Skip to content

R
riscv-gcc-1
Commit c2bea6b0 by Mark Wielaard Committed by Mark Wielaard
Options

SecurityManager.java: Remerge comments, indenting and checkXXX methods with Classpath. 

       * java/lang/SecurityManager.java: Remerge comments, indenting and
       checkXXX methods with Classpath.

From-SVN: r59685
parent 5bb7e2ac
Showing with 956 additions and 688 deletions
libjava/ChangeLog
2002-12-01 Mark Wielaard <mark@klomp.org>
* java/lang/SecurityManager.java: Remerge comments, indenting and
checkXXX methods with Classpath.
2002-11-29 Scott Gilbertson <scottg@mantatest.com> 2002-11-29 Scott Gilbertson <scottg@mantatest.com>
* java/awt/image/ColorModel.java (getUnnormalizedComponents, * java/awt/image/ColorModel.java (getUnnormalizedComponents,
......
libjava/java/lang/SecurityManager.java
/* java.lang.SecurityManager /* SecurityManager.java -- security checks for privileged actions
Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc. Copyright (C) 1998, 1999, 2001, 2002 Free Software Foundation, Inc.
This file is part of GNU Classpath. This file is part of GNU Classpath.
...@@ -7,7 +7,7 @@ GNU Classpath is free software; you can redistribute it and/or modify ...@@ -7,7 +7,7 @@ GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option) the Free Software Foundation; either version 2, or (at your option)
any later version. any later version.
GNU Classpath is distributed in the hope that it will be useful, but GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
...@@ -38,736 +38,999 @@ exception statement from your version. */ ...@@ -38,736 +38,999 @@ exception statement from your version. */
package java.lang; package java.lang;
import java.net.*; import java.awt.AWTPermission;
import java.util.*; import java.io.File;
import java.io.*; import java.io.FileDescriptor;
import java.io.FilePermission;
import java.lang.reflect.Member;
import java.net.InetAddress;
import java.net.SocketPermission;
import java.security.AllPermission;
import java.security.Permission;
import java.security.Security;
import java.security.SecurityPermission;
import java.util.PropertyPermission;
/** /**
** SecurityManager is a class you can extend to create * SecurityManager is a class you can extend to create your own Java
** your own Java security policy. By default, there is * security policy. By default, there is no SecurityManager installed in
** no SecurityManager installed in 1.1, which means that * 1.1, which means that all things are permitted to all people. The security
** all things are permitted to all people.<P> * manager, if set, is consulted before doing anything with potentially
** * dangerous results, and throws a <code>SecurityException</code> if the
** The default methods in this class deny all * action is forbidden.
** things to all people. *
** * <p>A typical check is as follows, just before the dangerous operation:<br>
** @author John Keiser * <pre>
** @version 1.1.0, 31 May 1998 * SecurityManager sm = System.getSecurityManager();
** @since JDK1.0 * if (sm != null)
**/ * sm.checkABC(<em>argument</em>, ...);
public class SecurityManager { * </pre>
/** Tells whether or not the SecurityManager is currently * Note that this is thread-safe, by caching the security manager in a local
** performing a security check. * variable rather than risking a NullPointerException if the mangager is
**/ * changed between the check for null and before the permission check.
protected boolean inCheck; *
* <p>The special method <code>checkPermission</code> is a catchall, and
/** Tells whether or not the SecurityManager is currently * the default implementation calls
** performing a security check. * <code>AccessController.checkPermission</code>. In fact, all the other
** * methods default to calling checkPermission.
** @return whether or not the SecurityManager is *
** currently performing a security check. * <p>Sometimes, the security check needs to happen from a different context,
**/ * such as when called from a worker thread. In such cases, use
public boolean getInCheck() { * <code>getSecurityContext</code> to take a snapshot that can be passed
return inCheck; * to the worker thread:<br>
} * <pre>
* Object context = null;
* SecurityManager sm = System.getSecurityManager();
* if (sm != null)
* context = sm.getSecurityContext(); // defaults to an AccessControlContext
* // now, in worker thread
* if (sm != null)
* sm.checkPermission(permission, context);
* <pre>
*
* <p>Permissions fall into these categories: File, Socket, Net, Security,
* Runtime, Property, AWT, Reflect, and Serializable. Each of these
* permissions have a property naming convention, that follows a hierarchical
* naming convention, to make it easy to grant or deny several permissions
* at once. Some permissions also take a list of permitted actions, such
* as "read" or "write", to fine-tune control even more. The permission
* <code>java.security.AllPermission</code> grants all permissions.
*
* <p>The default methods in this class deny all things to all people. You
* must explicitly grant permission for anything you want to be legal when
* subclassing this class.
*
* @author John Keiser
* @author Eric Blake <ebb9@email.byu.edu>
* @see ClassLoader
* @see SecurityException
* @see #checkTopLevelWindow(Object)
* @see System#getSecurityManager()
* @see System#setSecurityManager(SecurityManager)
* @see AccessController
* @see AccessControlContext
* @see AccessControlException
* @see Permission
* @see BasicPermission
* @see java.io.FilePermission
* @see java.net.SocketPermission
* @see java.util.PropertyPermission
* @see RuntimePermission
* @see java.awt.AWTPermission
* @see Policy
* @see SecurityPermission
* @see ProtectionDomain
* @since 1.0
* @status still missing 1.4 functionality
*/
public class SecurityManager
{
/**
* Tells whether or not the SecurityManager is currently performing a
* security check.
* @deprecated Use {@link #checkPermission(Permission)} instead.
*/
protected boolean inCheck;
/** Get a list of all the classes currently executing /**
** methods on the Java stack. getClassContext()[0] is * Construct a new security manager. There may be a security check, of
** the currently executing method * <code>RuntimePermission("createSecurityManager")</code>.
** <STRONG>Spec Note:</STRONG> does not say whether *
** the stack will include the getClassContext() call or * @throws SecurityException if permission is denied
** the one just before it. */
** public SecurityManager()
** @return an array containing all the methods on classes {
** on the Java execution stack. SecurityManager sm = System.getSecurityManager();
**/ if (sm != null)
protected Class[] getClassContext() { sm.checkPermission(new RuntimePermission("createSecurityManager"));
return VMSecurityManager.getClassContext(); }
}
/** Find the ClassLoader for the most recent class on the /**
** stack that was loaded by an explicit ClassLoader. If * Tells whether or not the SecurityManager is currently performing a
