jvm sandbox for java application

Question

Is it possible to implement some kind of JVM sandbox for running application ? I'd like to restrict access of this application for example to files IO, network, etc.

Is any way to control these resources access for running app inside of JVM in this sandbox ?

score 4 · Accepted Answer · answered Nov 04 '15 at 18:13

4

That's what SecurityManager is for.

They even have a tutorial.

answered Nov 04 '15 at 18:13

Kayaman

72,141
5
83
121

score 2 · Answer 2 · answered Nov 05 '15 at 01:48

In addition to the JVM's security manager you can also use OS-specific security mechanisms. The simplest is running the JVM under a separate user.

More advanced isolation techniques exist on various platforms. For example linux has seccomp-bpf, namespaces, selinux, capabilities and various other things. Firejail and systemd-nspawn make use of them.

score 1 · Answer 3 · answered Mar 29 '23 at 07:20

1

Maybe alibaba's jvm-sandbox ,you can try.

answered Mar 29 '23 at 07:20

Deipss

11
1

Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Apr 03 '23 at 08:11

jvm sandbox for java application

3 Answers3