|
You can optionally seal packages in extension JAR files as an
additional security measure. If a package is sealed, all classes defined in that
package must originate from a single JAR file.
Without sealing, a "hostile" program could create a class and define it to be a member of one of your extension packages. The hostile software would then have free access to package-protected members of your extension package. Let's look at a few sample manifest files. For these examples suppose that the JAR file contains these packages: com/myCompany/package_1/ com/myCompany/package_2/ com/myCompany/package_3/ com/myCompany/package_4/ Suppose that you want to seal all the packages. You could do so by simply adding an archive-level Sealed header to the manifest like this: Manifest-Version: 1.0 Sealed: true All packages in any JAR file having this manifest will be sealed. If you wanted to seal only com.myCompany.package_3, you could do so with this manifest: Manifest-Version: 1.0 Name: com/myCompany/package_3/ Sealed: trueSee http://java.sun.com/docs/books/tutorial/ext/security/sealing.htmlHarish |
- Sealing violation Leonid Vasilenko
- Re: Sealing violation Maximilian Eberl
- Re: Sealing violation Pier Fumagalli
- Re: Sealing violation Pier Fumagalli
- Re: Sealing violation Mark Galbreath
- Re: Sealing violation Christopher K. St. John
- Sealing Violation anoop
- Harish K Kottarathil
