问题
I want to run a specific thread-class in a restricted sandbox, while the rest of the application can run unrestricted.
Is it possible to attach a security manager for a specific thread-class only?
--
EDIT: Using Peter's hint, I created the following variable, inside my custom security manager:
private static ThreadLocal<Boolean> isChatbot = new InheritableThreadLocal<Boolean>() {
@Override protected synchronized Boolean initialValue() {
boolean value = (Thread.currentThread() instanceof ChatBot);
return value;
}
@Override protected synchronized Boolean childValue(Boolean parentValue) {
boolean value = (Thread.currentThread() instanceof ChatBot || parentValue);
return value;
}
};
ChatBot is my specific class of threads which I want to run restricted. So in initialValue I give the value 'true' to all ChatBot threads, and in childValue I also give the value 'true' to all childs spawned by a ChatBot thread.
Strangely, this doesn't work. I put a breakpoint inside childValue, and I saw that the execution never gets there, so child threads get a value of 'false'.
What am I doing wrong?
回答1:
You can create a security manager which only checks one thread (or every thread with an InheritableThreadLocal) The benefit of using an InheritableThreadLocal is that any spawned thread will also be checked.
来源:https://stackoverflow.com/questions/6744553/java-security-manager-per-thread