| SerializablePermission | java.io |
| Java 1.2 | serializable permission |
This
class is a
java.security.Permission that governs the use of
certain sensitive features of serialization.
SerializablePermission objects have a name, or
target, but do not have an action list. The name
"enableSubclassImplementation"
represents permission to serialize and deserialize objects using
subclasses of ObjectOutputStream and
ObjectInputStream. This capability is protected by
a permission because malicious code can define object stream
subclasses that incorrectly serialize and deserialize objects.The only other name supported by
SerializablePermission is
"enableSubstitution," which
represents permission for one object to be substituted for another
during serialization or deserialization. Permission of this type is
required by the ObjectOutputStream.enableReplaceObject(
) and ObjectInputStream.enableResolveObject(
) methods.Applications never need to use this class. Programmers writing
system-level code may use it, and system administrators configuring
security policies should be familiar with it.
 public final class SerializablePermission extends java.security.BasicPermission {
// Public Constructors
public SerializablePermission (String name );
public SerializablePermission (String name , String actions );
}
Type Of
ObjectStreamConstants.{SUBCLASS_IMPLEMENTATION_PERMISSION,
SUBSTITUTION_PERMISSION} |
لطفا منتظر باشید ...
