Skip to content

R
riscv-gcc-1
Commit c2bea6b0 by Mark Wielaard Committed by Mark Wielaard
Options

SecurityManager.java: Remerge comments, indenting and checkXXX methods with Classpath. 

       * java/lang/SecurityManager.java: Remerge comments, indenting and
       checkXXX methods with Classpath.

From-SVN: r59685
parent 5bb7e2ac
Showing with 938 additions and 670 deletions
libjava/ChangeLog
2002-12-01 Mark Wielaard <mark@klomp.org>
* java/lang/SecurityManager.java: Remerge comments, indenting and
checkXXX methods with Classpath.
2002-11-29 Scott Gilbertson <scottg@mantatest.com> 2002-11-29 Scott Gilbertson <scottg@mantatest.com>
* java/awt/image/ColorModel.java (getUnnormalizedComponents, * java/awt/image/ColorModel.java (getUnnormalizedComponents,
......
libjava/java/lang/SecurityManager.java
/* java.lang.SecurityManager /* SecurityManager.java -- security checks for privileged actions
Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc. Copyright (C) 1998, 1999, 2001, 2002 Free Software Foundation, Inc.
This file is part of GNU Classpath. This file is part of GNU Classpath.
...@@ -38,736 +38,999 @@ exception statement from your version. */ ...@@ -38,736 +38,999 @@ exception statement from your version. */
package java.lang; package java.lang;
import java.net.*; import java.awt.AWTPermission;
import java.util.*; import java.io.File;
import java.io.*; import java.io.FileDescriptor;
import java.io.FilePermission;
import java.lang.reflect.Member;
import java.net.InetAddress;
import java.net.SocketPermission;
import java.security.AllPermission;
import java.security.Permission;
import java.security.Security;
import java.security.SecurityPermission;
import java.util.PropertyPermission;
/** /**
** SecurityManager is a class you can extend to create * SecurityManager is a class you can extend to create your own Java
** your own Java security policy. By default, there is * security policy. By default, there is no SecurityManager installed in
** no SecurityManager installed in 1.1, which means that * 1.1, which means that all things are permitted to all people. The security
** all things are permitted to all people.<P> * manager, if set, is consulted before doing anything with potentially
** * dangerous results, and throws a <code>SecurityException</code> if the
** The default methods in this class deny all * action is forbidden.
** things to all people. *
** * <p>A typical check is as follows, just before the dangerous operation:<br>
** @author John Keiser * <pre>
** @version 1.1.0, 31 May 1998 * SecurityManager sm = System.getSecurityManager();
** @since JDK1.0 * if (sm != null)
**/ * sm.checkABC(<em>argument</em>, ...);
public class SecurityManager { * </pre>
/** Tells whether or not the SecurityManager is currently * Note that this is thread-safe, by caching the security manager in a local
** performing a security check. * variable rather than risking a NullPointerException if the mangager is
**/ * changed between the check for null and before the permission check.
*
* <p>The special method <code>checkPermission</code> is a catchall, and
* the default implementation calls
* <code>AccessController.checkPermission</code>. In fact, all the other
* methods default to calling checkPermission.
*
* <p>Sometimes, the security check needs to happen from a different context,
* such as when called from a worker thread. In such cases, use
* <code>getSecurityContext</code> to take a snapshot that can be passed
* to the worker thread:<br>
* <pre>
* Object context = null;
* SecurityManager sm = System.getSecurityManager();
* if (sm != null)
* context = sm.getSecurityContext(); // defaults to an AccessControlContext
* // now, in worker thread
* if (sm != null)
* sm.checkPermission(permission, context);
* <pre>
*
* <p>Permissions fall into these categories: File, Socket, Net, Security,
* Runtime, Property, AWT, Reflect, and Serializable. Each of these
* permissions have a property naming convention, that follows a hierarchical
* naming convention, to make it easy to grant or deny several permissions
* at once. Some permissions also take a list of permitted actions, such
* as "read" or "write", to fine-tune control even more. The permission
* <code>java.security.AllPermission</code> grants all permissions.
*
* <p>The default methods in this class deny all things to all people. You
* must explicitly grant permission for anything you want to be legal when
* subclassing this class.
*
* @author John Keiser
* @author Eric Blake <ebb9@email.byu.edu>
* @see ClassLoader
* @see SecurityException
* @see #checkTopLevelWindow(Object)
* @see System#getSecurityManager()
* @see System#setSecurityManager(SecurityManager)
* @see AccessController
* @see AccessControlContext
* @see AccessControlException
* @see Permission
* @see BasicPermission
* @see java.io.FilePermission
* @see java.net.SocketPermission
* @see java.util.PropertyPermission
* @see RuntimePermission
* @see java.awt.AWTPermission
* @see Policy
* @see SecurityPermission
* @see ProtectionDomain
* @since 1.0
* @status still missing 1.4 functionality
*/
public class SecurityManager
{
/**
* Tells whether or not the SecurityManager is currently performing a
* security check.
* @deprecated Use {@link #checkPermission(Permission)} instead.
*/
protected boolean inCheck; protected boolean inCheck;
/** Tells whether or not the SecurityManager is currently /**
** performing a security check. * Construct a new security manager. There may be a security check, of
** * <code>RuntimePermission("createSecurityManager")</code>.
** @return whether or not the SecurityManager is *
** currently performing a security check. * @throws SecurityException if permission is denied
**/ */
public boolean getInCheck() { public SecurityManager()
{
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("createSecurityManager"));
}
/**
* Tells whether or not the SecurityManager is currently performing a
* security check.
*
* @return true if the SecurityManager is in a security check
* @see #inCheck
* @deprecated use {@link #checkPermission(Permission)} instead
*/
public boolean getInCheck()
{
return inCheck; return inCheck;
} }
/** Get a list of all the classes currently executing /**
** methods on the Java stack. getClassContext()[0] is * Get a list of all the classes currently executing methods on the Java
