19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.lang.reflect; 27 28 /** 29 * The Permission class for reflective operations. 30 * <P> 31 * The following table 32 * provides a summary description of what the permission allows, 33 * and discusses the risks of granting code the permission. 34 * 35 * <table class="striped"> 36 * <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption> 37 * <thead> 38 * <tr> 39 * <th>Permission Target Name</th> 40 * <th>What the Permission Allows</th> 41 * <th>Risks of Allowing this Permission</th> 42 * </tr> 43 * </thead> 44 * <tbody> 45 * 46 * <tr> 47 * <td>suppressAccessChecks</td> 48 * <td>ability to suppress the standard Java language access checks 49 * on fields and methods in a class; allow access not only public members 50 * but also allow access to default (package) access, protected, 51 * and private members.</td> 52 * <td>This is dangerous in that information (possibly confidential) and 53 * methods normally unavailable would be accessible to malicious code.</td> 54 * </tr> 55 * <tr> 56 * <td>newProxyInPackage.{package name}</td> 57 * <td>ability to create a proxy instance in the specified package of which 58 * the non-public interface that the proxy class implements.</td> 59 * <td>This gives code access to classes in packages to which it normally 60 * does not have access and the dynamic proxy class is in the system 61 * protection domain. Malicious code may use these classes to 62 * help in its attempt to compromise security in the system.</td> 63 * </tr> 64 * 65 * </tbody> 66 * </table> 67 * 68 * @see java.security.Permission 69 * @see java.security.BasicPermission 70 * @see AccessibleObject 71 * @see Field#get 72 * @see Field#set 73 * @see Method#invoke 74 * @see Constructor#newInstance 75 * @see Proxy#newProxyInstance 76 * | 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package java.lang.reflect; 27 28 /** 29 * The Permission class for reflective operations. 30 * <P> 31 * The following table 32 * provides a summary description of what the permission allows, 33 * and discusses the risks of granting code the permission. 34 * 35 * <table class="striped"> 36 * <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption> 37 * <thead> 38 * <tr> 39 * <th scope="col">Permission Target Name</th> 40 * <th scope="col">What the Permission Allows</th> 41 * <th scope="col">Risks of Allowing this Permission</th> 42 * </tr> 43 * </thead> 44 * <tbody> 45 * 46 * <tr> 47 * <th scope="row">suppressAccessChecks</th> 48 * <td>ability to suppress the standard Java language access checks 49 * on fields and methods in a class; allow access not only public members 50 * but also allow access to default (package) access, protected, 51 * and private members.</td> 52 * <td>This is dangerous in that information (possibly confidential) and 53 * methods normally unavailable would be accessible to malicious code.</td> 54 * </tr> 55 * <tr> 56 * <th scope="row">newProxyInPackage.{package name}</th> 57 * <td>ability to create a proxy instance in the specified package of which 58 * the non-public interface that the proxy class implements.</td> 59 * <td>This gives code access to classes in packages to which it normally 60 * does not have access and the dynamic proxy class is in the system 61 * protection domain. Malicious code may use these classes to 62 * help in its attempt to compromise security in the system.</td> 63 * </tr> 64 * 65 * </tbody> 66 * </table> 67 * 68 * @see java.security.Permission 69 * @see java.security.BasicPermission 70 * @see AccessibleObject 71 * @see Field#get 72 * @see Field#set 73 * @see Method#invoke 74 * @see Constructor#newInstance 75 * @see Proxy#newProxyInstance 76 * |