Execution of JNI Code
One of the main objectives of object-oriented programming is the idea of code reuse. One should never have to write the same code twice.[12] When all the code is written in Java it is a trivial matter to incorporate these objects. However, if the existing code is written in another language there is an impasse. This is where the Java Native Interface comes into play. The JNI allows the programmer to run libraries or applications written in another language. This interface creates a seamless integration of the code into your application. Both the Java code and the native code can call each otherŐs methods, utilize the others objects, and the native code can even perform Java specific functions such as throwing exceptions. This integration is a tool designed to allow code reuse and to improve performance of the application through execution of assembly code, or using features of a language that are not available in Java.[22]
This feature of Java is a very powerful tool for a developer to use. However, the security measures built into Java are not always present in the native languages. The security precautions implemented in Java do not extend to the embedded native code. As a result the Security Manager will typically restrict the execution of native code. [16] If your program relies upon native code for successful completion then the user will have to allow the execution of the native code embedded in your program. To ensure that this code is not the source of any security holes it is essential that a properly focused security scanner is used on the native code. A number of such scanners for C and C++ can be found at [24].