** everything on the stack was loaded by the system * security check.
** classloader, null is returned. *
** * @return true if the SecurityManager is in a security check
** @return the most recent ClassLoader on the execution * @see #inCheck
** stack. * @deprecated use {@link #checkPermission(Permission)} instead
**/ */
protected ClassLoader currentClassLoader() { public boolean getInCheck()
return VMSecurityManager.currentClassLoader(); {
} return inCheck;
}
/** Find the most recent class on the stack that was /**
** loaded by an explicit ClassLoader. If everything on * Get a list of all the classes currently executing methods on the Java
** the stack was loaded by the system classloader, null * stack. getClassContext()[0] is the currently executing method (ie. the
** is returned. * class that CALLED getClassContext, not SecurityManager).
** *
** @return the most recent loaded Class on the execution * @return an array of classes on the Java execution stack
** stack. */
**/ protected Class[] getClassContext()
protected Class currentLoadedClass() { {
Class[] c = getClassContext(); return VMSecurityManager.getClassContext();
for(int i=0;i<c.length;i++) { }
if(c[i].getClassLoader() != null) {
return c[i];
}
}
return null;
}
/** Get the depth on the execution stack of the most /**
** recent class that was loaded by an explicit * Find the ClassLoader of the first non-system class on the execution
** ClassLoader. This can be used as an index into * stack. A non-system class is one whose ClassLoader is not equal to
** getClassContext(). * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This
** * will return null in three cases:<br><nl>
** @return the index of the most recent loaded Class on * <li>All methods on the stack are from system classes</li>
** the execution stack. * <li>All methods on the stack up to the first "privileged" caller, as
**/ * created by {@link AccessController.doPrivileged(PrivilegedAction)},
protected int classLoaderDepth() { * are from system classes</li>
Class[] c = getClassContext(); * <li>A check of <code>java.security.AllPermission</code> succeeds.</li>
for(int i=0;i<c.length;i++) { * </nl>
if(c[i].getClassLoader() != null) { *
return i; * @return the most recent non-system ClassLoader on the execution stack
} * @deprecated use {@link #checkPermission(Permission)} instead
} */
return -1; protected ClassLoader currentClassLoader()
} {
return VMSecurityManager.currentClassLoader();
}
/** Tell whether there is a class loaded with an explicit /**
** ClassLoader on the stack. * Find the first non-system class on the execution stack. A non-system
** * class is one whose ClassLoader is not equal to
** @return whether there is a class loaded with an * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This
** explicit ClassLoader on the stack. * will return null in three cases:<br><nl>
**/ * <li>All methods on the stack are from system classes</li>
protected boolean inClassLoader() { * <li>All methods on the stack up to the first "privileged" caller, as
return classLoaderDepth() != -1; * created by {@link AccessController.doPrivileged(PrivilegedAction)},
} * are from system classes</li>
* <li>A check of <code>java.security.AllPermission</code> succeeds.</li>
* </nl>
*
* @return the most recent non-system Class on the execution stack
* @deprecated use {@link #checkPermission(Permission)} instead
*/
protected Class currentLoadedClass()
{
Class[] c = getClassContext();
for (int i = 0; i < c.length; i++)
if (c[i].getClassLoader() != null)
return c[i];
return null;
}
/**
* Get the depth of a particular class on the execution stack.
*
* @param className the fully-qualified name to search for
* @return the index of the class on the stack, or -1
* @deprecated use {@link #checkPermission(Permission)} instead
*/
protected int classDepth(String className)
{
Class[] c = getClassContext();
for (int i = 0; i < c.length; i++)
if (className.equals(c[i].getName()))
return i;
return -1;
}
/** Get the depth of a particular class on the execution /**
** stack. * Get the depth on the execution stack of the most recent non-system class.
** * A non-system class is one whose ClassLoader is not equal to
** @param className the fully-qualified name of the class * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This
** to search for on the stack. * will return -1 in three cases:<br><nl>
** @return the index of the class on the stack, or -1 if * <li>All methods on the stack are from system classes</li>
** the class is not on the stack. * <li>All methods on the stack up to the first "privileged" caller, as
**/ * created by {@link AccessController.doPrivileged(PrivilegedAction)},
protected int classDepth(String className) { * are from system classes</li>
Class[] c = getClassContext(); * <li>A check of <code>java.security.AllPermission</code> succeeds.</li>
for(int i=0;i<c.length;i++) { * </nl>
if(className.equals(c[i].getName())) { *
return i; * @return the index of the most recent non-system Class on the stack
} * @deprecated use {@link #checkPermission(Permission)} instead
} */
return -1; protected int classLoaderDepth()
} {
Class[] c = getClassContext();
for (int i = 0; i < c.length; i++)
if (c[i].getClassLoader() != null)
return i;
return -1;
}
/** Tell whether the specified class is on the execution /**
** stack. * Tell whether the specified class is on the execution stack.
** *
** @param className the fully-qualified name of the class * @param className the fully-qualified name of the class to find
** to search for on the stack. * @return whether the specified class is on the execution stack
** @return whether the specified class is on the * @deprecated use {@link #checkPermission(Permission)} instead
** execution stack. */
**/ protected boolean inClass(String className)
protected boolean inClass(String className) { {
return classDepth(className) != -1; return classDepth(className) != -1;
} }
/** Get an implementation-dependent Object that contains /**
** enough information about the current environment to be * Tell whether there is a class loaded with an explicit ClassLoader on
** able to perform standard security checks later. This * the stack.
** is used by trusted methods that need to verify that *
** their callers have sufficient access to perform * @return whether a class with an explicit ClassLoader is on the stack
** certain operations.<P> * @deprecated use {@link #checkPermission(Permission)} instead
** */
** Currently the only methods that use this are checkRead() protected boolean inClassLoader()
** and checkConnect(). {
** return classLoaderDepth() != -1;
** @see checkConnect(java.lang.String,int,java.lang.Object) }
** @see checkRead(java.lang.String,java.lang.Object)
**/
public Object getSecurityContext() {
return new SecurityContext(getClassContext());
}
/** Check if the current thread is allowed to create a /**
** ClassLoader.<P> * Get an implementation-dependent Object that contains enough information
** * about the current environment to be able to perform standard security
** This method is called from ClassLoader.ClassLoader(), * checks later. This is used by trusted methods that need to verify that
** in other words, whenever a ClassLoader is created.<P> * their callers have sufficient access to perform certain operations.
