Programmers, system administrators, and end users all have different security concerns and, thus, different roles to play in the Java security architecture.
programmers are the people who define new Java APIs that allow access
to sensitive system resources. These programmers are typically
working with native methods that have unprotected access to the
system. They need to use the Java access control architecture to
prevent untrusted code from executing those native methods. To do
this, system programmers must carefully insert
SecurityManager calls at appropriate places in
their code. A system programmer may choose to use an existing
Permission subclass to govern access to the system
resources exposed by her API, or she may decide to define a
specialized subclass of
The system programmer carries a tremendous security burden: if she does not perform appropriate access control checks in her code, she compromises the security of the entire Java platform. The details are complex and are beyond the scope of this book. Fortunately, however, system programming that involves native methods is rare in Java; almost all of us are application programmers who can simply rely on the existing APIs.
Programmers who use the core Java APIs and standard extensions but do not define new extensions or write native methods can simply rely on the security efforts of the system programmers who ...