** the currently executing method * stack. getClassContext()[0] is the currently executing method (ie. the
** <STRONG>Spec Note:</STRONG> does not say whether * class that CALLED getClassContext, not SecurityManager).
** the stack will include the getClassContext() call or *
** the one just before it. * @return an array of classes on the Java execution stack
** */
** @return an array containing all the methods on classes protected Class[] getClassContext()
** on the Java execution stack. {
**/
protected Class[] getClassContext() {
return VMSecurityManager.getClassContext(); return VMSecurityManager.getClassContext();
} }
/** Find the ClassLoader for the most recent class on the /**
** stack that was loaded by an explicit ClassLoader. If * Find the ClassLoader of the first non-system class on the execution
** everything on the stack was loaded by the system * stack. A non-system class is one whose ClassLoader is not equal to
** classloader, null is returned. * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This
** * will return null in three cases:<br><nl>
** @return the most recent ClassLoader on the execution * <li>All methods on the stack are from system classes</li>
** stack. * <li>All methods on the stack up to the first "privileged" caller, as
**/ * created by {@link AccessController.doPrivileged(PrivilegedAction)},
protected ClassLoader currentClassLoader() { * are from system classes</li>
* <li>A check of <code>java.security.AllPermission</code> succeeds.</li>
* </nl>
*
* @return the most recent non-system ClassLoader on the execution stack
* @deprecated use {@link #checkPermission(Permission)} instead
*/
protected ClassLoader currentClassLoader()
{
return VMSecurityManager.currentClassLoader(); return VMSecurityManager.currentClassLoader();
} }
/** Find the most recent class on the stack that was /**
** loaded by an explicit ClassLoader. If everything on * Find the first non-system class on the execution stack. A non-system
** the stack was loaded by the system classloader, null * class is one whose ClassLoader is not equal to
** is returned. * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This
** * will return null in three cases:<br><nl>
** @return the most recent loaded Class on the execution * <li>All methods on the stack are from system classes</li>
** stack. * <li>All methods on the stack up to the first "privileged" caller, as
**/ * created by {@link AccessController.doPrivileged(PrivilegedAction)},
protected Class currentLoadedClass() { * are from system classes</li>
* <li>A check of <code>java.security.AllPermission</code> succeeds.</li>
* </nl>
*
* @return the most recent non-system Class on the execution stack
* @deprecated use {@link #checkPermission(Permission)} instead
*/
protected Class currentLoadedClass()
{
Class[] c = getClassContext(); Class[] c = getClassContext();
for(int i=0;i<c.length;i++) { for (int i = 0; i < c.length; i++)
if(c[i].getClassLoader() != null) { if (c[i].getClassLoader() != null)
return c[i]; return c[i];
}
}
return null; return null;
} }
/** Get the depth on the execution stack of the most /**
** recent class that was loaded by an explicit * Get the depth of a particular class on the execution stack.
** ClassLoader. This can be used as an index into *
** getClassContext(). * @param className the fully-qualified name to search for
** * @return the index of the class on the stack, or -1
** @return the index of the most recent loaded Class on * @deprecated use {@link #checkPermission(Permission)} instead
** the execution stack. */
**/ protected int classDepth(String className)
protected int classLoaderDepth() { {
Class[] c = getClassContext(); Class[] c = getClassContext();
for(int i=0;i<c.length;i++) { for (int i = 0; i < c.length; i++)
if(c[i].getClassLoader() != null) { if (className.equals(c[i].getName()))
return i; return i;
return -1;
} }
}
/**
* Get the depth on the execution stack of the most recent non-system class.
* A non-system class is one whose ClassLoader is not equal to
* {@link ClassLoader#getSystemClassLoader()} or its ancestors. This
* will return -1 in three cases:<br><nl>
* <li>All methods on the stack are from system classes</li>
* <li>All methods on the stack up to the first "privileged" caller, as
* created by {@link AccessController.doPrivileged(PrivilegedAction)},
* are from system classes</li>
* <li>A check of <code>java.security.AllPermission</code> succeeds.</li>
* </nl>
*
* @return the index of the most recent non-system Class on the stack
* @deprecated use {@link #checkPermission(Permission)} instead
*/
protected int classLoaderDepth()
{
Class[] c = getClassContext();
for (int i = 0; i < c.length; i++)
if (c[i].getClassLoader() != null)
return i;
return -1; return -1;
} }
/** Tell whether there is a class loaded with an explicit /**
** ClassLoader on the stack. * Tell whether the specified class is on the execution stack.
** *
** @return whether there is a class loaded with an * @param className the fully-qualified name of the class to find
** explicit ClassLoader on the stack. * @return whether the specified class is on the execution stack
**/ * @deprecated use {@link #checkPermission(Permission)} instead
protected boolean inClassLoader() { */
protected boolean inClass(String className)
{
return classDepth(className) != -1;
}
/**
* Tell whether there is a class loaded with an explicit ClassLoader on
* the stack.
*
* @return whether a class with an explicit ClassLoader is on the stack
* @deprecated use {@link #checkPermission(Permission)} instead
*/
protected boolean inClassLoader()
{
return classLoaderDepth() != -1; return classLoaderDepth() != -1;
} }
/**
* Get an implementation-dependent Object that contains enough information
* about the current environment to be able to perform standard security
* checks later. This is used by trusted methods that need to verify that
* their callers have sufficient access to perform certain operations.
*
* <p>Currently the only methods that use this are checkRead() and
* checkConnect(). The default implementation returns an
* <code>AccessControlContext</code>.
*
* @return a security context
* @see #checkConnect(String, int, Object)
* @see #checkRead(String, Object)
* @see AccessControlContext
* @see AccessController#getContext()
*/
public Object getSecurityContext()
{
// XXX Should be: return AccessController.getContext();
return new SecurityContext(getClassContext());
}
/** Get the depth of a particular class on the execution /**
** stack. * Check if the current thread is allowed to perform an operation that
** * requires the specified <code>Permission</code>. This defaults to
** @param className the fully-qualified name of the class * <code>AccessController.checkPermission</code>.
** to search for on the stack. *
** @return the index of the class on the stack, or -1 if * @param perm the <code>Permission</code> required
** the class is not on the stack. * @throws SecurityException if permission is denied
**/ * @throws NullPointerException if perm is null
protected int classDepth(String className) { * @since 1.2
Class[] c = getClassContext(); */
for(int i=0;i<c.length;i++) { public void checkPermission(Permission perm)
if(className.equals(c[i].getName())) { {
return i; // XXX Should be: AccessController.checkPermission(perm);
throw new SecurityException("Operation not allowed");
} }
/**
* Check if the current thread is allowed to perform an operation that
* requires the specified <code>Permission</code>. This is done in a
* context previously returned by <code>getSecurityContext()</code>. The
* default implementation expects context to be an AccessControlContext,
* and it calls <code>AccessControlContext.checkPermission(perm)</code>.
*
* @param perm the <code>Permission</code> required
* @param context a security context
* @throws SecurityException if permission is denied, or if context is
* not an AccessControlContext
* @throws NullPointerException if perm is null
* @see #getSecurityContext()
* @see AccessControlContext#checkPermission(Permission)
* @since 1.2
*/
public void checkPermission(Permission perm, Object context)
{
// XXX Should be:
// if (! (context instanceof AccessControlContext))
// throw new SecurityException("Missing context");
// ((AccessControlContext) context).checkPermission(perm);
throw new SecurityException("Operation not allowed");
} }
return -1;
/**
* Check if the current thread is allowed to create a ClassLoader. This
* method is called from ClassLoader.ClassLoader(), and checks
* <code>RuntimePermission("createClassLoader")</code>. If you override
* this, you should call <code>super.checkCreateClassLoader()</code> rather
* than throwing an exception.
