Introduction to WebVM

最新推荐文章于 2024-08-23 10:37:46 发布

jznsmail

最新推荐文章于 2024-08-23 10:37:46 发布

阅读量1.8k

点赞数

分类专栏： Browser&amp;WebOS 文章标签： security browser java application internet website

本文链接：https://blog.csdn.net/jznsmail/article/details/4332569

版权

Browser&WebOS 专栏收录该内容

6 篇文章 0 订阅

订阅专栏

This article firstly post to my QQ Zone. You can visit http://user.qzone.qq.com/457283 to get more blog.

E-mail: linuxemacs <at> gmail dot com

What is WebVM

WebVM is a cross platform browser plugin(similar to Google Gear) that provides device API with security framework aimed at enabling new services on mobile devices. WebVM device APIs can be implemented by Java or native C/C++ modules.

How does WebVM work

WebVM is a portable browser plugin, deployed as an extra component to the browser. WebVM must be embedded at manufacture to provide a functional Web experience to rival that of native applications. WebVM abstract away differences between NAPI(WebKit) & ActiveX(Internet Explorer) browser interfaces.
WebVM is able to securely provide devices implemented in either Java or native C/C++ modules as a Javascript scriptable object for Web developers. WebVM incorporates a security framework supporting policies base on open standards.

The below diagram is the framework of WebVM. The WebVM is a proxy layer between Browser and Native.

WebVM Configuration

home:

Home directory/namespace of WebVM
store.temp:

Temporary directory/storage
store.persistent:

Persistent storage
store.security:

Security policy storage
java.vm:

The Java VM provider
java.vm.nOptions:

The number of additional VM options
java.vm.option.x:

Additional VM options. The x is the number of arguments.
java.classfile.version:

Java class file major.minor version
java.class.path:

The default java classpath to execute WebVM modules

WebVM Security Policy File

<policy-set combine="my-marching-target">
        
        <policy combine="my-application" description="Trust Application">
                
                <target>
                        <subject>
                                <subject-match attr="uri.host" match="*.xxx.com"/>
                        </subject>
                </target>
                
                <rule effect="deny">
                        <condition>
                                <resource-match attr="device-cap" match="test.deny"/>
                       </condition>
                </rule>
        </policy>
</policy-set>

Hacking in WebVM Framework

Because the EULA License don't allow user to reverse, decompile and disassemble the binary file. So i ignore this section.

Reference resource

If you are interest in WebVM, you can get more information from WebVM website(http://webvm.net).

~~~ END ~~~