Alibaba Group Holding Limited
Method and apparatus for improving security of Java sandbox

Abstract:

A method and apparatus for improving security of a Java sandbox is provided. The method includes performing a permission check on a to-be-checked code, determining whether a method bypassing the permission check exists in a call stack of the code, and if a method bypassing the permission check exists, determining whether methods in the call stack have a signature. The method also includes determining that the to-be-checked code has a security problem if the methods have no signature.