Custom Class loader to restrict access to classes

Asked Jan 31 '20 at 06:28

Active Jan 31 '20 at 06:28

Viewed 319 times

My application have this custom classloader:

JarByteClassloader loader = new JarByteClassloader(jar);
Class c = loader.loadClass(classToLoad);
Thread.currentThread().setContextClassLoader(loader);
JarEntryObject jarEntry = (JarEntryObject) c.newInstance();

I'd like to ask if it's possible to restrict access to specific classes from the instances loaded by a custom classloader?

As such, for example, System.getProperty() or System.getenv() should fail. In what way can this be done?

asked Jan 31 '20 at 06:28

quarks

33,478
73
290
513

2

https://stackoverflow.com/questions/2626981/restricting-dynamically-loaded-classes-and-jars-based-on-a-security-policy This might be helpful to you. – Stunner Jan 31 '20 at 06:43
2

Looks like you have to set SecurityManager https://docs.oracle.com/javase/6/docs/api/java/lang/SecurityManager.html – Stunner Jan 31 '20 at 06:45

Custom Class loader to restrict access to classes

0 Answers0