Future Java - Prepare Your Codebase Now! - Inside Java Newscast #41

Finding girlfriend in 0:00:14

Finding girlfriend in Philippines (in 10sec) 😏

Senior Programmers vs 0:00:34

Senior Programmers vs Junior Developers #shorts

Cosplay by b.tech 0:00:15

Cosplay by b.tech final year at IIT Kharagpur

Verteilte Systeme - 0:05:08

Verteilte Systeme - 03.5 - Java RMI Hintergrund: Build, Deployment, Security, Ausführung

Security Manager 0:02:42

Security Manager

JavaDay Kyiv 2015: 0:42:41

JavaDay Kyiv 2015: Security Architecture of the Java Platform, Martin Toshev

My Jobs Before 0:00:15

My Jobs Before I was a Project Manager

manually writing data 0:00:12

manually writing data to a HDD...kinda #shorts

Linux users be 0:00:42

Linux users be like

Getting started with 0:20:50

Getting started with User Security Manager for West Wind Web Connection

Wyd if you 0:00:18

Wyd if you get a virus? #shorts

Nintendo Switch Cake 0:00:15

Nintendo Switch Cake or Fake Challenge

Kafka in 100 0:02:35

Kafka in 100 Seconds

Apple always leaves 0:00:10

Apple always leaves their products so close to the edge #shorts #appleevent

What's the Best 0:00:43

What's the Best Operating System? #shorts

Almost 3 Years 0:00:26

Almost 3 Years As A condo Owner in Miami Beach.. This is pretty normal on a Monday in South Beach

I’m done with 0:00:10

I’m done with the Nintendo Switch!

How To Off 0:00:29

How To Off Your Active Status On Facebook | #shorts #facebook

Комментарии
Автор

I am a bit confused when researching - the SecurityManager is deprecated, and yet the OCAJP IZO-819 exam has questions centric to granting permissions via the policy file

bluex
Автор

Hi this was very helpful for me thanks a lot for such a good explanation . I have one query how can I go through with full application to generate policy file by using pro-grade library, I am having my war file with me which is deployed in wildfly 10 ?

girishpathak