public final class ManagementPermission extends BasicPermission
The permission which the SecurityManager will check when code that is running with a SecurityManager calls methods defined in the management interface for the Java platform.
The following table provides a summary description of what the permission allows, and discusses the risks of granting code the permission.
Permission Target Name | What the Permission Allows | Risks of Allowing this Permission |
---|---|---|
control | Ability to control the runtime characteristics of the Java virtual machine, for example, enabling and disabling the verbose output for the class loading or memory system, setting the threshold of a memory pool, and enabling and disabling the thread contention monitoring support. Some actions controlled by this permission can disclose information about the running application, like the -verbose:class flag. | This allows an attacker to control the runtime characteristics of the Java virtual machine and cause the system to misbehave. An attacker can also access some information related to the running application. |
monitor | Ability to retrieve runtime information about the Java virtual machine such as thread stack trace, a list of all loaded class names, and input arguments to the Java virtual machine. | This allows malicious code to monitor runtime information and uncover vulnerabilities. |
Programmers do not normally create ManagementPermission objects directly. Instead they are created by the security policy code based on reading the security policy file.
BasicPermission
, Permission
, Permissions
, PermissionCollection
, SecurityManager
, Serialized Formpublic ManagementPermission(String name)
Constructs a ManagementPermission with the specified name.
name
- Permission name. Must be either "monitor" or "control".NullPointerException
- if name
is null
.IllegalArgumentException
- if name
is empty or invalid.public ManagementPermission(String name, String actions) throws IllegalArgumentException
Constructs a new ManagementPermission object.
name
- Permission name. Must be either "monitor" or "control".actions
- Must be either null or the empty string.NullPointerException
- if name
is null
.IllegalArgumentException
- if name
is empty or if arguments are invalid.equals, getActions, hashCode, implies, newPermissionCollection
checkGuard, getName, toString
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
© 1993–2017, Oracle and/or its affiliates. All rights reserved.
Documentation extracted from Debian's OpenJDK Development Kit package.
Licensed under the GNU General Public License, version 2, with the Classpath Exception.
Various third party code in OpenJDK is licensed under different licenses (see Debian package).
Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.