When a
java.lang.SecurityManager SecurityManager set, this
is the permission which will be checked when code invokes
VirtualMachine.attach VirtalMachine.attach to attach to a target virtual
machine.
This permission is also checked when an
com.sun.tools.attach.spi.AttachProvider AttachProvider is created.
An AttachPermission object contains a name (also referred
to as a "target name") but no actions list; you either have the
named permission or you don't.
The following table provides a summary description of what the
permission allows, and discusses the risks of granting code the
permission.
Permission Target Name |
What the Permission Allows |
Risks of Allowing this Permission |
attachVirtualMachine |
Ability to attach to another Java virtual machine and load agents
into that VM.
|
This allows an attacker to control the target VM which can potentially
cause it to misbehave.
|
createAttachProvider |
Ability to create an AttachProvider instance.
|
This allows an attacker to create an AttachProvider which can
potentially be used to attach to other Java virtual machines.
|
Programmers do not normally create AttachPermission objects directly.
Instead they are created by the security policy code based on reading
the security policy file.
See Also: com.sun.tools.attach.VirtualMachine See Also: com.sun.tools.attach.spi.AttachProvider |