系统域定义为具有所有权限,所以不需要检查是否“隐含”了所需要的权限(它总是隐含的)。
The system domain has all permissions by definition, so there is no need to check if the requested permission is so "implied" (it will always be).
如果一些应用程序需要对JNDI具有写访问权限,则您必须授予它们需要的权限。
If some applications need write access to JNDI, you'll have to grant them the needed permissions.
这些门可以确保您的模块对它所需要的数据具有访问权限,而对它不需要的数据则没有访问权限。
The gates are to ensure that your module has access to the data it requires, and does not have access to data it does not require.
应用推荐