Java Reference
In-Depth Information
that context to establish the permissions that the privileged code should
run with.
You should use
doPrivileged
with extreme care and ensure that your
privileged sections of code are no longer than necessary and that they
perform only actions you fully control. For example, it would be an ex-
treme security risk for a method with, say, all I/O permissions, to accept
a
Runnable
argument and invoke its
run
method within a privileged sec-
tion of code, unless you wouldn't mind if that method removed all the
files on your disk.
Power corrupts. Absolute power is kind of neat.
John Lehman, U.S. Secretary of the Navy, 19811987