Module jdk.jfr
Package jdk.jfr

Class FlightRecorderPermission

All Implemented Interfaces:
Serializable, Guard

public final class FlightRecorderPermission extends BasicPermission
Permission for controlling access to Flight Recorder.

The following table provides a summary of what the permission allows, and the risks of granting code the permission.

Table shows permission target name, what the permission allows, and associated risks
Permission Target Name What the Permission Allows Risks of Allowing this Permission
accessFlightRecorder Ability to create a Flight Recorder instance, register callbacks to monitor the Flight Recorder life cycle, and control an existing instance of Flight Recorder, which can record and dump runtime information, such as stack traces, class names, and data in user defined events. A malicious user may be able to extract sensitive information that is stored in events and interrupt Flight Recorder by installing listeners or hooks that never finish.
registerEvent Ability to register events, write data to the Flight Recorder buffers, and execute code in a callback function for periodic events. A malicious user may be able to write sensitive information to Flight Recorder buffers.

Typically, programmers do not create FlightRecorderPermission objects directly. Instead the objects are created by the security policy code that is based on reading the security policy file.

Since:
9
See Also:
  • Constructor Details

    • FlightRecorderPermission

      public FlightRecorderPermission(String name)
      Constructs a FlightRecorderPermission with the specified name.
      Parameters:
      name - the permission name, must be either "accessFlightRecorder" or "registerEvent", not null
      Throws:
      IllegalArgumentException - if name is empty or not valid