Java°²È«¹ÜÀíÆ÷Security Manager

    ÿ¸öJavaÓ¦Óö¼¿ÉÒÔÓÐ×Ô¼ºµÄ°²È«¹ÜÀíÆ÷£¬ËüÊÇ·À·¶¶ñÒâ¹¥»÷µÄÖ÷Òª°²È«ÎÀÊ¿¡£°²È«¹ÜÀíÆ÷ͨ¹ýÖ´ÐÐÔËÐн׶μì²éºÍ·ÃÎÊÊÚȨ£¬ÒÔʵʩӦÓÃËùÐèµÄ°²È«²ßÂÔ£¬´Ó¶ø±£»¤×ÊÔ´ÃâÊܶñÒâ²Ù×÷µÄ¹¥»÷¡£Êµ¼ÊÉÏ£¬°²È«¹ÜÀíÆ÷¸ù¾ÝJava°²È«²ßÂÔÎļþ¾ö¶¨½«ÄÄ×éȨÏÞÊÚÓèÀࡣȻ¶ø£¬µ±²»¿ÉÐŵÄÀàºÍµÚÈý·½Ó¦ÓÃʹÓÃJVMʱ£¬Java°²È«¹ÜÀíÆ÷½«Ê¹ÓÃÓëJVMÏà¹ØµÄ°²È«²ßÂÔÀ´Ê¶±ð¶ñÒâ²Ù×÷¡£ÔںܶàÇé¿öÏ£¬ÍþвģÐͲ»°üº¬ÔËÐÐÓÚJVMÖеĶñÒâ´úÂ룬´ËʱJava°²È«¹ÜÀíÆ÷±ã²»ÊDZØÐèµÄ¡£µ±°²È«¹ÜÀíÆ÷¼ì²âµ½Î¥·´°²È«²ßÂԵIJÙ×÷ʱ£¬JVM½«Òý·¢AccessControlException»òSecurityException¡£
    ÔÚJavaÓ¦ÓÃÖУ¬°²È«¹ÜÀíÆ÷ÊÇÓÉSystemÀàÖеķ½·¨setSecurityManagerÉèÖõġ£Òª»ñµÃµ±Ç°µÄ°²È«¹ÜÀíÆ÷£¬¿ÉÒÔʹÓ÷½·¨getSecurityManager¡£
    java.lang.SecurityManagerÀà°üº¬Á˺ܶàcheckXXXX·½·¨£¬ÈçÓÃÓÚÅж϶ÔÎļþ·ÃÎÊȨÏÞµÄcheckRead(String file)·½·¨¡£ÕâЩ¼ì²é·½·¨µ÷ÓÃSecurityManager.checkPermission·½·¨£¬ºóÕ߸ù¾Ý°²È«²ßÂÔÎļþÅжϵ÷ÓÃÓ¦ÓÃÊÇ·ñÓÐÖ´ÐÐËùÇëÇóµÄ²Ù×÷ȨÏÞ¡£Èç¹ûûÓУ¬½«Òý·¢SecurityException¡£
    Èç¹ûÏëÈÃÓ¦ÓÃʹÓð²È«¹ÜÀíÆ÷ºÍ°²È«²ßÂÔ£¬¿ÉÔÚÆô¶¯JVMʱÉ趨-Djava.security.managerÑ¡Ï»¹¿ÉÒÔͬʱָ¶¨°²È«²ßÂÔÎļþ¡£Èç¹ûÔÚÓ¦ÓÃÖÐÆôÓÃÁËJava°²È«¹ÜÀíÆ÷£¬È´Ã»ÓÐÖ¸¶¨°²È«²ßÂÔÎļþ£¬ÄÇôJava°²È«¹ÜÀíÆ÷½«Ê¹ÓÃĬÈϵݲȫ²ßÂÔ£¬ËüÃÇÊÇÓÉλÓÚĿ¼$JAVA_HOME/jre/lib/securityÖеÄjava.policy¶¨ÒåµÄ¡£
¸ÅÄî
²ßÂÔ(Policy)
    Àà×°ÔØÆ÷ÓÃPolicy¶ÔÏó°ïÖúËüÃǾö¶¨£¬°ÑÒ»¶Î´úÂëµ¼ÈëÐéÄâ»úʱӦ¸Ã¸øËüÃÇʲôÑùµÄȨÏÞ. ÈκÎʱºò£¬Ã¿Ò»¸öÓ¦ÓóÌÐò¶¼Ö»ÓÐÒ»¸öPolicy¶ÔÏó.
²ßÂÔÎļþ
    SunµÄjava1.2ƽ̨¾ßÌåµÄPolicy×ÓÀà²ÉÓÃÔÚÒ»ASCII²ßÂÔÎļþÖÐÓÃÉÏÏÂÎÄÎÞ¹ØÎÄ·¨ÃèÊö°²È«²ßÂÔ.
    Ò»¸ö²ßÂÔÎļþ°üÀ¨ÁËһϵÁÐgrant×Ӿ䣬ÿһ¸ögrant×Ӿ佫һЩȨÏÞÊÚ¸øÒ»¸ö´úÂëÀ´Ô´¡£
±£»¤Óò(ProtectionDomain)
    µ±Àà×°ÔØÆ÷½«ÀàÐÍ×°ÈëjavaÐéÄâ»úʱ£¬ËüÃǽ«ÎªÃ¿Ò»¸öÀàÐÍÖ¸ÅÉÒ»¸ö±£»¤Óò£¬±£»¤Óò¶¨ÒåÁËÊÚÓèÒ»¶ÎÌض¨µÄ´úÂëµÄËùÓÐȨÏÞ.×°ÔØÈëjavaÐéÄâ»úµÄÿһ¸öÀàÐͶ¼ÊôÓÚÒ»¸öÇÒ½öÊôÓÚÒ»¸ö±£»¤Óò.
·ÃÎÊ¿ØÖÆÆ÷(AccessController)
    implies()
        ÅжÏÒ»¸öPermissioin¶ÔÏóµÄȨÏÞ£¬ÊÇ·ñÒþº¬(imply)ÔÚÁíÒ»¸öPermissio