type safety importance link

From -

Why Type Safety Matters
Type safety is the most essential element of Java's security. To understand why, consider the following slightly contrived example. A calendar-management applet defines a class called Alarm. This class is represented in memory as shown in Figure 2.10. Alarm defines an operation turnOn, which sets the first field to true. The Java runtime library defines another class called Applet, whose memory layout is also shown in Figure 2.10. Note that the first field of Applet is fileAccessAllowed, which determines whether the applet is allowed access to files on the hard disk.
Figure 2.10 Type safety provides an important foundation for the Java security model.In this figure, two classes, Alarm and Applet, each include a number of fields. Setting the first field in these classes to "true" is not equivalent. Type safety checks ensure that any object a method may try to manipulate is of the proper type.
Suppose a program tried to apply the turnOn operation to an Applet object. If the operation were allowed to go ahead, it would do what turnOn was supposed to do, and set the first field of the object to true. Since the object was really in the Applet class, setting the first field to true allows the applet to access the hard disk. The applet would then be allowed (incorrectly) to delete files.
This example shows what can go wrong if type safety is violated. In our experience, every type safety violation has created an opportunity for an untrusted applet to break out of Java's security restrictions. Given the importance of type safety, the next section explains Java's strategy for ensuring type safety.


Popular posts from this blog

Long running Java process resource consumption monitoring , leak detection and GC tuning

OpenLayers Advanced Clustering and Setting dynamic images for OpenLayer Styles via Ajax

Java Script Development Guidlines