Why is java safe compared to other programming languages?
Java vendors and communities say that "Java is more secure than other languages." But I want to know what?
If we look at Java and Net, they look similar
. Net programming steps Click to know more
>Write Net program. > Compile the code into MSIL (compile the source code into Microsoft Intermediate Language (MSIL) and generate the required metadata). > Compile MSIL into local code (at execution time, the just in time (JIT) compiler converts MSIL into local code. During compilation, the code must check the verification process of MSIL and metadata to ensure that the code can be determined as safe) Run code (the common language runtime provides an executable infrastructure and services that can be used during execution)
Steps involved in Java programming Click to know more
>Write a java program > compile a java program (the java compiler converts the Java source code into a. Class file, which is a bytecode) > load the program into memory through the JVM (the JVM loads the. Class file into memory for bytecode verification and converts the. Clsss file in machine language) > execution of the Java program (no matter what actions we write in Java programs, the JVM executes them by interpreting bytecode. If we talk about old JVMs, they execute and interpret bytecode one at a time. Modern JVMs use JIT compilation units, and we even call instant compilation)
If we look at the steps of the two languages are almost the same, then "why is java more secure than other languages?"
Solution
Java has a secure language for many reasons. It is safer than some languages, but I think it is safer than others
Java has various security functions:
>Automatic reference checking, array boundary checking, conversion verification, etc. to prevent type errors in the program Compare it with C or C, where these same errors (with a few exceptions) lead to undefined behavior. > Verify bytecode before execution This prevents the program from jumping to undefined instructions, attempting to perform operations on non-existent objects, or making type errors at the instruction level Compare this with C or assembly, where can the program jump to bad instructions, or try to read non-existent parameters to function (think va_args, etc.) > runtime security check when loading new code Using securitymanager and classloader enables the Java runtime to easily execute arbitrary code on the computer by calling access to system resources and preventing programs from loading or generating arbitrary code at runtime Compare it with C or C, read and write arbitrary values, issue arbitrary system calls, generate and execute arbitrary code, etc. > Some functions of Library level security For example, string is immutable and final, so the function receiving string can verify the string without worrying about another thread changing its value
This is not a complete list of Java security features, but it should let you know design considerations that do not exist in some other languages in Java
I hope this can help!