49 * 50 * <table class="striped"> 51 * <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption> 52 * <thead> 53 * <tr> 54 * <th scope="col">Permission Target Name</th> 55 * <th scope="col">What the Permission Allows</th> 56 * <th scope="col">Risks of Allowing this Permission</th> 57 * </tr> 58 * </thead> 59 * <tbody> 60 * <tr> 61 * <th scope="row">allowHttpTrace</th> 62 * <td>The ability to use the HTTP TRACE method in HttpURLConnection.</td> 63 * <td>Malicious code using HTTP TRACE could get access to security sensitive 64 * information in the HTTP headers (such as cookies) that it might not 65 * otherwise have access to.</td> 66 * </tr> 67 * 68 * <tr> 69 * <th scope="row">getCookieHandler</th> 70 * <td>The ability to get the cookie handler that processes highly 71 * security sensitive cookie information for an Http session.</td> 72 * <td>Malicious code can get a cookie handler to obtain access to 73 * highly security sensitive cookie information. Some web servers 74 * use cookies to save user private information such as access 75 * control information, or to track user browsing habit.</td> 76 * </tr> 77 * 78 * <tr> 79 * <th scope="row">getNetworkInformation</th> 80 * <td>The ability to retrieve all information about local network interfaces.</td> 81 * <td>Malicious code can read information about network hardware such as 82 * MAC addresses, which could be used to construct local IPv6 addresses.</td> 83 * </tr> 84 * 85 * <tr> 86 * <th scope="row">getProxySelector</th> 87 * <td>The ability to get the proxy selector used to make decisions 88 * on which proxies to use when making network connections.</td> | 49 * 50 * <table class="striped"> 51 * <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption> 52 * <thead> 53 * <tr> 54 * <th scope="col">Permission Target Name</th> 55 * <th scope="col">What the Permission Allows</th> 56 * <th scope="col">Risks of Allowing this Permission</th> 57 * </tr> 58 * </thead> 59 * <tbody> 60 * <tr> 61 * <th scope="row">allowHttpTrace</th> 62 * <td>The ability to use the HTTP TRACE method in HttpURLConnection.</td> 63 * <td>Malicious code using HTTP TRACE could get access to security sensitive 64 * information in the HTTP headers (such as cookies) that it might not 65 * otherwise have access to.</td> 66 * </tr> 67 * 68 * <tr> 69 * <th scope="row">accessUnixDomainSocket</th> 70 * <td>The ability to accept, bind, connect or get the local address 71 * of a <i>Unix Domain</i> socket. 72 * </td> 73 * <td>Malicious code could connect to local processes using Unix domain sockets 74 * or impersonate local processes, by binding to the same pathnames (assuming they 75 * have the required Operating System permissions.</td> 76 * </tr> 77 * 78 * <tr> 79 * <th scope="row">getCookieHandler</th> 80 * <td>The ability to get the cookie handler that processes highly 81 * security sensitive cookie information for an Http session.</td> 82 * <td>Malicious code can get a cookie handler to obtain access to 83 * highly security sensitive cookie information. Some web servers 84 * use cookies to save user private information such as access 85 * control information, or to track user browsing habit.</td> 86 * </tr> 87 * 88 * <tr> 89 * <th scope="row">getNetworkInformation</th> 90 * <td>The ability to retrieve all information about local network interfaces.</td> 91 * <td>Malicious code can read information about network hardware such as 92 * MAC addresses, which could be used to construct local IPv6 addresses.</td> 93 * </tr> 94 * 95 * <tr> 96 * <th scope="row">getProxySelector</th> 97 * <td>The ability to get the proxy selector used to make decisions 98 * on which proxies to use when making network connections.</td> |