*
* @throws SecurityException if permission is denied
* @see ClassLoader#ClassLoader()
*/
public void checkCreateClassLoader()
{
checkPermission(new RuntimePermission("createClassLoader"));
} }
/** Tell whether the specified class is on the execution /**
** stack. * Check if the current thread is allowed to modify another Thread. This is
** * called by Thread.stop(), suspend(), resume(), interrupt(), destroy(),
** @param className the fully-qualified name of the class * setPriority(), setName(), and setDaemon(). The default implementation
** to search for on the stack. * checks <code>RuntimePermission("modifyThread") on system threads (ie.
** @return whether the specified class is on the * threads in ThreadGroup with a null parent), and returns silently on
** execution stack. * other threads.
**/ *
protected boolean inClass(String className) { * <p>If you override this, you must do two things. First, call
return classDepth(className) != -1; * <code>super.checkAccess(t)</code>, to make sure you are not relaxing
* requirements. Second, if the calling thread has
* <code>RuntimePermission("modifyThread")</code>, return silently, so that
* core classes (the Classpath library!) can modify any thread.
*
* @param t the other Thread to check
* @throws SecurityException if permission is denied
* @throws NullPointerException if t is null
* @see Thread#stop()
* @see Thread#suspend()
* @see Thread#resume()
* @see Thread#setPriority(int)
* @see Thread#setName(String)
* @see Thread#setDaemon(boolean)
*/
public void checkAccess(Thread t)
{
if (t.group != null && t.group.getParent() != null)
checkPermission(new RuntimePermission("modifyThread"));
} }
/** Get an implementation-dependent Object that contains /**
** enough information about the current environment to be * Check if the current thread is allowed to modify a ThreadGroup. This is
** able to perform standard security checks later. This * called by Thread.Thread() (to add a thread to the ThreadGroup),
** is used by trusted methods that need to verify that * ThreadGroup.ThreadGroup() (to add this ThreadGroup to a parent),
** their callers have sufficient access to perform * ThreadGroup.stop(), suspend(), resume(), interrupt(), destroy(),
** certain operations.<P> * setDaemon(), and setMaxPriority(). The default implementation
** * checks <code>RuntimePermission("modifyThread") on the system group (ie.
** Currently the only methods that use this are checkRead() * the one with a null parent), and returns silently on other groups.
** and checkConnect(). *
** * <p>If you override this, you must do two things. First, call
** @see checkConnect(java.lang.String,int,java.lang.Object) * <code>super.checkAccess(t)</code>, to make sure you are not relaxing
** @see checkRead(java.lang.String,java.lang.Object) * requirements. Second, if the calling thread has
**/ * <code>RuntimePermission("modifyThreadGroup")</code>, return silently,
public Object getSecurityContext() { * so that core classes (the Classpath library!) can modify any thread.
return new SecurityContext(getClassContext()); *
* @param g the ThreadGroup to check
* @throws SecurityException if permission is denied
* @throws NullPointerException if g is null
* @see Thread#Thread()
* @see ThreadGroup#ThreadGroup()
* @see ThreadGroup#stop()
* @see ThreadGroup#suspend()
* @see ThreadGroup#resume()
* @see ThreadGroup#interrupt()
* @see ThreadGroup#setDaemon(boolean)
* @see ThreadGroup#setMaxPriority(int)
*/
public void checkAccess(ThreadGroup g)
{
if (g.getParent() != null)
checkPermission(new RuntimePermission("modifyThreadGroup"));
} }
/** Check if the current thread is allowed to create a /**
** ClassLoader.<P> * Check if the current thread is allowed to exit the JVM with the given
** * status. This method is called from Runtime.exit() and Runtime.halt().
** This method is called from ClassLoader.ClassLoader(), * The default implementation checks
** in other words, whenever a ClassLoader is created.<P> * <code>RuntimePermission("exitVM")</code>. If you override this, call
** * <code>super.checkExit</code> rather than throwing an exception.
** SecurityManager's implementation always denies access. *
** * @param status the status to exit with
** @exception SecurityException if the operation is not * @throws SecurityException if permission is denied
** permitted. * @see Runtime#exit(int)
** @see java.lang.ClassLoader#ClassLoader() * @see Runtime#halt(int)
**/ */
public void checkCreateClassLoader() { public void checkExit(int status)
throw new SecurityException("Cannot create new ClassLoaders."); {
} checkPermission(new RuntimePermission("exitVM"));
}
/** Check if the current thread is allowed to modify this
** other Thread.<P> /**
** * Check if the current thread is allowed to execute the given program. This
** Called by Thread.stop(), suspend(), resume(), and * method is called from Runtime.exec(). If the name is an absolute path,
** interrupt(), destroy(), setPriority(), setName() and * the default implementation checks
** setDaemon().<P> * <code>FilePermission(program, "execute")</code>, otherwise it checks
** * <code>FilePermission("&lt;&lt;ALL FILES&gt;&gt;", "execute")</code>. If
** SecurityManager's implementation always denies access. * you override this, call <code>super.checkExec</code> rather than
** * throwing an exception.
** @param g the Thread to check against *
** @exception SecurityException if the operation is not * @param program the name of the program to exec
** permitted. * @throws SecurityException if permission is denied
** @see java.lang.Thread#stop() * @throws NullPointerException if program is null
** @see java.lang.Thread#suspend() * @see Runtime#exec(String[], String[], File)
** @see java.lang.Thread#resume() */
** @see java.lang.Thread#interrupt() public void checkExec(String program)
** @see java.lang.Thread#destroy() {
** @see java.lang.Thread#setPriority(int) if (! program.equals(new File(program).getAbsolutePath()))
** @see java.lang.Thread#setName(java.lang.String) program = "<<ALL FILES>>";
** @see java.lang.Thread#setDaemon(boolean) checkPermission(new FilePermission(program, "execute"));
**/ }
public void checkAccess(Thread t) {
throw new SecurityException("Cannot modify Threads."); /**
} * Check if the current thread is allowed to link in the given native
* library. This method is called from Runtime.load() (and hence, by
/** Check if the current thread is allowed to modify this * loadLibrary() as well). The default implementation checks
