Sponsored Link •
The class verifier contributes to the JVM's security model by ensuring class files loaded from untrusted sources are safe for the JVM to use. Rather than crashing upon encountering an improperly formed class file, the JVM's class verifier rejects the malformed class file and throws an exception. The class verifier catches problems caused by buggy compilers, malicious crackers, or innocent binary incompatibility.
One of the more important aspects of Java's architecture is the bytecode verifier -- the mechanism that can verify the integrity of a sequence of bytecodes by performing a data-flow analysis on them. As mentioned above, all JVM implementations must verify the integrity of bytecodes in some way, but implementations are not required to use the data-flow analysis approach of the bytecode verifier. Nonetheless, enabling the verification of bytecodes up front by a data-flow analyzer was one of the primary design considerations of the JVM's instruction set. The bytecode verification approach is an attempt to achieve robustness (and security) while keeping to a minimum the trade-off in execution speed.
In next month's article, I'll complete the discussion of the JVM's security model by describing the security manager.
About the author
Bill Venners has been writing software professionally for 12 years. Based in Silicon Valley, he provides software consulting and training services under the name Artima Software Company. Over the years he has developed software for the consumer electronics, education, semiconductor, and life insurance industries. He has programmed in many languages on many platforms: assembly language on various microprocessors, C on Unix, C++ on Windows, Java on the Web. He is author of the book: Inside the Java Virtual Machine, published by McGraw-Hill. Reach Bill at firstname.lastname@example.org.
This article was first published under the name Security and the Class Verifier in JavaWorld, a division of Web Publishing, Inc., September 1997.