** *
** SecurityManager's implementation always denies access. * <p>Currently the only methods that use this are checkRead() and
** * checkConnect(). The default implementation returns an
** @exception SecurityException if the operation is not * <code>AccessControlContext</code>.
** permitted. *
** @see java.lang.ClassLoader#ClassLoader() * @return a security context
**/ * @see #checkConnect(String, int, Object)
public void checkCreateClassLoader() { * @see #checkRead(String, Object)
throw new SecurityException("Cannot create new ClassLoaders."); * @see AccessControlContext
} * @see AccessController#getContext()
*/
public Object getSecurityContext()
{
// XXX Should be: return AccessController.getContext();
return new SecurityContext(getClassContext());
}
/** Check if the current thread is allowed to modify this /**
** other Thread.<P> * Check if the current thread is allowed to perform an operation that
** * requires the specified <code>Permission</code>. This defaults to
** Called by Thread.stop(), suspend(), resume(), and * <code>AccessController.checkPermission</code>.
** interrupt(), destroy(), setPriority(), setName() and *
** setDaemon().<P> * @param perm the <code>Permission</code> required
** * @throws SecurityException if permission is denied
** SecurityManager's implementation always denies access. * @throws NullPointerException if perm is null
** * @since 1.2
** @param g the Thread to check against */
** @exception SecurityException if the operation is not public void checkPermission(Permission perm)
** permitted. {
** @see java.lang.Thread#stop() // XXX Should be: AccessController.checkPermission(perm);
** @see java.lang.Thread#suspend() throw new SecurityException("Operation not allowed");
** @see java.lang.Thread#resume() }
** @see java.lang.Thread#interrupt()
** @see java.lang.Thread#destroy()
** @see java.lang.Thread#setPriority(int)
** @see java.lang.Thread#setName(java.lang.String)
** @see java.lang.Thread#setDaemon(boolean)
**/
public void checkAccess(Thread t) {
throw new SecurityException("Cannot modify Threads.");
}
/** Check if the current thread is allowed to modify this /**
** ThreadGroup.<P> * Check if the current thread is allowed to perform an operation that
** * requires the specified <code>Permission</code>. This is done in a
** Called by Thread.Thread() (to add a thread to the * context previously returned by <code>getSecurityContext()</code>. The
** ThreadGroup), ThreadGroup.ThreadGroup() (to add this * default implementation expects context to be an AccessControlContext,
** ThreadGroup to a parent), ThreadGroup.stop(), * and it calls <code>AccessControlContext.checkPermission(perm)</code>.
** suspend(), resume(), interrupt(), destroy(), *
** setDaemon(), and setMaxPriority().<P> * @param perm the <code>Permission</code> required
** * @param context a security context
** SecurityManager's implementation always denies access. * @throws SecurityException if permission is denied, or if context is
** * not an AccessControlContext
** @param g the ThreadGroup to check against * @throws NullPointerException if perm is null
** @exception SecurityException if the operation is not * @see #getSecurityContext()
** permitted. * @see AccessControlContext#checkPermission(Permission)
** @see java.lang.Thread#Thread() * @since 1.2
** @see java.lang.ThreadGroup#ThreadGroup() */
** @see java.lang.ThreadGroup#stop() public void checkPermission(Permission perm, Object context)
** @see java.lang.ThreadGroup#suspend() {
** @see java.lang.ThreadGroup#resume() // XXX Should be:
** @see java.lang.ThreadGroup#interrupt() // if (! (context instanceof AccessControlContext))
** @see java.lang.ThreadGroup#setDaemon(boolean) // throw new SecurityException("Missing context");
** @see java.lang.ThreadGroup#setMaxPriority(int) // ((AccessControlContext) context).checkPermission(perm);
**/ throw new SecurityException("Operation not allowed");
public void checkAccess(ThreadGroup g) { }
throw new SecurityException("Cannot modify ThreadGroups.");
}
/** Check if the current thread is allowed to exit the /**
** JVM with the given status.<P> * Check if the current thread is allowed to create a ClassLoader. This
** * method is called from ClassLoader.ClassLoader(), and checks
** This method is called from Runtime.exit().<P> * <code>RuntimePermission("createClassLoader")</code>. If you override
** * this, you should call <code>super.checkCreateClassLoader()</code> rather
** SecurityManager's implementation always denies access. * than throwing an exception.
** *
** @param status the status to exit with * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @see ClassLoader#ClassLoader()
** permitted. */
** @see java.lang.Runtime#exit() public void checkCreateClassLoader()
** @see java.lang.Runtime#exit(int) {
**/ checkPermission(new RuntimePermission("createClassLoader"));
public void checkExit(int status) { }
throw new SecurityException("Cannot exit JVM.");
}
/** Check if the current thread is allowed to execute the /**
** given program.<P> * Check if the current thread is allowed to modify another Thread. This is
** * called by Thread.stop(), suspend(), resume(), interrupt(), destroy(),
** This method is called from Runtime.exec().<P> * setPriority(), setName(), and setDaemon(). The default implementation
** * checks <code>RuntimePermission("modifyThread") on system threads (ie.
** SecurityManager's implementation always denies access. * threads in ThreadGroup with a null parent), and returns silently on
** * other threads.
** @param program the name of the program to exec *
** @exception SecurityException if the operation is not * <p>If you override this, you must do two things. First, call
** permitted. * <code>super.checkAccess(t)</code>, to make sure you are not relaxing
** @see java.lang.Runtime#exec(java.lang.String[],java.lang.String[]) * requirements. Second, if the calling thread has
**/ * <code>RuntimePermission("modifyThread")</code>, return silently, so that
public void checkExec(String program) { * core classes (the Classpath library!) can modify any thread.
throw new SecurityException("Cannot execute programs."); *
} * @param t the other Thread to check
* @throws SecurityException if permission is denied
* @throws NullPointerException if t is null
* @see Thread#stop()
* @see Thread#suspend()
* @see Thread#resume()
* @see Thread#setPriority(int)
* @see Thread#setName(String)
* @see Thread#setDaemon(boolean)
*/
public void checkAccess(Thread t)
{
if (t.group != null && t.group.getParent() != null)
checkPermission(new RuntimePermission("modifyThread"));
}
/** Check if the current thread is allowed to link in the /**
** given native library.<P> * Check if the current thread is allowed to modify a ThreadGroup. This is
** * called by Thread.Thread() (to add a thread to the ThreadGroup),
** This method is called from Runtime.load() (and hence, * ThreadGroup.ThreadGroup() (to add this ThreadGroup to a parent),
** by loadLibrary() as well).<P> * ThreadGroup.stop(), suspend(), resume(), interrupt(), destroy(),
** * setDaemon(), and setMaxPriority(). The default implementation
** SecurityManager's implementation always denies access. * checks <code>RuntimePermission("modifyThread") on the system group (ie.
