How do I know which granted permission is not needed?

Weijun Wang weijun.wang at oracle.com
Wed Jun 21 07:05:42 UTC 2017


Suppose I have a Java program running with a security manager and a 
policy file. There are quite a lot of permissions granted in the policy 
file but maybe not all of them are necessary.

Is there a way I can find out which one is not needed?

I tried to write my own security manager to remember all permission 
objects checked and then compare it with the policy file, but if the 
policy file has permissions granted to different codebases, I cannot 
tell which one is for which.

Thanks
Max


More information about the security-dev mailing list