How do I know which granted permission is not needed?
Sean Mullan
sean.mullan at oracle.com
Wed Jun 21 11:53:23 UTC 2017
On 6/21/17 3:05 AM, Weijun Wang wrote:
> Suppose I have a Java program running with a security manager and a
> policy file. There are quite a lot of permissions granted in the policy
> file but maybe not all of them are necessary.
>
> Is there a way I can find out which one is not needed?
I don't know of any easy way to do that, other than code inspection and
writing tests that exercise different code paths.
--Sean
>
> I tried to write my own security manager to remember all permission
> objects checked and then compare it with the policy file, but if the
> policy file has permissions granted to different codebases, I cannot
> tell which one is for which.
>
> Thanks
> Max
More information about the security-dev
mailing list