** * the one with a null parent), and returns silently on other groups.
** @param filename the full name of the library to load *
** @exception SecurityException if the operation is not * <p>If you override this, you must do two things. First, call
** permitted. * <code>super.checkAccess(t)</code>, to make sure you are not relaxing
** @see java.lang.Runtime#load(java.lang.String) * requirements. Second, if the calling thread has
**/ * <code>RuntimePermission("modifyThreadGroup")</code>, return silently,
public void checkLink(String filename) { * so that core classes (the Classpath library!) can modify any thread.
throw new SecurityException("Cannot link native libraries."); *
} * @param g the ThreadGroup to check
* @throws SecurityException if permission is denied
* @throws NullPointerException if g is null
* @see Thread#Thread()
* @see ThreadGroup#ThreadGroup()
* @see ThreadGroup#stop()
* @see ThreadGroup#suspend()
* @see ThreadGroup#resume()
* @see ThreadGroup#interrupt()
* @see ThreadGroup#setDaemon(boolean)
* @see ThreadGroup#setMaxPriority(int)
*/
public void checkAccess(ThreadGroup g)
{
if (g.getParent() != null)
checkPermission(new RuntimePermission("modifyThreadGroup"));
}
/** Check if the current thread is allowed to read the /**
** given file using the FileDescriptor.<P> * Check if the current thread is allowed to exit the JVM with the given
** * status. This method is called from Runtime.exit() and Runtime.halt().
** This method is called from * The default implementation checks
** FileInputStream.FileInputStream().<P> * <code>RuntimePermission("exitVM")</code>. If you override this, call
** * <code>super.checkExit</code> rather than throwing an exception.
** SecurityManager's implementation always denies access. *
** * @param status the status to exit with
** @param desc the FileDescriptor representing the file * @throws SecurityException if permission is denied
** to access * @see Runtime#exit(int)
** @exception SecurityException if the operation is not * @see Runtime#halt(int)
** permitted. */
** @see java.io.FileInputStream#FileInputStream(java.io.FileDescriptor) public void checkExit(int status)
**/ {
public void checkRead(FileDescriptor desc) { checkPermission(new RuntimePermission("exitVM"));
throw new SecurityException("Cannot read files via file descriptors."); }
}
/** Check if the current thread is allowed to read the /**
** given file.<P> * Check if the current thread is allowed to execute the given program. This
** * method is called from Runtime.exec(). If the name is an absolute path,
** This method is called from * the default implementation checks
** FileInputStream.FileInputStream(), * <code>FilePermission(program, "execute")</code>, otherwise it checks
** RandomAccessFile.RandomAccessFile(), File.exists(), * <code>FilePermission("&lt;&lt;ALL FILES&gt;&gt;", "execute")</code>. If
** canRead(), isFile(), isDirectory(), lastModified(), * you override this, call <code>super.checkExec</code> rather than
** length() and list().<P> * throwing an exception.
** *
** SecurityManager's implementation always denies access. * @param program the name of the program to exec
** * @throws SecurityException if permission is denied
** @param filename the full name of the file to access * @throws NullPointerException if program is null
** @exception SecurityException if the operation is not * @see Runtime#exec(String[], String[], File)
** permitted. */
** @see java.io.File public void checkExec(String program)
** @see java.io.FileInputStream#FileInputStream(java.lang.String) {
** @see java.io.RandomAccessFile#RandomAccessFile(java.lang.String) if (! program.equals(new File(program).getAbsolutePath()))
**/ program = "<<ALL FILES>>";
public void checkRead(String filename) { checkPermission(new FilePermission(program, "execute"));
throw new SecurityException("Cannot read files via file names."); }
}
/** Check if the current thread is allowed to read the /**
** given file. using the given SecurityContext.<P> * Check if the current thread is allowed to link in the given native
** * library. This method is called from Runtime.load() (and hence, by
** I know of no core class that calls this method.<P> * loadLibrary() as well). The default implementation checks
** * <code>RuntimePermission("loadLibrary." + filename)</code>. If you
** SecurityManager's implementation always denies access. * override this, call <code>super.checkLink</code> rather than throwing
** * an exception.
** @param filename the full name of the file to access *
** @param securityContext the Security Context to * @param filename the full name of the library to load
** determine access for. * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @throws NullPointerException if filename is null
** permitted. * @see Runtime#load(String)
**/ */
public void checkRead(String filename, Object securityContext) { public void checkLink(String filename)
throw new SecurityException("Cannot read files via file names."); {
} // Use the toString() hack to do the null check.
checkPermission(new RuntimePermission("loadLibrary."
+ filename.toString()));
}
/** Check if the current thread is allowed to write to the /**
** given file using the FileDescriptor.<P> * Check if the current thread is allowed to read the given file using the
** * FileDescriptor. This method is called from
** This method is called from * FileInputStream.FileInputStream(). The default implementation checks
** FileOutputStream.FileOutputStream().<P> * <code>RuntimePermission("readFileDescriptor")</code>. If you override
** * this, call <code>super.checkRead</code> rather than throwing an
** SecurityManager's implementation always denies access. * exception.
** *
** @param desc the FileDescriptor representing the file * @param desc the FileDescriptor representing the file to access
** to access * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @throws NullPointerException if desc is null
** permitted. * @see FileInputStream#FileInputStream(FileDescriptor)
** @see java.io.FileOutputStream#FileOutputStream(java.io.FileDescriptor) */
**/ public void checkRead(FileDescriptor desc)
public void checkWrite(FileDescriptor desc) { {
throw new SecurityException("Cannot write files via file descriptors."); if (desc == null)
} throw new NullPointerException();
checkPermission(new RuntimePermission("readFileDescriptor"));
}
/** Check if the current thread is allowed to write to the /**
** given file.<P> * Check if the current thread is allowed to read the given file. This
** * method is called from FileInputStream.FileInputStream(),
** This method is called from * RandomAccessFile.RandomAccessFile(), File.exists(), canRead(), isFile(),
** FileOutputStream.FileOutputStream(), * isDirectory(), lastModified(), length() and list(). The default
** RandomAccessFile.RandomAccessFile(), * implementation checks <code>FilePermission(filename, "read")</code>. If
** File.canWrite(), mkdir(), and renameTo().<P> * you override this, call <code>super.checkRead</code> rather than
** * throwing an exception.
** SecurityManager's implementation always denies access. *
** * @param filename the full name of the file to access
** @param filename the full name of the file to access * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @throws NullPointerException if filename is null
** permitted. * @see File
** @see java.io.File#canWrite() * @see FileInputStream#FileInputStream(String)
** @see java.io.File#mkdir() * @see RandomAccessFile#RandomAccessFile(String)
** @see java.io.File#renameTo() */
** @see java.io.FileOutputStream#FileOutputStream(java.lang.String) public void checkRead(String filename)
** @see java.io.RandomAccessFile#RandomAccessFile(java.lang.String) {
**/ checkPermission(new FilePermission(filename, "read"));
public void checkWrite(String filename) { }
throw new SecurityException("Cannot write files via file names.");
}
/** Check if the current thread is allowed to delete the /**
** given file.<P> * Check if the current thread is allowed to read the given file. using the
** * given security context. The context must be a result of a previous call
** This method is called from File.delete().<P> * to <code>getSecurityContext()</code>. The default implementation checks
** * <code>AccessControlContext.checkPermission(new FilePermission(filename,
** SecurityManager's implementation always denies access. * "read"))</code>. If you override this, call <code>super.checkRead</code>
