How do I know which granted permission is not needed?

Weijun Wang at
Wed Jun 21 07:05:42 UTC 2017

Suppose I have a Java program running with a security manager and a 
policy file. There are quite a lot of permissions granted in the policy 
file but maybe not all of them are necessary.

Is there a way I can find out which one is not needed?

I tried to write my own security manager to remember all permission 
objects checked and then compare it with the policy file, but if the 
policy file has permissions granted to different codebases, I cannot 
tell which one is for which.


More information about the security-dev mailing list