由 ClassLoader 載入的沙盒類
ClassLoader 需要提供識別程式碼源的 ProtectionDomain
:
public class PluginClassLoader extends ClassLoader {
private final ClassProvider provider;
private final ProtectionDomain pd;
public PluginClassLoader(ClassProvider provider) {
this.provider = provider;
Permissions permissions = new Permissions();
this.pd = new ProtectionDomain(provider.getCodeSource(), permissions, this, null);
}
@Override
protected Class<?> findClass(String name) throws ClassNotFoundException {
byte[] classDef = provider.getClass(name);
Class<?> clazz = defineClass(name, classDef, 0, classDef.length, pd);
return clazz;
}
}
通過重寫 findClass
而不是 loadClass
,保留委託模型,PluginClassLoader 將首先查詢系統和父類載入器以獲取類定義。
制定政策:
public class PluginSecurityPolicy extends Policy {
private final Permissions appPermissions = new Permissions();
private final Permissions pluginPermissions = new Permissions();
public PluginSecurityPolicy() {
// amend this as appropriate
appPermissions.add(new AllPermission());
// add any permissions plugins should have to pluginPermissions
}
@Override
public Provider getProvider() {
return super.getProvider();
}
@Override
public String getType() {
return super.getType();
}
@Override
public Parameters getParameters() {
return super.getParameters();
}
@Override
public PermissionCollection getPermissions(CodeSource codesource) {
return new Permissions();
}
@Override
public PermissionCollection getPermissions(ProtectionDomain domain) {
return isPlugin(domain)?pluginPermissions:appPermissions;
}
private boolean isPlugin(ProtectionDomain pd){
return pd.getClassLoader() instanceof PluginClassLoader;
}
}
最後,設定策略和 SecurityManager(預設實現很好):
Policy.setPolicy(new PluginSecurityPolicy());
System.setSecurityManager(new SecurityManager());