** * rather than throwing an exception.
** @param filename the full name of the file to delete *
** @exception SecurityException if th operation is not * @param filename the full name of the file to access
** permitted. * @param context the context to determine access for
** @see java.io.File#delete() * @throws SecurityException if permission is denied, or if context is
**/ * not an AccessControlContext
public void checkDelete(String filename) { * @throws NullPointerException if filename is null
throw new SecurityException("Cannot delete files."); * @see #getSecurityContext()
} * @see AccessControlContext#checkPermission(Permission)
*/
public void checkRead(String filename, Object context)
{
// XXX Should be:
// if (! (context instanceof AccessControlContext))
// throw new SecurityException("Missing context");
// AccessControlContext ac = (AccessControlContext) context;
// ac.checkPermission(new FilePermission(filename, "read"));
throw new SecurityException("Cannot read files via file names.");
}
/** Check if the current thread is allowed to connect to a /**
** given host on a given port.<P> * Check if the current thread is allowed to write the given file using the
** * FileDescriptor. This method is called from
** This method is called from Socket.Socket(). * FileOutputStream.FileOutputStream(). The default implementation checks
** * <code>RuntimePermission("writeFileDescriptor")</code>. If you override
** SecurityManager's implementation always denies access. * this, call <code>super.checkWrite</code> rather than throwing an
** * exception.
** @param host the host to connect to *
** @param port the port to connect on * @param desc the FileDescriptor representing the file to access
** @exception SecurityException if the operation is not * @throws SecurityException if permission is denied
** permitted * @throws NullPointerException if desc is null
** @see java.net.Socket#Socket() * @see FileOutputStream#FileOutputStream(FileDescriptor)
**/ */
public void checkConnect(String host, int port) { public void checkWrite(FileDescriptor desc)
throw new SecurityException("Cannot make network connections."); {
} if (desc == null)
throw new NullPointerException();
checkPermission(new RuntimePermission("writeFileDescriptor"));
}
/** Check if the current thread is allowed to connect to a /**
** given host on a given port using a specific security * Check if the current thread is allowed to write the given file. This
** context to determine access.<P> * method is called from FileOutputStream.FileOutputStream(),
** * RandomAccessFile.RandomAccessFile(), File.canWrite(), mkdir(), and
** This method is not called in the 1.1 core classes.<P> * renameTo(). The default implementation checks
** * <code>FilePermission(filename, "write")</code>. If you override this,
** SecurityManager's implementation always denies access. * call <code>super.checkWrite</code> rather than throwing an exception.
** *
** @param host the host to connect to * @param filename the full name of the file to access
** @param port the port to connect on * @throws SecurityException if permission is denied
** @param securityContext the security context to * @throws NullPointerException if filename is null
** determine access with * @see File
** @exception SecurityException if the operation is not * @see File#canWrite()
** permitted * @see File#mkdir()
**/ * @see File#renameTo()
public void checkConnect(String host, int port, Object securityContext) { * @see FileOutputStream#FileOutputStream(String)
throw new SecurityException("Cannot make network connections."); * @see RandomAccessFile#RandomAccessFile(String)
} */
public void checkWrite(String filename)
{
checkPermission(new FilePermission(filename, "write"));
}
/** Check if the current thread is allowed to listen to a /**
** specific port for data.<P> * Check if the current thread is allowed to delete the given file. This
** * method is called from File.delete(). The default implementation checks
** This method is called by ServerSocket.ServerSocket().<P> * <code>FilePermission(filename, "delete")</code>. If you override this,
** * call <code>super.checkDelete</code> rather than throwing an exception.
** SecurityManager's implementation always denies access. *
** * @param filename the full name of the file to delete
** @param port the port to listen on * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @throws NullPointerException if filename is null
** permitted * @see File#delete()
** @see java.net.ServerSocket#ServerSocket(int) */
**/ public void checkDelete(String filename)
public void checkListen(int port) { {
throw new SecurityException("Cannot listen for connections."); checkPermission(new FilePermission(filename, "delete"));
} }
/** Check if the current thread is allowed to accept a /**
** connection from a particular host on a particular * Check if the current thread is allowed to connect to a given host on a
** port.<P> * given port. This method is called from Socket.Socket(). A port number
** * of -1 indicates the caller is attempting to determine an IP address, so
** This method is called by ServerSocket.implAccept().<P> * the default implementation checks
** * <code>SocketPermission(host, "resolve")</code>. Otherwise, the default
** SecurityManager's implementation always denies access. * implementation checks
** * <code>SocketPermission(host + ":" + port, "connect")</code>. If you
** @param host the host which wishes to connect * override this, call <code>super.checkConnect</code> rather than throwing
** @param port the port the connection will be on * an exception.
** @exception SecurityException if the operation is not *
** permitted * @param host the host to connect to
** @see java.net.ServerSocket#accept() * @param port the port to connect on
**/ * @throws SecurityException if permission is denied
public void checkAccept(String host, int port) { * @throws NullPointerException if host is null
throw new SecurityException("Cannot accept connections."); * @see Socket#Socket()
} */
public void checkConnect(String host, int port)
{
if (port == -1)
checkPermission(new SocketPermission(host, "resolve"));
else
// Use the toString() hack to do the null check.
checkPermission(new SocketPermission(host.toString() + ":" + port,
"connect"));
}
/** Check if the current thread is allowed to read and /**
** write multicast to a particular address.<P> * Check if the current thread is allowed to connect to a given host on a
** * given port, using the given security context. The context must be a
** SecurityManager's implementation always denies access. * result of a previous call to <code>getSecurityContext</code>. A port
** * number of -1 indicates the caller is attempting to determine an IP
** @XXX where is it called? * address, so the default implementation checks
** * <code>AccessControlContext.checkPermission(new SocketPermission(host,
** @param addr the address to multicast to. * "resolve"))</code>. Otherwise, the default implementation checks
** @exception SecurityException if the operation is not * <code>AccessControlContext.checkPermission(new SocketPermission(host
** permitted. * + ":" + port, "connect"))</code>. If you override this, call
**/ * <code>super.checkConnect</code> rather than throwing an exception.
public void checkMulticast(InetAddress addr) { *
throw new SecurityException("Cannot read or write multicast."); * @param host the host to connect to
} * @param port the port to connect on
* @param context the context to determine access for
* @throws SecurityException if permission is denied, or if context is
* not an AccessControlContext
* @throws NullPointerException if host is null
* @see #getSecurityContext()
* @see AccessControlContext#checkPermission(Permission)
*/
public void checkConnect(String host, int port, Object securityContext)
{
// XXX Should be:
// if (! (context instanceof AccessControlContext))
// throw new SecurityException("Missing context");
// AccessControlContext ac = (AccessControlContext) context;
// if (port == -1)
// ac.checkPermission(new SocketPermission(host, "resolve"));
// else
// // Use the toString() hack to do the null check.
