Java中的字符串并不是真正不可变的，您可以使用反射和或类加载来更改它们的值。你不应该依赖这个属性来保证安全。 有关示例请参见:Java中的魔术

不变性很好。参见有效的Java。如果每次传递String时都必须复制它，那么这将是大量容易出错的代码。您还会混淆哪些修改会影响哪些引用。同样地，Integer必须是不可变的才能像int一样，string必须是不可变的才能像原语一样。在c++中，按值传递字符串是这样做的，源代码中没有明确提到。

哇!我不敢相信这里的错误信息。不可变的字符串与安全性无关。如果某人已经可以访问正在运行的应用程序中的对象(如果你试图防止某人在你的应用程序中“入侵”字符串，就必须假设这一点)，那么他们肯定有很多其他可用的黑客机会。

String的不可变性解决了线程问题，这是一个相当新颖的想法。嗯…我有一个被两个不同线程改变的对象。我如何解决这个问题?同步对对象的访问?Naawww……让我们不要让任何人改变对象——这将解决我们所有混乱的并发问题!事实上，让我们让所有对象都是不可变的，然后我们就可以从Java语言中删除synchronized结构。

The real reason (pointed out by others above) is memory optimization. It is quite common in any application for the same string literal to be used repeatedly. It is so common, in fact, that decades ago, many compilers made the optimization of storing only a single instance of a String literal. The drawback of this optimization is that runtime code that modifies a String literal introduces a problem because it is modifying the instance for all other code that shares it. For example, it would be not good for a function somewhere in an application to change the String literal "dog" to "cat". A printf("dog") would result in "cat" being written to stdout. For that reason, there needed to be a way of guarding against code that attempts to change String literals (i. e., make them immutable). Some compilers (with support from the OS) would accomplish this by placing String literal into a special readonly memory segment that would cause a memory fault if a write attempt was made.

在Java中，这被称为实习。这里的Java编译器只是遵循了编译器几十年来所做的标准内存优化。为了解决这些String字面值在运行时被修改的相同问题，Java简单地使String类不可变(即，不提供允许您更改String内容的setter)。如果字符串字面量没有发生转换，字符串就不必是不可变的。

这主要是出于安全考虑。如果您不能相信您的字符串是防篡改的，那么保护系统就困难得多。

至少有两个原因。

第一-安全http://www.javafaq.nu/java-article1060.html

The main reason why String made immutable was security. Look at this example: We have a file open method with login check. We pass a String to this method to process authentication which is necessary before the call will be passed to OS. If String was mutable it was possible somehow to modify its content after the authentication check before OS gets request from program then it is possible to request any file. So if you have a right to open text file in user directory but then on the fly when somehow you manage to change the file name you can request to open "passwd" file or any other. Then a file can be modified and it will be possible to login directly to OS.

第二-内存效率http://hikrish.blogspot.com/2006/07/why-string-class-is-immutable.html

JVM internally maintains the "String Pool". To achive the memory efficiency, JVM will refer the String object from pool. It will not create the new String objects. So, whenever you create a new string literal, JVM will check in the pool whether it already exists or not. If already present in the pool, just give the reference to the same object or create the new object in the pool. There will be many references point to the same String objects, if someone changes the value, it will affect all the references. So, sun decided to make it immutable.

这是一种权衡。字符串进入String池，当您创建多个相同的字符串时，它们共享相同的内存。设计人员认为这种节省内存的技术在一般情况下会很好地工作，因为程序倾向于反复处理相同的字符串。

缺点是连接产生了许多额外的字符串，这些字符串只是过渡性的，只是垃圾，实际上会损害内存性能。在这些情况下，可以使用StringBuffer和StringBuilder(在Java中，。net中也有StringBuilder)来保存内存。