[ Pobierz całość w formacie PDF ]
.It is still addressed atonly the first location, however.Execution EnvironmentThe execution environment provides information about the current state of the Java stack inreference to the current method.Information stored in the execution environment includes thefollowing:Previous method invokedPointer to the local variablesPointers to the top and bottom of the operand stackThe execution environment is the control center for an executing method and makes sure thatthe interpreter or recompiler can find the necessary information that pertains to the currentmethod.If the interpreter was asked to execute an iadd, for example, it would need to knowJava Security 723where to find the two numbers required to do the arithmetic.First, it would look to the frameregister to find the current execution environment.Next, it would look to the executionenvironment to find the pointer to the top of the operand stack where it would remove thetwo required numbers, add them, and then place them back onto the stack.Operand StackThe operand stack is a FIFO, or first in, first out, 32-bit- wide stack that holds the argumentsnecessary for the opcodes in the JVM instruction set.The operand stack is used both forgathering the operands necessary for completion and for the storage of the results.In Javaparlance,  the stack is generally a reference to this area in the Java stack.The Java stack is the primary area for storage of current status information for the execution ofthe Java bytecode.It is equivalent to the stack frame in standard programming languages.Itprovides method implementations of the local variables, the execution environment, and theoperand stack.In addition to the instruction set, registers, and Java stack, there are two remaining elements tothe JVM specifications: the garbage collected heap and memory areas.The Garbage Collected HeapThe garabage collected heap is the store of memory from which class instances are allocated.Itis the job of the interpreter to provide handles for the memory needed by a class for execution.After this memory has been allocated to a specific class instance, it is the job of the interpreterto keep track of this memory usage, and, when the object is finished with it, return it to theheap.The Java specification does not enable a programmer to control the memory allocation ordeallocation of objects, except in the new statement.The reason the designers chose toimplement Java in this manner is for portability and security reasons that were mentionedbefore.Because of this, the job of memory deallocation and garbage collection is the responsi-bility of the runtime environment.The implementor must decide how this garbage collectionis carried out.In Sun s Java and HotJava environments, the garbage collection is run as abackground thread.This provides the best possible performance environment, while stillfreeing the programmer from the dangers of explicit memory usage.The Memory AreaThe JVM has two other important memory areas:The method area.The region in memory where the bytecode for the Java methods isstored.The constant pool area.A memory area where the class name, method and fieldnames, and string constants are stored.724 Part IV: Modern ConcernsThere are no limitations as to where any of these memory areas must actually exist for twomain reasons.First, for a portable system, making demands on the memory layout createsdifficulties on porting to systems that could not handle the specific layout chosen.Second, ifthere is a specific memory layout, it is easier for someone attempting to break a system to do soby knowing where their code might be in relation to the rest of memory.Thus, memory layoutis not only left until runtime, but is specific to any implementation.Setting Up Java Security FeaturesAll of Java s security features so far have focused on the inherent security and stability of theJava environments themselves.These are essentially passive techniques that Java manages forthe user.Java also provides the means to set security levels such as firewalls and network accesson the client side.These techniques can be seen in the Appletviewer that accompanies the BetaJDK.Netscape has decided to implement a much more rigorous security level with its Javaimplementation, and limits all access that a Java applet can have.In the end, the only choiceis whether to run the applets at all.The Java environment is currently in its Beta stage ofdevelopment, but by the time you read this it may well be in its final release.Although it is notthe purpose of this chapter to show how to set up the entire JDK release, it is necessary toreview the options with several of the tools such as Appletviewer and Netscape 2.0, whichcould expose your system to an attack.Using the AppletviewerThe Appletviewer provides a Java runtime environment within which Java applets can betested.The Appletviewer takes HTML files that refer to the applets themselves and runs themin a window.Figure 12.3 shows an applet molecule viewer that takes XYZ format moleculedata and presents a three-dimensional model of the molecule.Figure 12.3The molecule viewerapplet [ Pobierz całość w formacie PDF ]