Reputation: 91175
Does Java have a built-in Antivirus? Is it true?
Does Java have a built-in Antivirus?
One of my friends told me there is in the JVM itself - it's called the "sandbox". Is it true?
Upvotes: 15
Views: 2888
Answers (9)
Reputation: 346377
Java does have a security-related concept called "sandbox", but it works very differently from typical anti-virus products. The latter usually try to catch viruses via signatures or code analysis before they are executed.
The Java sandbox on the other hand allows you to run Java code while witholding from it access to system resources that could be used to to bad things, e.g. no access to any files.
However, only Java applets and Java Web Start applications run in a sandbox per default. Regular java applications have full access to your system.
Upvotes: 41
Reputation: 147164
The closest thing in the JRE to literal "anti-virus" is the blacklisting feature for signed jars. If a signed jar is found to cause a security issue, it can be blocked. This has been designed for accidental security flaws rather than blocking deliberately malicious code. Also it is possible to revoke a certificate using a CRL (Certificate Revocation List) or OCSP (Online Certificate Status Protocol) if enabled. Conventional anti-virus is left to specialist anti-virus products, rather than trying to produce a half-baked alternative.
(Today's anti-virus products do more than just check for known viruses.)
Upvotes: 2
Reputation: 91806
No they do not have a built-in antivirus. Did he tell you this on April 1st?
To clear your doubt, sandbox is not an antivirus.
Upvotes: 14
Reputation: 10003
java uses a class called SecurityManager to determine what a program can or cannot do, so in some sense it implements anti-exploit code, but not specifically anti-virus.
http://java.sun.com/j2se/1.4.2/docs/api/java/lang/SecurityManager.html
anti-virus in the usual sense of the word detects viruses in files and removes them. this is not built in to java.
Upvotes: 4
Reputation: 14556
Java has a security model built-in that allows it to execute untrusted code. This model is called "the sandbox model".
It is not a virus-scanner. Instead, it limits the possibilities of untrusted code so that applets on a webpage do not have access to files on your computer's hard drive.
You can read more about Java's Security Architecture.
Upvotes: 7
Reputation: 6776
I heard garbage collection also acts as a handy anti-bacterial, making your applications 99.99% free from germs.
Wash after every use.
Upvotes: 2
Reputation: 24512
No. What it does is running the program in an environment that is (somewhat) separated from the operating system, which should, in most cases, prevent malicious code from doing any damage. Sort of like running VMware - virii and other malware have no influence on the host OS.
Upvotes: 3
Reputation: 134207
Doubtful. Perhaps he was referring to the fact that the JVM (somewhat) sandboxes execution of a Java program, to help prevent it from damaging the host OS.
Upvotes: 19
Related Questions
- Detecting Virus Scanners
- Java Being Blocked By Antivirus Software (Specifically AVG)
- Sandbox against malicious code in a Java application
- Prevent malicious code in sandbox Java
- Scanning for Virus Signatures Using Java
- Anti-Virus Detection on a legitimate program
- Is java that secure?
- Java - Is it possible to programmatically determine if the Windows antivirus solution is up to date?
- Java Antivirus... is it possible? How?
- Antivirus (Symantec Endpoint) configuration for developer machine