|
Préférences
Moteurs de recherche
|
|||||||||||||||||||||||||||||||||||||
| JavaTM 2 Platform Std. Ed. v1.4.2
java.awt
|
||||||||||||||||||||||||||||||||||||||
| Permission Target Name | What the Permission Allows | Risks of Allowing this Permission |
|---|---|---|
| accessClipboard | Posting and retrieval of information to and from the AWT clipboard | This would allow malfeasant code to share potentially sensitive or confidential information. |
| accessEventQueue | Access to the AWT event queue | After retrieving the AWT event queue, malicious code may peek at and even remove existing events from its event queue, as well as post bogus events which may purposefully cause the application or applet to misbehave in an insecure manner. |
| createRobot | Create java.awt.Robot objects | The java.awt.Robot object allows code to generate native-level mouse and keyboard events as well as read the screen. It could allow malicious code to control the system, run other programs, read the display, and deny mouse and keyboard access to the user. |
| fullScreenExclusive | Enter full-screen exclusive mode | Entering full-screen exclusive mode allows direct access to low-level graphics card memory. This could be used to spoof the system, since the program is in direct control of rendering. |
| listenToAllAWTEvents | Listen to all AWT events, system-wide | After adding an AWT event listener, malicious code may scan all AWT events dispatched in the system, allowing it to read all user input (such as passwords). Each AWT event listener is called from within the context of that event queue's EventDispatchThread, so if the accessEventQueue permission is also enabled, malicious code could modify the contents of AWT event queues system-wide, causing the application or applet to misbehave in an insecure manner. |
| readDisplayPixels | Readback of pixels from the display screen | Interfaces such as the java.awt.Composite interface or the java.awt.Robot class allow arbitrary code to examine pixels on the display enable malicious code to snoop on the activities of the user. |
| replaceKeyboardFocusManager | Sets the KeyboardFocusManager for
a particular thread.
| When SecurityManager is installed, the invoking
thread must be granted this permission in order to replace
the current KeyboardFocusManager. If permission
is not granted, a SecurityException will be thrown.
|
| showWindowWithoutWarningBanner | Display of a window without also displaying a banner warning that the window was created by an applet | Without this warning, an applet may pop up windows without the user knowing that they belong to an applet. Since users may make security-sensitive decisions based on whether or not the window belongs to an applet (entering a username and password into a dialog box, for example), disabling this warning banner may allow applets to trick the user into entering such information. |
BasicPermission,
Permission,
Permissions,
PermissionCollection,
SecurityManager,
Serialized Form| Constructor Summary | |
AWTPermission(String name)
Creates a new AWTPermission with the specified name. |
|
AWTPermission(String name,
String actions)
Creates a new AWTPermission object with the specified name. |
|
| Methods inherited from class java.security.BasicPermission |
equals, getActions, hashCode, implies, newPermissionCollection |
| Methods inherited from class java.security.Permission |
checkGuard, getName, toString |
| Methods inherited from class java.lang.Object |
clone, finalize, getClass, notify, notifyAll, wait, wait, wait |
| Constructor Detail |
public AWTPermission(String name)
AWTPermission with the specified name.
The name is the symbolic name of the AWTPermission,
such as "topLevelWindow", "systemClipboard", etc. An asterisk
may be used to indicate all AWT permissions.
name - the name of the AWTPermissionpublic AWTPermission(String name, String actions)
AWTPermission object with the specified name.
The name is the symbolic name of the AWTPermission, and the
actions string is currently unused and should be null.
name - the name of the AWTPermissionactions - should be null