// ac.checkPermission(new SocketPermission(host.toString + ":" +port,
// "connect"));
throw new SecurityException("Cannot make network connections.");
}
/** Check if the current thread is allowed to read and /**
** write multicast to a particular address with a * Check if the current thread is allowed to listen to a specific port for
** particular ttl value.<P> * data. This method is called by ServerSocket.ServerSocket(). The default
** * implementation checks
** SecurityManager's implementation always denies access.<P> * <code>SocketPermission("localhost:" + (port == 0 ? "1024-" : "" + port),
** * "listen")</code>. If you override this, call
** @XXX where is it called? * <code>super.checkListen</code> rather than throwing an exception.
** *
** @XXX what the hell is ttl? Expand abbreviation. * @param port the port to listen on
** * @throws SecurityException if permission is denied
** @param addr the address to multicast to. * @see ServerSocket#ServerSocket(int)
** @param ttl the ttl value to use */
** @exception SecurityException if the operation is not public void checkListen(int port)
** permitted. {
**/ checkPermission(new SocketPermission("localhost:"
public void checkMulticast(InetAddress addr, byte ttl) { + (port == 0 ? "1024-" : "" +port),
throw new SecurityException("Cannot read or write multicast."); "listen"));
} }
/** /**
** Check if the current thread is allowed to perform an * Check if the current thread is allowed to accept a connection from a
** operation that requires the specified <code>Permission</code>. * particular host on a particular port. This method is called by
** * ServerSocket.implAccept(). The default implementation checks
** @param perm The <code>Permission</code> required. * <code>SocketPermission(host + ":" + port, "accept")</code>. If you
** @exception SecurityException If the operation is not allowed. * override this, call <code>super.checkAccept</code> rather than throwing
**/ * an exception.
public void checkPermission(java.security.Permission perm) { *
throw new SecurityException("Operation not allowed"); * @param host the host which wishes to connect
} * @param port the port the connection will be on
* @throws SecurityException if permission is denied
* @throws NullPointerException if host is null
* @see ServerSocket#accept()
*/
public void checkAccept(String host, int port)
{
// Use the toString() hack to do the null check.
checkPermission(new SocketPermission(host.toString() + ":" + port,
"accept"));
}
/** /**
** Check if the current thread is allowed to perform an * Check if the current thread is allowed to read and write multicast to
** operation that requires the specified <code>Permission</code>. * a particular address. The default implementation checks
** * <code>SocketPermission(addr.getHostAddress(), "accept,connect")</code>.
** @param perm The <code>Permission</code> required. * If you override this, call <code>super.checkMulticast</code> rather than
** @param context A security context * throwing an exception.
** @exception SecurityException If the operation is not allowed. *
** @since 1.2 * @param addr the address to multicast to
**/ * @throws SecurityException if permission is denied
public void checkPermission(java.security.Permission perm, * @throws NullPointerException if host is null
Object context) { * @since 1.1
throw new SecurityException("Operation not allowed"); */
} public void checkMulticast(InetAddress addr)
{
checkPermission(new SocketPermission(addr.getHostAddress(),
"accept,connect"));
}
/** Check if the current thread is allowed to read or /**
** write all the system properties at once.<P> *Check if the current thread is allowed to read and write multicast to
** * a particular address with a particular ttl (time-to-live) value. The
** This method is called by System.getProperties() * default implementation ignores ttl, and checks
** and setProperties().<P> * <code>SocketPermission(addr.getHostAddress(), "accept,connect")</code>.
** * If you override this, call <code>super.checkMulticast</code> rather than
** SecurityManager's implementation always denies access. * throwing an exception.
** *
** @exception SecurityException if the operation is not * @param addr the address to multicast to
** permitted. * @param ttl value in use for multicast send
** @see java.lang.System#getProperties() * @throws SecurityException if permission is denied
** @see java.lang.System#setProperties(java.util.Properties) * @throws NullPointerException if host is null
**/ * @since 1.1
public void checkPropertiesAccess() { * @deprecated use {@link #checkPermission(Permission)} instead
throw new SecurityException("Cannot access all system properties at once."); */
} public void checkMulticast(InetAddress addr, byte ttl)
{
checkPermission(new SocketPermission(addr.getHostAddress(),
"accept,connect"));
}
/** Check if the current thread is allowed to read or /**
** write a particular system property.<P> * Check if the current thread is allowed to read or write all the system
** * properties at once. This method is called by System.getProperties()
** This method is called by System.getProperty() and * and setProperties(). The default implementation checks
** setProperty().<P> * <code>PropertyPermission("*", "read,write")</code>. If you override
** * this, call <code>super.checkPropertiesAccess</code> rather than
** SecurityManager's implementation always denies access. * throwing an exception.
** *
** @exception SecurityException is the operation is not * @throws SecurityException if permission is denied
** permitted. * @see System#getProperties()
** @see java.lang.System#getProperty(java.lang.String) * @see System#setProperties(Properties)
** @see java.lang.System#setProperty(java.lang.String,java.lang.String) */
**/ public void checkPropertiesAccess()
public void checkPropertyAccess(String name) { {
throw new SecurityException("Cannot access individual system properties."); checkPermission(new PropertyPermission("*", "read,write"));
} }
/** Check if the current thread is allowed to create a /**
** top-level window. If it is not, the operation should * Check if the current thread is allowed to read a particular system
** still go through, but some sort of nonremovable * property (writes are checked directly via checkPermission). This method
** warning should be placed on the window to show that it * is called by System.getProperty() and setProperty(). The default