** ThreadGroup.<P> * <code>RuntimePermission("loadLibrary." + filename)</code>. If you
** * override this, call <code>super.checkLink</code> rather than throwing
** Called by Thread.Thread() (to add a thread to the * an exception.
** ThreadGroup), ThreadGroup.ThreadGroup() (to add this *
** ThreadGroup to a parent), ThreadGroup.stop(), * @param filename the full name of the library to load
** suspend(), resume(), interrupt(), destroy(), * @throws SecurityException if permission is denied
** setDaemon(), and setMaxPriority().<P> * @throws NullPointerException if filename is null
** * @see Runtime#load(String)
** SecurityManager's implementation always denies access. */
** public void checkLink(String filename)
** @param g the ThreadGroup to check against {
** @exception SecurityException if the operation is not // Use the toString() hack to do the null check.
** permitted. checkPermission(new RuntimePermission("loadLibrary."
** @see java.lang.Thread#Thread() + filename.toString()));
** @see java.lang.ThreadGroup#ThreadGroup() }
** @see java.lang.ThreadGroup#stop()
** @see java.lang.ThreadGroup#suspend() /**
** @see java.lang.ThreadGroup#resume() * Check if the current thread is allowed to read the given file using the
** @see java.lang.ThreadGroup#interrupt() * FileDescriptor. This method is called from
** @see java.lang.ThreadGroup#setDaemon(boolean) * FileInputStream.FileInputStream(). The default implementation checks
** @see java.lang.ThreadGroup#setMaxPriority(int) * <code>RuntimePermission("readFileDescriptor")</code>. If you override
**/ * this, call <code>super.checkRead</code> rather than throwing an
public void checkAccess(ThreadGroup g) { * exception.
throw new SecurityException("Cannot modify ThreadGroups."); *
} * @param desc the FileDescriptor representing the file to access
* @throws SecurityException if permission is denied
/** Check if the current thread is allowed to exit the * @throws NullPointerException if desc is null
** JVM with the given status.<P> * @see FileInputStream#FileInputStream(FileDescriptor)
** */
** This method is called from Runtime.exit().<P> public void checkRead(FileDescriptor desc)
** {
** SecurityManager's implementation always denies access. if (desc == null)
** throw new NullPointerException();
** @param status the status to exit with checkPermission(new RuntimePermission("readFileDescriptor"));
** @exception SecurityException if the operation is not }
** permitted.
** @see java.lang.Runtime#exit() /**
** @see java.lang.Runtime#exit(int) * Check if the current thread is allowed to read the given file. This
**/ * method is called from FileInputStream.FileInputStream(),
public void checkExit(int status) { * RandomAccessFile.RandomAccessFile(), File.exists(), canRead(), isFile(),
throw new SecurityException("Cannot exit JVM."); * isDirectory(), lastModified(), length() and list(). The default
} * implementation checks <code>FilePermission(filename, "read")</code>. If
* you override this, call <code>super.checkRead</code> rather than
/** Check if the current thread is allowed to execute the * throwing an exception.
** given program.<P> *
** * @param filename the full name of the file to access
** This method is called from Runtime.exec().<P> * @throws SecurityException if permission is denied
** * @throws NullPointerException if filename is null
** SecurityManager's implementation always denies access. * @see File
** * @see FileInputStream#FileInputStream(String)
** @param program the name of the program to exec * @see RandomAccessFile#RandomAccessFile(String)
** @exception SecurityException if the operation is not */
** permitted. public void checkRead(String filename)
** @see java.lang.Runtime#exec(java.lang.String[],java.lang.String[]) {
**/ checkPermission(new FilePermission(filename, "read"));
public void checkExec(String program) {
throw new SecurityException("Cannot execute programs.");
}
/** Check if the current thread is allowed to link in the
** given native library.<P>
**
** This method is called from Runtime.load() (and hence,
** by loadLibrary() as well).<P>
**
** SecurityManager's implementation always denies access.
**
** @param filename the full name of the library to load
** @exception SecurityException if the operation is not
** permitted.
** @see java.lang.Runtime#load(java.lang.String)
**/
public void checkLink(String filename) {
throw new SecurityException("Cannot link native libraries.");
}
/** Check if the current thread is allowed to read the
** given file using the FileDescriptor.<P>
**
** This method is called from
** FileInputStream.FileInputStream().<P>
**
** SecurityManager's implementation always denies access.
**
** @param desc the FileDescriptor representing the file
** to access
** @exception SecurityException if the operation is not
** permitted.
** @see java.io.FileInputStream#FileInputStream(java.io.FileDescriptor)
**/
public void checkRead(FileDescriptor desc) {
throw new SecurityException("Cannot read files via file descriptors.");
}
/** Check if the current thread is allowed to read the
** given file.<P>
**
** This method is called from
** FileInputStream.FileInputStream(),
** RandomAccessFile.RandomAccessFile(), File.exists(),
** canRead(), isFile(), isDirectory(), lastModified(),
** length() and list().<P>
**
** SecurityManager's implementation always denies access.
**
** @param filename the full name of the file to access
** @exception SecurityException if the operation is not
** permitted.
** @see java.io.File
** @see java.io.FileInputStream#FileInputStream(java.lang.String)
** @see java.io.RandomAccessFile#RandomAccessFile(java.lang.String)
**/
public void checkRead(String filename) {
throw new SecurityException("Cannot read files via file names.");
} }
/** Check if the current thread is allowed to read the /**
** given file. using the given SecurityContext.<P> * Check if the current thread is allowed to read the given file. using the
** * given security context. The context must be a result of a previous call
** I know of no core class that calls this method.<P> * to <code>getSecurityContext()</code>. The default implementation checks
** * <code>AccessControlContext.checkPermission(new FilePermission(filename,
** SecurityManager's implementation always denies access. * "read"))</code>. If you override this, call <code>super.checkRead</code>
** * rather than throwing an exception.
** @param filename the full name of the file to access *
** @param securityContext the Security Context to * @param filename the full name of the file to access
** determine access for. * @param context the context to determine access for
** @exception SecurityException if the operation is not * @throws SecurityException if permission is denied, or if context is
** permitted. * not an AccessControlContext
**/ * @throws NullPointerException if filename is null
public void checkRead(String filename, Object securityContext) { * @see #getSecurityContext()
* @see AccessControlContext#checkPermission(Permission)
*/
public void checkRead(String filename, Object context)
{
// XXX Should be:
// if (! (context instanceof AccessControlContext))
// throw new SecurityException("Missing context");
// AccessControlContext ac = (AccessControlContext) context;
// ac.checkPermission(new FilePermission(filename, "read"));
throw new SecurityException("Cannot read files via file names."); throw new SecurityException("Cannot read files via file names.");
