如何解决如何在 kotlin 协程中执行特权?
在 Java 中,我可以通过调用 java.security.AccessController.doPrivileged() 来提升权限。
如何在 kotlin 协程中提升权限?
示例:当我调用程序时
import java.security.AccessControlContext
import java.security.AccessController
import java.security.PrivilegedAction
import java.security.ProtectionDomain
import kotlinx.coroutines.runBlocking
object Privileged {
private fun checkDirect(expectAllowed: Boolean) {
try {
System.getProperty("allowed")
if (expectAllowed) {
println("expected: allowed")
}
else {
println("UNEXPECTED: allowed")
}
} catch (e: SecurityException) {
if (expectAllowed) {
println("UNEXPECTED: forbidden")
}
else {
println("expected: forbidden")
}
}
}
private suspend fun checkSuspend(expectAllowed: Boolean) {
checkDirect(expectAllowed)
}
@JvmStatic
fun main(vararg argv: String) {
// drop privileges
AccessController.doPrivileged(
PrivilegedAction {
// privileges are all dropped here
// 1. direct functions:
// this check will fail
checkDirect(false)
// raise privilege
AccessController.doPrivileged(
PrivilegedAction {
// privileges are all raised here
// so this check will succeed
checkDirect(true)
}
)
// 2. suspend functions:
runBlocking {
// this call will fail
checkSuspend(false)
// FIXME: How to call checkSuspend(true) with raised privileges?
}
},AccessControlContext(arrayOf(ProtectionDomain(null,null)))
)
}
}
使用 java -Djava.security.manager -Djava.security.policy=java.policy Privileged,其中 java.policy 是
grant {
permission java.security.AllPermission;
};
我明白
expected: forbidden
expected: allowed
expected: forbidden
调用具有提升权限的 checkSuspend 的 AccessController.doPrivileged() 等价物是什么(请参阅程序代码中的 FIXME)?
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
