49 *
50 * <table class="striped">
51 * <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption>
52 * <thead>
53 * <tr>
54 * <th scope="col">Permission Target Name</th>
55 * <th scope="col">What the Permission Allows</th>
56 * <th scope="col">Risks of Allowing this Permission</th>
57 * </tr>
58 * </thead>
59 * <tbody>
60 * <tr>
61 * <th scope="row">allowHttpTrace</th>
62 * <td>The ability to use the HTTP TRACE method in HttpURLConnection.</td>
63 * <td>Malicious code using HTTP TRACE could get access to security sensitive
64 * information in the HTTP headers (such as cookies) that it might not
65 * otherwise have access to.</td>
66 * </tr>
67 *
68 * <tr>
69 * <th scope="row">getCookieHandler</th>
70 * <td>The ability to get the cookie handler that processes highly
71 * security sensitive cookie information for an Http session.</td>
72 * <td>Malicious code can get a cookie handler to obtain access to
73 * highly security sensitive cookie information. Some web servers
74 * use cookies to save user private information such as access
75 * control information, or to track user browsing habit.</td>
76 * </tr>
77 *
78 * <tr>
79 * <th scope="row">getNetworkInformation</th>
80 * <td>The ability to retrieve all information about local network interfaces.</td>
81 * <td>Malicious code can read information about network hardware such as
82 * MAC addresses, which could be used to construct local IPv6 addresses.</td>
83 * </tr>
84 *
85 * <tr>
86 * <th scope="row">getProxySelector</th>
87 * <td>The ability to get the proxy selector used to make decisions
88 * on which proxies to use when making network connections.</td>
|
49 *
50 * <table class="striped">
51 * <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption>
52 * <thead>
53 * <tr>
54 * <th scope="col">Permission Target Name</th>
55 * <th scope="col">What the Permission Allows</th>
56 * <th scope="col">Risks of Allowing this Permission</th>
57 * </tr>
58 * </thead>
59 * <tbody>
60 * <tr>
61 * <th scope="row">allowHttpTrace</th>
62 * <td>The ability to use the HTTP TRACE method in HttpURLConnection.</td>
63 * <td>Malicious code using HTTP TRACE could get access to security sensitive
64 * information in the HTTP headers (such as cookies) that it might not
65 * otherwise have access to.</td>
66 * </tr>
67 *
68 * <tr>
69 * <th scope="row">accessUnixDomainSocket</th>
70 * <td>The ability to accept, bind, connect or get the local address
71 * of a <i>Unix Domain</i> socket.
72 * </td>
73 * <td>Malicious code could connect to local processes using Unix domain sockets
74 * or impersonate local processes, by binding to the same pathnames (assuming they
75 * have the required Operating System permissions.</td>
76 * </tr>
77 *
78 * <tr>
79 * <th scope="row">getCookieHandler</th>
80 * <td>The ability to get the cookie handler that processes highly
81 * security sensitive cookie information for an Http session.</td>
82 * <td>Malicious code can get a cookie handler to obtain access to
83 * highly security sensitive cookie information. Some web servers
84 * use cookies to save user private information such as access
85 * control information, or to track user browsing habit.</td>
86 * </tr>
87 *
88 * <tr>
89 * <th scope="row">getNetworkInformation</th>
90 * <td>The ability to retrieve all information about local network interfaces.</td>
91 * <td>Malicious code can read information about network hardware such as
92 * MAC addresses, which could be used to construct local IPv6 addresses.</td>
93 * </tr>
94 *
95 * <tr>
96 * <th scope="row">getProxySelector</th>
97 * <td>The ability to get the proxy selector used to make decisions
98 * on which proxies to use when making network connections.</td>
|