A Java technology runtime environment runs code compiled for a JVM and performs three main tasks: Loads code – Performed by the class loader Verifies code – Performed by the bytecode verifier Executes code – Performed by the runtime interpreter

loads code 那个过程不是很明白，

Class Loader The class loader loads all classes needed for the execution of a program. The class loader adds security by separating the namespaces for the classes of the local file system from those imported from network sources. This limits any Trojan horse applications because local classes are always loaded first. 3 Classes that are imported from across the network are loaded into a private namespace associated with the origin. When a class from the private namespace accesses another class, the built-in (local system) classes are checked first, then those in the namespace of the referencing class. This prevents a class from spoofing (creating a hoax of) a built-in class. Once all of the classes have been loaded, the memory layout of the executable file is determined. At this point specific memory addresses are assigned to symbolic references and the lookup table is created. Because memory layout occurs at runtime, the Java technology interpreter adds protection against unauthorized access into the restricted areas of code.

英文不是很好，这里看的不大明白，谁能够给解释一下啊！特别是如何限制木马那里。

[此贴子已经被作者于2004-08-19 22:57:35编辑过]

帮你翻译全文如下：

Java技术的运行环境运行为JVM编译的代码并执行下面三项主要任务： 装载代码 验证代码 执行代码

类装载器装载程序运行需要的所有的类。类装载器通过命名空间（包）把本地类和从网络导入的类分开装载来增加安全性，这样可以限制木马程序，因为本地类总是先装载。从网络导入的类被装载到和原来的命名空间相关的私有命名空间里，当私有命名空间里的类要访问其他的类时，内建（本地）类先被检查，接着才是那些在命名空间里的引用类，这防止了一个类通过本地类来进行欺骗（欺骗系统的信任，达到破坏目的）

当所有的类都被装在完毕后，可执行文件的内存分配被确定了。在这时专门的内存地址被分配到引用符号，同时查找表创建了，因为内存分配是在运行时进行的，Java解释器增加了保护来防止对于代码限制区域的未授权访问

谢谢～～～～