问题描述

我想让我的应用程序运行其他人的代码，也就是插件.但是，我有什么选择可以确保安全，这样他们就不会编写恶意代码.我如何控制他们能做什么或不能做什么?

I want to make my application to run other people's code, aka plugins. However, what options do I have to make this secure so they don't write malicious code. How do I control what they can or can not do?

我偶然发现 JVM 具有内置沙箱"功能 - 它是什么，这是唯一的方法吗?是否有用于制作沙箱的第三方 Java 库?

I have stumbled around that JVM has a "built in sandbox" feature - what is it and is this the only way? Are there third-party Java libraries for making a sandbox?

我有哪些选择?感谢提供指南和示例的链接！

What options do I have? Links to guides and examples is appreciated!

推荐答案

您正在寻找 安全管理器.您可以通过指定policy.

You are looking for a security manager. You can restrict the permissions of an application by specifying a policy.