** is untrusted.<P> * implementation checks <code>PropertyPermission(key, "read")</code>. If
** * you override this, call <code>super.checkPropertyAccess</code> rather
** This method is called by Window.Window().<P> * than throwing an exception.
** *
** SecurityManager's implementation always denies access. * @throws SecurityException if permission is denied
** * @throws NullPointerException if key is null
** @param window the window to create * @throws IllegalArgumentException if key is ""
** @see java.awt.Window#Window(java.awt.Frame) * @see System#getProperty(String)
**/ */
public boolean checkTopLevelWindow(Object window) { public void checkPropertyAccess(String key)
return false; {
} checkPermission(new PropertyPermission(key, "read"));
}
/** Check if the current thread is allowed to create a /**
** print job.<P> * Check if the current thread is allowed to create a top-level window. If
** * it is not, the operation should still go through, but some sort of
** This method is called by Toolkit.getPrintJob(). (I * nonremovable warning should be placed on the window to show that it
** assume so, at least, it just don't say nothing about * is untrusted. This method is called by Window.Window(). The default
** it in the spec.)<P> * implementation checks
** * <code>AWTPermission("showWindowWithoutWarningBanner")</code>, and returns
** SecurityManager's implementation always denies access. * true if no exception was thrown. If you override this, use
** * <code>return super.checkTopLevelWindow</code> rather than returning
** @exception SecurityException if the operation is not * false.
** permitted. *
** @see java.awt.Toolkit.getPrintJob(java.awt.Frame,java.lang.String,java.util.Properties) * @param window the window to create
**/ * @return true if there is permission to show the window without warning
public void checkPrintJobAccess() { * @throws NullPointerException if window is null
throw new SecurityException("Cannot create print jobs."); * @see Window#Window(Frame)
} */
public boolean checkTopLevelWindow(Object window)
{
if (window == null)
throw new NullPointerException();
try
{
checkPermission(new AWTPermission("showWindowWithoutWarningBanner"));
return true;
}
catch (SecurityException e)
{
return false;
}
}
/** Check if the current thread is allowed to use the /**
** system clipboard.<P> * Check if the current thread is allowed to create a print job. This
** * method is called by Toolkit.getPrintJob(). The default implementation
** This method is called by Toolkit.getSystemClipboard(). * checks <code>RuntimePermission("queuePrintJob")</code>. If you override
** (I assume.)<P> * this, call <code>super.checkPrintJobAccess</code> rather than throwing
** * an exception.
** SecurityManager's implementation always denies access. *
** * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @see Toolkit#getPrintJob(Frame, String, Properties)
** permitted. * @since 1.1
** @see java.awt.Toolkit#getSystemClipboard() */
**/ public void checkPrintJobAccess()
public void checkSystemClipboardAccess() { {
throw new SecurityException("Cannot access the system clipboard."); checkPermission(new RuntimePermission("queuePrintJob"));
} }
/** Check if the current thread is allowed to use the AWT /**
** event queue.<P> * Check if the current thread is allowed to use the system clipboard. This
** * method is called by Toolkit.getSystemClipboard(). The default
** This method is called by Toolkit.getSystemEventQueue().<P> * implementation checks <code>AWTPermission("accessClipboard")</code>. If
** * you override this, call <code>super.checkSystemClipboardAccess</code>
** SecurityManager's implementation always denies access. * rather than throwing an exception.
** *
** @exception SecurityException if the operation is not * @throws SecurityException if permission is denied
** permitted. * @see Toolkit#getSystemClipboard()
** @see java.awt.Toolkit#getSystemEventQueue() * @since 1.1
**/ */
public void checkAwtEventQueueAccess() { public void checkSystemClipboardAccess()
throw new SecurityException("Cannot access the AWT event queue."); {
} checkPermission(new AWTPermission("accessClipboard"));
}
/** Check if the current thread is allowed to access the /**
** specified package at all.<P> * Check if the current thread is allowed to use the AWT event queue. This
** * method is called by Toolkit.getSystemEventQueue(). The default
** This method is called by ClassLoader.loadClass() in * implementation checks <code>AWTPermission("accessEventQueue")</code>.
** user-created ClassLoaders.<P> * you override this, call <code>super.checkAwtEventQueueAccess</code>
** * rather than throwing an exception.
** SecurityManager's implementation always denies access. *
** * @throws SecurityException if permission is denied
** @param packageName the package name to check access to * @see Toolkit#getSystemEventQueue()
** @exception SecurityException if the operation is not * @since 1.1
** permitted. */
** @see java.lang.ClassLoader#loadClass(java.lang.String,boolean) public void checkAwtEventQueueAccess()
**/ {
public void checkPackageAccess(String packageName) { // Should be: checkPermission(new AWTPermission("accessEventQueue"));
throw new SecurityException("Cannot access packages via the ClassLoader."); throw new SecurityException("Cannot access the AWT event queue.");
} }
/** Check if the current thread is allowed to define /**
** classes the specified package. If the class already * Check if the current thread is allowed to access the specified package
** created, though, ClassLoader.loadClass() can still * at all. This method is called by ClassLoader.loadClass() in user-created
** return the Class if checkPackageAccess() checks out.<P> * ClassLoaders. The default implementation gets a list of all restricted
** * packages, via <code>Security.getProperty("package.access")</code>. Then,
** This method is called by ClassLoader.loadClass() in * if packageName starts with or equals any restricted package, it checks
** user-created ClassLoaders.<P> * <code>RuntimePermission("accessClassInPackage." + packageName)</code>.
** * If you override this, you should call
** SecurityManager's implementation always denies access. * <code>super.checkPackageAccess</code> before doing anything else.
** *
** @param packageName the package name to check access to * @param packageName the package name to check access to
** @exception SecurityException if the operation is not * @throws SecurityException if permission is denied
** permitted. * @throws NullPointerException if packageName is null
** @see java.lang.ClassLoader#loadClass(java.lang.String,boolean) * @see ClassLoader#loadClass(String, boolean)
**/ * @see Security#getProperty(String)
public void checkPackageDefinition(String packageName) { */
throw new SecurityException("Cannot load classes into any packages via the ClassLoader."); public void checkPackageAccess(String packageName)
} {
checkPackageList(packageName, "access", "accessClassInPackage.");
}
/** Check if the current thread is allowed to set the /**
** current socket factory.<P> * Check if the current thread is allowed to define a class into the
** * specified package. This method is called by ClassLoader.loadClass() in
** This method is called by Socket.setSocketImplFactory(), * user-created ClassLoaders. The default implementation gets a list of all
** ServerSocket.setSocketFactory(), and * restricted packages, via
** URL.setURLStreamHandlerFactory().<P> * <code>Security.getProperty("package.definition")</code>. Then, if
** * packageName starts with or equals any restricted package, it checks
** SecurityManager's implementation always denies access. * <code>RuntimePermission("defineClassInPackage." + packageName)</code>.
** * If you override this, you should call
** @exception SecurityException if the operation is not * <code>super.checkPackageDefinition</code> before doing anything else.
