Java Reference
In-Depth Information
synchronization “The Java programming language provides multiple mechanisms for
communicating between threads. The most basic of these methods is synchronization ,
which is implemented using monitors. Each object in Java is associated with a monitor,
whichathreadcanlockorunlock.Onlyonethreadatatimemayholdalockonamonitor.
Any other threads attempting to lock that monitor are blocked until they can obtain a lock
on that monitor” [JLS 2013, §17.1, “Synchronization”].
thread-safe An object is thread-safe if it can be shared by multiple threads without the
possibilityofanydataraces.“Athread-safeobjectperformssynchronizationinternally,so
multiple threads can freely access it through its public interface without further synchron-
ization” [Goetz 2006]. Immutable classes are thread-safe by definition. Mutable classes
may also be thread-safe if they are properly synchronized.
trusted code Code that is loaded by the primordial class loader regardless of whether or
not it constitutes the Java API. In this text, this meaning is extended to include code that
is obtained from a known entity and given permissions that untrusted code lacks. By this
definition,untrustedandtrustedcodecancoexistinthenamespaceofasingleclassloader
(not necessarily the primordial class loader). In such cases, the security policy must make
this distinction clear by assigning appropriate privileges to trusted code while denying the
same from untrusted code.
untrusted code Code of unknown origin that can potentially cause some harm when ex-
ecuted. Untrusted code may not always be malicious, but it is usually hard to determine
automatically. Consequently, untrusted code should be run in a sandboxed environment.
volatile “A write to a volatile field happens-before every subsequent read of that field”
[JLS 2013, §17.4.5, “Happens-before Order”]. “Operations on the master copies of volat-
ile variables on behalf of a thread are performed by the main memory in exactly the order
that the thread requested” [JVMSpec 1999]. Accesses to a volatile variable are sequen-
tially consistent, which also means that the operations are exempt from compiler optim-
izations. Declaring a variable volatile ensures that all threads see the most up-to-date
value of the variable if any thread modifies it. Volatile guarantees atomic reads and writes
of primitive values, but it does not guarantee the atomicity of composite operations such
as variable incrementation (read-modify-write sequence).
vulnerability “A set of conditions that allows an attacker to violate an explicit or implicit
security policy” [Seacord 2013].
Search WWH ::




Custom Search