} }
/** Check if the current thread is allowed to write to the /**
** given file using the FileDescriptor.<P> * Check if the current thread is allowed to write the given file using the
** * FileDescriptor. This method is called from
** This method is called from * FileOutputStream.FileOutputStream(). The default implementation checks
** FileOutputStream.FileOutputStream().<P> * <code>RuntimePermission("writeFileDescriptor")</code>. If you override
** * this, call <code>super.checkWrite</code> rather than throwing an
** SecurityManager's implementation always denies access. * exception.
** *
** @param desc the FileDescriptor representing the file * @param desc the FileDescriptor representing the file to access
** to access * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @throws NullPointerException if desc is null
** permitted. * @see FileOutputStream#FileOutputStream(FileDescriptor)
** @see java.io.FileOutputStream#FileOutputStream(java.io.FileDescriptor) */
**/ public void checkWrite(FileDescriptor desc)
public void checkWrite(FileDescriptor desc) { {
throw new SecurityException("Cannot write files via file descriptors."); if (desc == null)
} throw new NullPointerException();
checkPermission(new RuntimePermission("writeFileDescriptor"));
/** Check if the current thread is allowed to write to the
** given file.<P>
**
** This method is called from
** FileOutputStream.FileOutputStream(),
** RandomAccessFile.RandomAccessFile(),
** File.canWrite(), mkdir(), and renameTo().<P>
**
** SecurityManager's implementation always denies access.
**
** @param filename the full name of the file to access
** @exception SecurityException if the operation is not
** permitted.
** @see java.io.File#canWrite()
** @see java.io.File#mkdir()
** @see java.io.File#renameTo()
** @see java.io.FileOutputStream#FileOutputStream(java.lang.String)
** @see java.io.RandomAccessFile#RandomAccessFile(java.lang.String)
**/
public void checkWrite(String filename) {
throw new SecurityException("Cannot write files via file names.");
}
/** Check if the current thread is allowed to delete the
** given file.<P>
**
** This method is called from File.delete().<P>
**
** SecurityManager's implementation always denies access.
**
** @param filename the full name of the file to delete
** @exception SecurityException if th operation is not
** permitted.
** @see java.io.File#delete()
**/
public void checkDelete(String filename) {
throw new SecurityException("Cannot delete files.");
}
/** Check if the current thread is allowed to connect to a
** given host on a given port.<P>
**
** This method is called from Socket.Socket().
**
** SecurityManager's implementation always denies access.
**
** @param host the host to connect to
** @param port the port to connect on
** @exception SecurityException if the operation is not
** permitted
** @see java.net.Socket#Socket()
**/
public void checkConnect(String host, int port) {
throw new SecurityException("Cannot make network connections.");
} }
/** Check if the current thread is allowed to connect to a /**
** given host on a given port using a specific security * Check if the current thread is allowed to write the given file. This
** context to determine access.<P> * method is called from FileOutputStream.FileOutputStream(),
** * RandomAccessFile.RandomAccessFile(), File.canWrite(), mkdir(), and
** This method is not called in the 1.1 core classes.<P> * renameTo(). The default implementation checks
** * <code>FilePermission(filename, "write")</code>. If you override this,
** SecurityManager's implementation always denies access. * call <code>super.checkWrite</code> rather than throwing an exception.
** *
** @param host the host to connect to * @param filename the full name of the file to access
** @param port the port to connect on * @throws SecurityException if permission is denied
** @param securityContext the security context to * @throws NullPointerException if filename is null
** determine access with * @see File
** @exception SecurityException if the operation is not * @see File#canWrite()
** permitted * @see File#mkdir()
**/ * @see File#renameTo()
public void checkConnect(String host, int port, Object securityContext) { * @see FileOutputStream#FileOutputStream(String)
* @see RandomAccessFile#RandomAccessFile(String)
*/
public void checkWrite(String filename)
{
checkPermission(new FilePermission(filename, "write"));
}
/**
* Check if the current thread is allowed to delete the given file. This
* method is called from File.delete(). The default implementation checks
* <code>FilePermission(filename, "delete")</code>. If you override this,
* call <code>super.checkDelete</code> rather than throwing an exception.
*
* @param filename the full name of the file to delete
* @throws SecurityException if permission is denied
* @throws NullPointerException if filename is null
* @see File#delete()
*/
public void checkDelete(String filename)
{
checkPermission(new FilePermission(filename, "delete"));
}
/**
* Check if the current thread is allowed to connect to a given host on a
* given port. This method is called from Socket.Socket(). A port number
* of -1 indicates the caller is attempting to determine an IP address, so
* the default implementation checks
* <code>SocketPermission(host, "resolve")</code>. Otherwise, the default
* implementation checks
* <code>SocketPermission(host + ":" + port, "connect")</code>. If you
* override this, call <code>super.checkConnect</code> rather than throwing
* an exception.
*
* @param host the host to connect to
* @param port the port to connect on
* @throws SecurityException if permission is denied
* @throws NullPointerException if host is null
* @see Socket#Socket()
*/
public void checkConnect(String host, int port)
{
if (port == -1)
checkPermission(new SocketPermission(host, "resolve"));
else
// Use the toString() hack to do the null check.
checkPermission(new SocketPermission(host.toString() + ":" + port,
"connect"));
}
/**
* Check if the current thread is allowed to connect to a given host on a
* given port, using the given security context. The context must be a
* result of a previous call to <code>getSecurityContext</code>. A port
* number of -1 indicates the caller is attempting to determine an IP
* address, so the default implementation checks
* <code>AccessControlContext.checkPermission(new SocketPermission(host,
* "resolve"))</code>. Otherwise, the default implementation checks
* <code>AccessControlContext.checkPermission(new SocketPermission(host
* + ":" + port, "connect"))</code>. If you override this, call
* <code>super.checkConnect</code> rather than throwing an exception.
*
* @param host the host to connect to
* @param port the port to connect on
* @param context the context to determine access for
* @throws SecurityException if permission is denied, or if context is
* not an AccessControlContext
* @throws NullPointerException if host is null
* @see #getSecurityContext()
* @see AccessControlContext#checkPermission(Permission)
*/
public void checkConnect(String host, int port, Object securityContext)
{
// XXX Should be:
// if (! (context instanceof AccessControlContext))
// throw new SecurityException("Missing context");
// AccessControlContext ac = (AccessControlContext) context;
// if (port == -1)
// ac.checkPermission(new SocketPermission(host, "resolve"));
// else
// // Use the toString() hack to do the null check.
