> The idea of having different declarative security realms is fine but it's not ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

nl on Dec 13, 2021 | parent | context | favorite | on: CISA Director on Log4j Vulnerability

> The idea of having different declarative security realms is fine but it's not what the Java Security Manager is.

But.. it is?

The JVM tracks where bytecode was loaded from, and then you can define a policy to limit what that code can do.

Here's an example giving read-only access to /etc

https://access.redhat.com/documentation/en-us/red_hat_jboss_...

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact