public final class ManagementPermission extends BasicPermission
The following table provides a summary description of what the permission allows, and discusses the risks of granting code the permission.
Permission Target Name | What the Permission Allows | Risks of Allowing this Permission |
---|---|---|
control | Ability to control the runtime characteristics of the Java virtual machine, for example, enabling and disabling the verbose output for the class loading or memory system, setting the threshold of a memory pool, and enabling and disabling the thread contention monitoring support. Some actions controlled by this permission can disclose information about the running application, like the -verbose:class flag. | This allows an attacker to control the runtime characteristics of the Java virtual machine and cause the system to misbehave. An attacker can also access some information related to the running application. |
monitor | Ability to retrieve runtime information about the Java virtual machine such as thread stack trace, a list of all loaded class names, and input arguments to the Java virtual machine. | This allows malicious code to monitor runtime information and uncover vulnerabilities. |
Programmers do not normally create ManagementPermission objects directly. Instead they are created by the security policy code based on reading the security policy file.
BasicPermission
,
Permission
,
Permissions
,
PermissionCollection
,
SecurityManager
,
Serialized FormConstructor and Description |
---|
ManagementPermission(String name)
Constructs a ManagementPermission with the specified name.
|
ManagementPermission(String name,
String actions)
Constructs a new ManagementPermission object.
|
equals, getActions, hashCode, implies, newPermissionCollection
checkGuard, getName, toString
public ManagementPermission(String name)
name
- Permission name. Must be either "monitor" or "control".NullPointerException
- if name
is null
.IllegalArgumentException
- if name
is empty or invalid.public ManagementPermission(String name, String actions) throws IllegalArgumentException
name
- Permission name. Must be either "monitor" or "control".actions
- Must be either null or the empty string.NullPointerException
- if name
is null
.IllegalArgumentException
- if name
is empty or
if arguments are invalid. Submit a bug or feature
For further API reference and developer documentation, see Java SE Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.
Copyright © 1993, 2015, Oracle and/or its affiliates. All rights reserved.