// ac.checkPermission(new SocketPermission(host.toString + ":" +port,
// "connect"));
throw new SecurityException("Cannot make network connections."); throw new SecurityException("Cannot make network connections.");
} }
/** Check if the current thread is allowed to listen to a /**
** specific port for data.<P> * Check if the current thread is allowed to listen to a specific port for
** * data. This method is called by ServerSocket.ServerSocket(). The default
** This method is called by ServerSocket.ServerSocket().<P> * implementation checks
** * <code>SocketPermission("localhost:" + (port == 0 ? "1024-" : "" + port),
** SecurityManager's implementation always denies access. * "listen")</code>. If you override this, call
** * <code>super.checkListen</code> rather than throwing an exception.
** @param port the port to listen on *
** @exception SecurityException if the operation is not * @param port the port to listen on
** permitted * @throws SecurityException if permission is denied
** @see java.net.ServerSocket#ServerSocket(int) * @see ServerSocket#ServerSocket(int)
**/ */
public void checkListen(int port) { public void checkListen(int port)
throw new SecurityException("Cannot listen for connections."); {
} checkPermission(new SocketPermission("localhost:"
+ (port == 0 ? "1024-" : "" +port),
/** Check if the current thread is allowed to accept a "listen"));
** connection from a particular host on a particular
** port.<P>
**
** This method is called by ServerSocket.implAccept().<P>
**
** SecurityManager's implementation always denies access.
**
** @param host the host which wishes to connect
** @param port the port the connection will be on
** @exception SecurityException if the operation is not
** permitted
** @see java.net.ServerSocket#accept()
**/
public void checkAccept(String host, int port) {
throw new SecurityException("Cannot accept connections.");
}
/** Check if the current thread is allowed to read and
** write multicast to a particular address.<P>
**
** SecurityManager's implementation always denies access.
**
** @XXX where is it called?
**
** @param addr the address to multicast to.
** @exception SecurityException if the operation is not
** permitted.
**/
public void checkMulticast(InetAddress addr) {
throw new SecurityException("Cannot read or write multicast.");
}
/** Check if the current thread is allowed to read and
** write multicast to a particular address with a
** particular ttl value.<P>
**
** SecurityManager's implementation always denies access.<P>
**
** @XXX where is it called?
**
** @XXX what the hell is ttl? Expand abbreviation.
**
** @param addr the address to multicast to.
** @param ttl the ttl value to use
** @exception SecurityException if the operation is not
** permitted.
**/
public void checkMulticast(InetAddress addr, byte ttl) {
throw new SecurityException("Cannot read or write multicast.");
}
/**
** Check if the current thread is allowed to perform an
** operation that requires the specified <code>Permission</code>.
**
** @param perm The <code>Permission</code> required.
** @exception SecurityException If the operation is not allowed.
**/
public void checkPermission(java.security.Permission perm) {
throw new SecurityException("Operation not allowed");
} }
/** /**
** Check if the current thread is allowed to perform an * Check if the current thread is allowed to accept a connection from a
** operation that requires the specified <code>Permission</code>. * particular host on a particular port. This method is called by
** * ServerSocket.implAccept(). The default implementation checks
** @param perm The <code>Permission</code> required. * <code>SocketPermission(host + ":" + port, "accept")</code>. If you
** @param context A security context * override this, call <code>super.checkAccept</code> rather than throwing
** @exception SecurityException If the operation is not allowed. * an exception.
** @since 1.2 *
**/ * @param host the host which wishes to connect
public void checkPermission(java.security.Permission perm, * @param port the port the connection will be on
Object context) { * @throws SecurityException if permission is denied
throw new SecurityException("Operation not allowed"); * @throws NullPointerException if host is null
* @see ServerSocket#accept()
*/
public void checkAccept(String host, int port)
{
// Use the toString() hack to do the null check.
checkPermission(new SocketPermission(host.toString() + ":" + port,
"accept"));
}
/**
* Check if the current thread is allowed to read and write multicast to
* a particular address. The default implementation checks
* <code>SocketPermission(addr.getHostAddress(), "accept,connect")</code>.
* If you override this, call <code>super.checkMulticast</code> rather than
* throwing an exception.
*
* @param addr the address to multicast to
* @throws SecurityException if permission is denied
* @throws NullPointerException if host is null
* @since 1.1
*/
public void checkMulticast(InetAddress addr)
{
checkPermission(new SocketPermission(addr.getHostAddress(),
"accept,connect"));
}
/**
*Check if the current thread is allowed to read and write multicast to
* a particular address with a particular ttl (time-to-live) value. The
* default implementation ignores ttl, and checks
* <code>SocketPermission(addr.getHostAddress(), "accept,connect")</code>.
* If you override this, call <code>super.checkMulticast</code> rather than
* throwing an exception.
*
* @param addr the address to multicast to
* @param ttl value in use for multicast send
* @throws SecurityException if permission is denied
* @throws NullPointerException if host is null
* @since 1.1
* @deprecated use {@link #checkPermission(Permission)} instead
*/
public void checkMulticast(InetAddress addr, byte ttl)
{
checkPermission(new SocketPermission(addr.getHostAddress(),
"accept,connect"));
}
/**
* Check if the current thread is allowed to read or write all the system
* properties at once. This method is called by System.getProperties()
* and setProperties(). The default implementation checks
* <code>PropertyPermission("*", "read,write")</code>. If you override
* this, call <code>super.checkPropertiesAccess</code> rather than
* throwing an exception.
*
* @throws SecurityException if permission is denied
* @see System#getProperties()
* @see System#setProperties(Properties)
*/
public void checkPropertiesAccess()
{
checkPermission(new PropertyPermission("*", "read,write"));
}
/**
* Check if the current thread is allowed to read a particular system
* property (writes are checked directly via checkPermission). This method
* is called by System.getProperty() and setProperty(). The default
* implementation checks <code>PropertyPermission(key, "read")</code>. If
* you override this, call <code>super.checkPropertyAccess</code> rather
* than throwing an exception.
*
* @throws SecurityException if permission is denied
* @throws NullPointerException if key is null
* @throws IllegalArgumentException if key is ""
* @see System#getProperty(String)
*/
public void checkPropertyAccess(String key)
{
checkPermission(new PropertyPermission(key, "read"));
} }
/** Check if the current thread is allowed to read or /**
** write all the system properties at once.<P> * Check if the current thread is allowed to create a top-level window. If
** * it is not, the operation should still go through, but some sort of
** This method is called by System.getProperties() * nonremovable warning should be placed on the window to show that it
** and setProperties().<P> * is untrusted. This method is called by Window.Window(). The default
** * implementation checks
** SecurityManager's implementation always denies access. * <code>AWTPermission("showWindowWithoutWarningBanner")</code>, and returns
** * true if no exception was thrown. If you override this, use
** @exception SecurityException if the operation is not * <code>return super.checkTopLevelWindow</code> rather than returning
