java.awt
public final class AWTPermission extends BasicPermission
The following table provides a list of all the possible AWTPermission
permission names with a description of what that permission allows.
| Permission Name | Permission Allows | Risks |
|---|---|---|
accessClipboard |
posting and reading the AWT clipboard | the clipboard may contain sensitive data |
accessEventQueue |
access to the AWT event queue | malicious code could remove real events and replace them with bogus ones, including simulating the user granting permission |
listenToAllAWTEvents |
listen to system-wide AWT events | malicious code can read passwords entered in an AWT event, and in combination with accessEventQueue, could fake system events |
showWindowWithoutWarningBanner |
display a window without a banner notification of insecurity | malicious code could install a Trojan horse applet that looks like a normal window, and thus steal data like passwords |
readDisplayPixels |
read back pixels from the display screen | malicious code could snoop on the user's actions |
createRobot |
create an instance of java.awt.Robot | these objects can generate events as though they were the user; so malicious code could control the system |
fullScreenExclusive |
enter full-screen exclusive mode | malicious code could masquerade as a trusted program |
Since: 1.2
UNKNOWN: updated to 1.4
| Constructor Summary | |
|---|---|
| AWTPermission(String name)
Construct a AWTPermission with the given name.
| |
| AWTPermission(String name, String actions)
Create a new permission with the specified name. | |
Parameters: name the permission name
Throws: NullPointerException if name is null IllegalArgumentException if name is invalid
Parameters: name the permission name actions ignored
Throws: NullPointerException if name is null IllegalArgumentException if name is invalid