Package java.security



This package, which has grown significantly in JDK1.2, is the main interface to the Java security framework. Security is a fundamental design component of the Java platform and has undergone large changes with each Java release. The changes for JDK1.2 contained introduction of a fine-grained access control mechanism, in which policies can be defined to exactly control the privileges granted to applications and applets: read and/or write access to files or directories, permissions to use some or all available networking capabilities, and so on.

By default, Java applications on Linux run with capabilities equivalent to those of the user running the application: If you can use a certain feature or write a certain file from C++, you can do it from Java. The mechanisms given by java.security allow for finer control of those permissions: Users can be granted or denied specific permissions based on system-wide configuration, per-user configuration, and the degree of trust assigned to the application being run.

Java cannot override Linux security mechanisms to give users extra capabilities—nothing in java.security can grant root user privileges to an ordinary user. But by supporting detailed security constraints on applications, java.security gives a new and useful level of protection when running untrusted applications. Java's security mechanism also handles cryptographic operations, certification of trusted sources, and class loading.