org.codehaus.commons.compiler

Class Sandbox

java.lang.Object

org.codehaus.commons.compiler.Sandbox

public final class Sandbox
extends Object

Executes a PrivilegedAction or PrivilegedExceptionAction in a context with restricted permissions. This is useful for executing "untrusted" code, e.g. user-provided expressions or scripts that were compiled with JANINO.

Code example:

     Permissions noPermissions = new Permissions();
     Sandbox sandbox = new Sandbox(noPermissions);
     sandbox.confine(new PrivilegedExceptionAction<Object>() {
         @Override public Object run() throws Exception { new java.io.File("xxx").delete(); return null; }
     });
 

See Also:

ORACLE: Java Essentials: The Security Manager

Constructor Summary

Constructors

Constructor and Description
Sandbox(PermissionCollection permissions)

Method Summary

Modifier and Type	Method and Description
<R> R	confine(PrivilegedAction<R> action) Runs the given action, confined by the permissions configured through the constructor.
<R> R	confine(PrivilegedExceptionAction<R> action)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Sandbox

public Sandbox(PermissionCollection permissions)

Parameters:

permissions - Will be applied on later calls to confine(PrivilegedAction) and confine(PrivilegedExceptionAction)

Method Detail

confine

public <R> R confine(PrivilegedAction<R> action)

Runs the given action, confined by the permissions configured through the constructor.

Returns:

The value returned by the action

confine

public <R> R confine(PrivilegedExceptionAction<R> action)
              throws Exception

Throws:

Exception