Is it possible to break the security manager with sun.misc.unsafe?

Question

Is it possible to break the security manager with sun.misc.unsafe?

After talking to another question, an interesting problem arises.

Classes loaded by the security manager are protected by appropriate protection. This security may disable reflection (for example).

Question: Is it possible to split the security manager using sun.misc.unsafe? If so, how?

EDIT

Changed SecuredClassLoader to Security Manager question.

+1

java security classloader

Jverstry Apr 23 '11 at 2:19

source share

2 answers

What is a "safe classloader"? SecureClassLoader? It is not safe, despite its name. All he does is limit the loading of classes from class to a specific code location.

Therefore, you do not even need any unsafe operations to “break” it. Just, for example, make sure the new class of the hacked class is on the class path before SecureClassLoader even gets control.

Someone in this thread has already told you - you cannot get a secure place in an unsecured environment. If your code is deployed on the user's computer, the user is god there, and no JVM security will help you simply because the JVM is a tiny layer on top of much more powerful native things.

+1

Vladimir Dyuzhev Apr 23 '11 at 2:33

source share

Whitefang34 · Accepted Answer · 2011-04-23T02:40:52+0000

Not. The sun.misc.Unsafe class requires access control, like any other privileged action. You can block it using a special classloader or security manager. Here's a simple example with an empty security manager that shows it will AccessControlException :

 System.setSecurityManager(new SecurityManager()); Unsafe unsafe = Unsafe.getUnsafe();

Is it possible to break the security manager with sun.misc.unsafe?

More articles: