How do I know which granted permission is not needed?
Weijun Wang
weijun.wang at oracle.com
Wed Jun 21 07:05:42 UTC 2017
Suppose I have a Java program running with a security manager and a
policy file. There are quite a lot of permissions granted in the policy
file but maybe not all of them are necessary.
Is there a way I can find out which one is not needed?
I tried to write my own security manager to remember all permission
objects checked and then compare it with the policy file, but if the
policy file has permissions granted to different codebases, I cannot
tell which one is for which.
Thanks
Max
More information about the security-dev
mailing list