Both description of java.netSocketPermission class and "Java Security Architecture" document
introduce notion of "localhost" which can be passed to SocketPermission constructor as name of affected host.
However it is not clear what this term means in case of host with several network interfaces - either several NICs, or one NIC with both IPv4 and IPv6 setup. Yet it may be virtual network interface (when PPP or VPN is used).
There are two options of interpretation:
1. All network interfaces on current host
2. Network interface returned by InetAddress.getLocalHost()
Let's note that java.net.DatagramSocket allows to bind socket to any local interface. At the same time SecurityManager.checkListen() method invoked to check permission to listen uses just parameter port of type int. It may implicitly mean that "localhost" means all network interfaces (at least for "listen" action).
However in other parts of API spec meaning of term "local host" is different. For instance, in specification of java.net.InetAddress.getLocalHost() method "local host" means single interface assuming that one of several present ones is selected.
So precise meaning of specifying permission for "localhost" is non-clear.
introduce notion of "localhost" which can be passed to SocketPermission constructor as name of affected host.
However it is not clear what this term means in case of host with several network interfaces - either several NICs, or one NIC with both IPv4 and IPv6 setup. Yet it may be virtual network interface (when PPP or VPN is used).
There are two options of interpretation:
1. All network interfaces on current host
2. Network interface returned by InetAddress.getLocalHost()
Let's note that java.net.DatagramSocket allows to bind socket to any local interface. At the same time SecurityManager.checkListen() method invoked to check permission to listen uses just parameter port of type int. It may implicitly mean that "localhost" means all network interfaces (at least for "listen" action).
However in other parts of API spec meaning of term "local host" is different. For instance, in specification of java.net.InetAddress.getLocalHost() method "local host" means single interface assuming that one of several present ones is selected.
So precise meaning of specifying permission for "localhost" is non-clear.
- relates to
-
JDK-6532906 specification for getLocalHost() is too brief
-
- Closed
-
-
JDK-6535353 No exceptions specified for SocketPermission constructor
-
- Closed
-