** permitted. * false.
** @see java.lang.System#getProperties() *
** @see java.lang.System#setProperties(java.util.Properties) * @param window the window to create
**/ * @return true if there is permission to show the window without warning
public void checkPropertiesAccess() { * @throws NullPointerException if window is null
throw new SecurityException("Cannot access all system properties at once."); * @see Window#Window(Frame)
} */
public boolean checkTopLevelWindow(Object window)
/** Check if the current thread is allowed to read or {
** write a particular system property.<P> if (window == null)
** throw new NullPointerException();
** This method is called by System.getProperty() and try
** setProperty().<P> {
** checkPermission(new AWTPermission("showWindowWithoutWarningBanner"));
** SecurityManager's implementation always denies access. return true;
** }
** @exception SecurityException is the operation is not catch (SecurityException e)
** permitted. {
** @see java.lang.System#getProperty(java.lang.String)
** @see java.lang.System#setProperty(java.lang.String,java.lang.String)
**/
public void checkPropertyAccess(String name) {
throw new SecurityException("Cannot access individual system properties.");
}
/** Check if the current thread is allowed to create a
** top-level window. If it is not, the operation should
** still go through, but some sort of nonremovable
** warning should be placed on the window to show that it
** is untrusted.<P>
**
** This method is called by Window.Window().<P>
**
** SecurityManager's implementation always denies access.
**
** @param window the window to create
** @see java.awt.Window#Window(java.awt.Frame)
**/
public boolean checkTopLevelWindow(Object window) {
return false; return false;
} }
}
/** Check if the current thread is allowed to create a /**
** print job.<P> * Check if the current thread is allowed to create a print job. This
** * method is called by Toolkit.getPrintJob(). The default implementation
** This method is called by Toolkit.getPrintJob(). (I * checks <code>RuntimePermission("queuePrintJob")</code>. If you override
** assume so, at least, it just don't say nothing about * this, call <code>super.checkPrintJobAccess</code> rather than throwing
** it in the spec.)<P> * an exception.
** *
** SecurityManager's implementation always denies access. * @throws SecurityException if permission is denied
** * @see Toolkit#getPrintJob(Frame, String, Properties)
** @exception SecurityException if the operation is not * @since 1.1
** permitted. */
** @see java.awt.Toolkit.getPrintJob(java.awt.Frame,java.lang.String,java.util.Properties) public void checkPrintJobAccess()
**/ {
public void checkPrintJobAccess() { checkPermission(new RuntimePermission("queuePrintJob"));
throw new SecurityException("Cannot create print jobs."); }
}
/**
/** Check if the current thread is allowed to use the * Check if the current thread is allowed to use the system clipboard. This
** system clipboard.<P> * method is called by Toolkit.getSystemClipboard(). The default
** * implementation checks <code>AWTPermission("accessClipboard")</code>. If
** This method is called by Toolkit.getSystemClipboard(). * you override this, call <code>super.checkSystemClipboardAccess</code>
** (I assume.)<P> * rather than throwing an exception.
** *
** SecurityManager's implementation always denies access. * @throws SecurityException if permission is denied
** * @see Toolkit#getSystemClipboard()
** @exception SecurityException if the operation is not * @since 1.1
** permitted. */
** @see java.awt.Toolkit#getSystemClipboard() public void checkSystemClipboardAccess()
**/ {
public void checkSystemClipboardAccess() { checkPermission(new AWTPermission("accessClipboard"));
throw new SecurityException("Cannot access the system clipboard."); }
}
/**
/** Check if the current thread is allowed to use the AWT * Check if the current thread is allowed to use the AWT event queue. This
** event queue.<P> * method is called by Toolkit.getSystemEventQueue(). The default
** * implementation checks <code>AWTPermission("accessEventQueue")</code>.
** This method is called by Toolkit.getSystemEventQueue().<P> * you override this, call <code>super.checkAwtEventQueueAccess</code>
** * rather than throwing an exception.
** SecurityManager's implementation always denies access. *
** * @throws SecurityException if permission is denied
** @exception SecurityException if the operation is not * @see Toolkit#getSystemEventQueue()
** permitted. * @since 1.1
** @see java.awt.Toolkit#getSystemEventQueue() */
**/ public void checkAwtEventQueueAccess()
public void checkAwtEventQueueAccess() { {
// Should be: checkPermission(new AWTPermission("accessEventQueue"));
throw new SecurityException("Cannot access the AWT event queue."); throw new SecurityException("Cannot access the AWT event queue.");
} }
/** Check if the current thread is allowed to access the /**
** specified package at all.<P> * Check if the current thread is allowed to access the specified package
** * at all. This method is called by ClassLoader.loadClass() in user-created
** This method is called by ClassLoader.loadClass() in * ClassLoaders. The default implementation gets a list of all restricted
** user-created ClassLoaders.<P> * packages, via <code>Security.getProperty("package.access")</code>. Then,
** * if packageName starts with or equals any restricted package, it checks
** SecurityManager's implementation always denies access. * <code>RuntimePermission("accessClassInPackage." + packageName)</code>.
** * If you override this, you should call
** @param packageName the package name to check access to * <code>super.checkPackageAccess</code> before doing anything else.
** @exception SecurityException if the operation is not *
** permitted. * @param packageName the package name to check access to
** @see java.lang.ClassLoader#loadClass(java.lang.String,boolean) * @throws SecurityException if permission is denied
**/ * @throws NullPointerException if packageName is null
public void checkPackageAccess(String packageName) { * @see ClassLoader#loadClass(String, boolean)
throw new SecurityException("Cannot access packages via the ClassLoader."); * @see Security#getProperty(String)
} */
public void checkPackageAccess(String packageName)
/** Check if the current thread is allowed to define {
** classes the specified package. If the class already checkPackageList(packageName, "access", "accessClassInPackage.");
** created, though, ClassLoader.loadClass() can still }
** return the Class if checkPackageAccess() checks out.<P>
** /**
** This method is called by ClassLoader.loadClass() in * Check if the current thread is allowed to define a class into the
** user-created ClassLoaders.<P> * specified package. This method is called by ClassLoader.loadClass() in
** * user-created ClassLoaders. The default implementation gets a list of all
** SecurityManager's implementation always denies access. * restricted packages, via
** * <code>Security.getProperty("package.definition")</code>. Then, if
** @param packageName the package name to check access to * packageName starts with or equals any restricted package, it checks
** @exception SecurityException if the operation is not * <code>RuntimePermission("defineClassInPackage." + packageName)</code>.
** permitted. * If you override this, you should call
** @see java.lang.ClassLoader#loadClass(java.lang.String,boolean) * <code>super.checkPackageDefinition</code> before doing anything else.