** permitted. *
** @see java.net.Socket#setSocketImplFactory(java.net.SocketImplFactory) * @param packageName the package name to check access to
** @see java.net.ServerSocket#setSocketFactory(java.net.SocketImplFactory) * @throws SecurityException if permission is denied
** @see java.net.URL#setURLStreamHandlerFactory(java.net.URLStreamHandlerFactory) * @throws NullPointerException if packageName is null
**/ * @see ClassLoader#loadClass(String, boolean)
public void checkSetFactory() { * @see Security#getProperty(String)
throw new SecurityException("Cannot set the socket factory."); */
} public void checkPackageDefinition(String packageName)
{
checkPackageList(packageName, "definition", "defineClassInPackage.");
}
/** Check if the current thread is allowed to get certain /**
** types of Methods, Fields and Constructors from a Class * Check if the current thread is allowed to set the current socket factory.
** object.<P> * This method is called by Socket.setSocketImplFactory(),
** * ServerSocket.setSocketFactory(), and URL.setURLStreamHandlerFactory().
** This method is called by Class.getMethod[s](), * The default implementation checks
** Class.getField[s](), Class.getConstructor[s], * <code>RuntimePermission("setFactory")</code>. If you override this, call
** Class.getDeclaredMethod[s](), * <code>super.checkSetFactory</code> rather than throwing an exception.
** Class.getDeclaredField[s](), and *
** Class.getDeclaredConstructor[s]().<P> * @throws SecurityException if permission is denied
** * @see Socket#setSocketImplFactory(SocketImplFactory)
** SecurityManager's implementation always denies access. * @see ServerSocket#setSocketFactory(SocketImplFactory)
** * @see URL#setURLStreamHandlerFactory(URLStreamHandlerFactory)
** @param c the Class to check */
** @param memberType the type of members to check public void checkSetFactory()
** against, either Member.DECLARED or {
** Member.PUBLIC. checkPermission(new RuntimePermission("setFactory"));
** @exception SecurityException if the operation is not }
** permitted.
** @see java.lang.Class
** @see java.lang.reflect.Member#DECLARED
** @see java.lang.reflect.Member#PUBLIC
**/
public void checkMemberAccess(Class c, int memberType) {
throw new SecurityException("Cannot access members of classes.");
}
/** Test whether a particular security action may be /**
** taken. * Check if the current thread is allowed to get certain types of Methods,
** @param action the desired action to take * Fields and Constructors from a Class object. This method is called by
** @exception SecurityException if the action is denied. * Class.getMethod[s](), Class.getField[s](), Class.getConstructor[s],
** @XXX I have no idea what actions must be tested * Class.getDeclaredMethod[s](), Class.getDeclaredField[s](), and
** or where. * Class.getDeclaredConstructor[s](). The default implementation allows
**/ * PUBLIC access, and access to classes defined by the same classloader as
public void checkSecurityAccess(String action) { * the code performing the reflection. Otherwise, it checks
checkPermission (new java.security.SecurityPermission (action)); * <code>RuntimePermission("accessDeclaredMembers")</code>. If you override
} * this, do not call <code>super.checkMemberAccess</code>, as this would
* mess up the stack depth check that determines the ClassLoader requesting
* the access.
*
* @param c the Class to check
* @param memberType either DECLARED or PUBLIC
* @throws SecurityException if permission is denied, including when
* memberType is not DECLARED or PUBLIC
* @throws NullPointerException if c is null
* @see Class
* @see Member#DECLARED
* @see Member#PUBLIC
* @since 1.1
*/
public void checkMemberAccess(Class c, int memberType)
{
if (c == null)
throw new NullPointerException();
if (memberType == Member.PUBLIC)
return;
// XXX Allow access to classes created by same classloader before next
// check.
checkPermission(new RuntimePermission("accessDeclaredMembers"));
}
/** Get the ThreadGroup that a new Thread should belong /**
** to by default.<P> * Test whether a particular security action may be taken. The default
** * implementation checks <code>SecurityPermission(action)</code>. If you
** Called by Thread.Thread().<P> * override this, call <code>super.checkSecurityAccess</code> rather than
** * throwing an exception.
** SecurityManager's implementation just uses the *
** ThreadGroup of the current Thread.<P> * @param action the desired action to take
** * @throws SecurityException if permission is denied
** <STRONG>Spec Note:</STRONG> it is not clear whether * @throws NullPointerException if action is null
** the new Thread is guaranteed to pass the * @throws IllegalArgumentException if action is ""
** checkAccessThreadGroup() test when using this * @since 1.1
** ThreadGroup. I presume so. */
** public void checkSecurityAccess(String action)
** @return the ThreadGroup to put the new Thread into. {
**/ checkPermission(new SecurityPermission(action));
public ThreadGroup getThreadGroup() { }
return Thread.currentThread().getThreadGroup();
}
public SecurityManager () { /**
if (System.getSecurityManager () != null) * Get the ThreadGroup that a new Thread should belong to by default. Called
throw new SecurityException (); * by Thread.Thread(). The default implementation returns the current
} * ThreadGroup of the current Thread. <STRONG>Spec Note:</STRONG> it is not
} * clear whether the new Thread is guaranteed to pass the
* checkAccessThreadGroup() test when using this ThreadGroup, but I presume
* so.
*
* @return the ThreadGroup to put the new Thread into
* @since 1.1
*/
public ThreadGroup getThreadGroup()
{
return Thread.currentThread().getThreadGroup();
}
/**
* Helper that checks a comma-separated list of restricted packages, from
* <code>Security.getProperty("package.definition")</code>, for the given
* package access permission. If packageName starts with or equals any
* restricted package, it checks
* <code>RuntimePermission(permission + packageName)</code>.
*
* @param packageName the package name to check access to
* @param restriction the list of restrictions, after "package."
* @param permission the base permission, including the '.'
* @throws SecurityException if permission is denied
* @throws NullPointerException if packageName is null
* @see #checkPackageAccess(String)
* @see #checkPackageDefinition(String)
*/
void checkPackageList(String packageName, String restriction,
String permission)
{
// Use the toString() hack to do the null check.
Permission p = new RuntimePermission(permission + packageName.toString());
String list = Security.getProperty("package." + restriction);
if (list == null)
return;
while (! "".equals(packageName))
{
for (int index = list.indexOf(packageName);
index != -1; index = list.indexOf(packageName, index + 1))
{
int packageNameCount = packageName.length();
if (index + packageNameCount == list.length()
|| list.charAt(index + packageNameCount) == ',')
{
checkPermission(p);
return;
}
}
int index = packageName.lastIndexOf('.');
packageName = index < 0 ? "" : packageName.substring(0, index);
}
}
} // class SecurityManager
// XXX This class is unnecessary.
class SecurityContext { class SecurityContext {
Class[] classes; Class[] classes;
SecurityContext(Class[] classes) { SecurityContext(Class[] classes) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment