SecurityManager replacement

Fragment of a discussion from User talk:Xor
Jump to navigation Jump to search

Good news: Java 9 Modules have complete support for encapsulation, which can be used as a shallow sandbox mechanism. Direct and reflective access to public members of non-exported packages are forbidden by the language, making robocode engine potentially safe from attacks. Custom ClassLoaders can be used to forbid or replace certain risky java APIs. File & network access can be further restricted by creating dedicated user, and Linux systems can take advantage of chroot & cgroup for enhanced control over resources.

By taking advantage of multiple layers of security countermeasures, we can achieve even safer & fairer environments for robocode competitions.

Xor (talk)17:44, 7 July 2022
Retrieved from "http://robowiki.net/wiki/Thread:User_talk:Xor/SecurityManager_replacement/reply#SecurityManager_replacement_6890"