Class Sandbox


  • public final class Sandbox
    extends java.lang.Object
    Executes a PrivilegedAction or PrivilegedExceptionAction in a context with restricted permissions. This is useful for executing "untrusted" code, e.g. user-provided expressions or scripts that were compiled with JANINO.

    Code example:

         Permissions noPermissions = new Permissions();
         Sandbox sandbox = new Sandbox(noPermissions);
         sandbox.confine(new PrivilegedExceptionAction<Object>() {
             @Override public Object run() throws Exception { new java.io.File("xxx").delete(); return null; }
         });
     
    See Also:
    ORACLE: Java Essentials: The Security Manager
    • Constructor Summary

      Constructors 
      Constructor Description
      Sandbox​(java.security.PermissionCollection permissions)  
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      <R> R confine​(java.security.PrivilegedAction<R> action)
      Runs the given action, confined by the permissions configured through the constructor.
      <R> R confine​(java.security.PrivilegedExceptionAction<R> action)  
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • confine

        public <R> R confine​(java.security.PrivilegedAction<R> action)
        Runs the given action, confined by the permissions configured through the constructor.
        Returns:
        The value returned by the action
      • confine

        public <R> R confine​(java.security.PrivilegedExceptionAction<R> action)
                      throws java.lang.Exception
        Throws:
        java.lang.Exception