**/ *
public void checkPackageDefinition(String packageName) { * @param packageName the package name to check access to
throw new SecurityException("Cannot load classes into any packages via the ClassLoader."); * @throws SecurityException if permission is denied
} * @throws NullPointerException if packageName is null
* @see ClassLoader#loadClass(String, boolean)
/** Check if the current thread is allowed to set the * @see Security#getProperty(String)
** current socket factory.<P> */
** public void checkPackageDefinition(String packageName)
** This method is called by Socket.setSocketImplFactory(), {
** ServerSocket.setSocketFactory(), and checkPackageList(packageName, "definition", "defineClassInPackage.");
** URL.setURLStreamHandlerFactory().<P> }
**
** SecurityManager's implementation always denies access. /**
** * Check if the current thread is allowed to set the current socket factory.
** @exception SecurityException if the operation is not * This method is called by Socket.setSocketImplFactory(),
** permitted. * ServerSocket.setSocketFactory(), and URL.setURLStreamHandlerFactory().
** @see java.net.Socket#setSocketImplFactory(java.net.SocketImplFactory) * The default implementation checks
** @see java.net.ServerSocket#setSocketFactory(java.net.SocketImplFactory) * <code>RuntimePermission("setFactory")</code>. If you override this, call
** @see java.net.URL#setURLStreamHandlerFactory(java.net.URLStreamHandlerFactory) * <code>super.checkSetFactory</code> rather than throwing an exception.
**/ *
public void checkSetFactory() { * @throws SecurityException if permission is denied
throw new SecurityException("Cannot set the socket factory."); * @see Socket#setSocketImplFactory(SocketImplFactory)
} * @see ServerSocket#setSocketFactory(SocketImplFactory)
* @see URL#setURLStreamHandlerFactory(URLStreamHandlerFactory)
/** Check if the current thread is allowed to get certain */
** types of Methods, Fields and Constructors from a Class public void checkSetFactory()
** object.<P> {
** checkPermission(new RuntimePermission("setFactory"));
** This method is called by Class.getMethod[s](), }
** Class.getField[s](), Class.getConstructor[s],
** Class.getDeclaredMethod[s](), /**
** Class.getDeclaredField[s](), and * Check if the current thread is allowed to get certain types of Methods,
** Class.getDeclaredConstructor[s]().<P> * Fields and Constructors from a Class object. This method is called by
** * Class.getMethod[s](), Class.getField[s](), Class.getConstructor[s],
** SecurityManager's implementation always denies access. * Class.getDeclaredMethod[s](), Class.getDeclaredField[s](), and
** * Class.getDeclaredConstructor[s](). The default implementation allows
** @param c the Class to check * PUBLIC access, and access to classes defined by the same classloader as
** @param memberType the type of members to check * the code performing the reflection. Otherwise, it checks
** against, either Member.DECLARED or * <code>RuntimePermission("accessDeclaredMembers")</code>. If you override
** Member.PUBLIC. * this, do not call <code>super.checkMemberAccess</code>, as this would
** @exception SecurityException if the operation is not * mess up the stack depth check that determines the ClassLoader requesting
** permitted. * the access.
** @see java.lang.Class *
** @see java.lang.reflect.Member#DECLARED * @param c the Class to check
** @see java.lang.reflect.Member#PUBLIC * @param memberType either DECLARED or PUBLIC
**/ * @throws SecurityException if permission is denied, including when
public void checkMemberAccess(Class c, int memberType) { * memberType is not DECLARED or PUBLIC
throw new SecurityException("Cannot access members of classes."); * @throws NullPointerException if c is null
} * @see Class
* @see Member#DECLARED
/** Test whether a particular security action may be * @see Member#PUBLIC
** taken. * @since 1.1
** @param action the desired action to take */
** @exception SecurityException if the action is denied. public void checkMemberAccess(Class c, int memberType)
** @XXX I have no idea what actions must be tested {
** or where. if (c == null)
**/ throw new NullPointerException();
public void checkSecurityAccess(String action) { if (memberType == Member.PUBLIC)
checkPermission (new java.security.SecurityPermission (action)); return;
} // XXX Allow access to classes created by same classloader before next
// check.
/** Get the ThreadGroup that a new Thread should belong checkPermission(new RuntimePermission("accessDeclaredMembers"));
** to by default.<P> }
**
** Called by Thread.Thread().<P> /**
** * Test whether a particular security action may be taken. The default
** SecurityManager's implementation just uses the * implementation checks <code>SecurityPermission(action)</code>. If you
** ThreadGroup of the current Thread.<P> * override this, call <code>super.checkSecurityAccess</code> rather than
** * throwing an exception.
** <STRONG>Spec Note:</STRONG> it is not clear whether *
** the new Thread is guaranteed to pass the * @param action the desired action to take
** checkAccessThreadGroup() test when using this * @throws SecurityException if permission is denied
** ThreadGroup. I presume so. * @throws NullPointerException if action is null
** * @throws IllegalArgumentException if action is ""
** @return the ThreadGroup to put the new Thread into. * @since 1.1
**/ */
public ThreadGroup getThreadGroup() { public void checkSecurityAccess(String action)
{
checkPermission(new SecurityPermission(action));
}
/**
* Get the ThreadGroup that a new Thread should belong to by default. Called
* by Thread.Thread(). The default implementation returns the current
* ThreadGroup of the current Thread. <STRONG>Spec Note:</STRONG> it is not
* clear whether the new Thread is guaranteed to pass the
* checkAccessThreadGroup() test when using this ThreadGroup, but I presume
* so.
*
* @return the ThreadGroup to put the new Thread into
* @since 1.1
*/
public ThreadGroup getThreadGroup()
{
return Thread.currentThread().getThreadGroup(); return Thread.currentThread().getThreadGroup();
} }
public SecurityManager () { /**
if (System.getSecurityManager () != null) * Helper that checks a comma-separated list of restricted packages, from
throw new SecurityException (); * <code>Security.getProperty("package.definition")</code>, for the given
* package access permission. If packageName starts with or equals any
* restricted package, it checks
* <code>RuntimePermission(permission + packageName)</code>.
*
* @param packageName the package name to check access to
* @param restriction the list of restrictions, after "package."
* @param permission the base permission, including the '.'
* @throws SecurityException if permission is denied
* @throws NullPointerException if packageName is null
* @see #checkPackageAccess(String)
* @see #checkPackageDefinition(String)
*/
void checkPackageList(String packageName, String restriction,
String permission)
{
// Use the toString() hack to do the null check.
Permission p = new RuntimePermission(permission + packageName.toString());
String list = Security.getProperty("package." + restriction);
if (list == null)
return;
while (! "".equals(packageName))
{
for (int index = list.indexOf(packageName);
index != -1; index = list.indexOf(packageName, index + 1))
{
int packageNameCount = packageName.length();
if (index + packageNameCount == list.length()
|| list.charAt(index + packageNameCount) == ',')
{
checkPermission(p);
return;
} }
} }
int index = packageName.lastIndexOf('.');
packageName = index < 0 ? "" : packageName.substring(0, index);
}
}
} // class SecurityManager
// XXX This class is unnecessary.
class SecurityContext { class SecurityContext {
Class[] classes; Class[] classes;
SecurityContext(Class[] classes) { SecurityContext(Class[] classes) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment