[security-dev 00064]: Javasss (Safe secure sandbox)

Sean Godsell sgodsell at hotmail.com
Wed Feb 6 20:57:16 PST 2008

Hello again openjdk people,

I have added a number of new features and cleaned up some of the functions that were added previously.  Javasss enhances the openjdk in a number of areas.  The following is a list of enhancements:
    - Overwrite and lock users file paths to a specific base path
    - All temporary files can automatically be created in the base path without any program change to existing applications
    - You can limit the amount of storage being used in a path or file 
    - You can limit the # of file and directories being created in path
    - You can make any path read only or read/write
    - You can allow or deny whether libraries can be loaded from a path.
    - You can allow or deny whether native methods can be used from a path.
    - You can have multiple paths to allow users to read or write to with different
       limiting storage and or # or files and directories.
    - You can limit the number of threads and thread priority.
    - You can limit the maximum # of windows being created.
    - You can allow or deny hosts and ports being used.
    - You can allow or deny execution of runtime process.
    - You can limit the amount of socket traffic throughput in bytes per second
    - All items can be controlled in a simple properties file
    - Allow threads to have different paths, and/or lock every new thread with certain paths
    - Allow users to configure thread paths using a key.
    - Existing programs and applications can run without any changes or modifications.

A security manager cannot even do half the items previously listed.  There is complete source code and examples at the following site:
Sean Godsell


More information about the security-dev mailing list