How can I add at runtime a new RuntimePermission to Java security policy?

Question

Hello. I want to add at runtime a new RuntimePermission to the set of already existing permissions (java.policy) file. Here is my code:

ProtectionDomain domain = MyClass.class.getProtectionDomain();
        final PermissionCollection domainPerms = domain.getPermissions();
        Enumeration<Permission> oldPerms = domainPerms.elements();
        PermissionCollection newPerms = new Permissions();

        //add the old permissions to
        while (oldPerms.hasMoreElements()) {
            newPerms.add(oldPerms.nextElement());
        }
        //add my new permission
        RuntimePermission rtPermission = new RuntimePermission("accessDeclaredMembers");
        newPerms.add(rtPermission);

..

But how do I use the newPerms object ?

Also I've tried to add the new permission to the oldPerms but since oldPerms is read only, I get a nice SecurityException.

Thank you!

Answer 1

The Permissions types have a very strange API, although it shouldn't be too surprising that you can't modify an object that has been set read-only. ProtectionDomains are supposed to be immutable.

However, since about 1.4ish you can have "dynamic" ProtectionDomains that defer to the current Policy. However, trying to change permissions on the fly is not something I would advise, as it doesn't make a great deal of sense. better to create APIs with a capability approach - the SecurityManager is just there paper over the cracks in bad APIs.