Commit e0f23fcd by Bryce McKinlay Committed by Bryce McKinlay

AccessibleObject.java (secureSetAccessible): Don't check for AccessibleObject.

	* java/lang/reflect/AccessibleObject.java (secureSetAccessible):
	Don't check for AccessibleObject. Update javadocs.

From-SVN: r72943
parent b9b5672b
2003-10-26 Bryce McKinlay <bryce@mckinlay.net.nz> 2003-10-26 Bryce McKinlay <bryce@mckinlay.net.nz>
* java/lang/reflect/AccessibleObject.java (secureSetAccessible):
Don't check for AccessibleObject. Update javadocs.
2003-10-26 Bryce McKinlay <bryce@mckinlay.net.nz>
* java/lang/reflect/Constructor.java (toString): Avoid extra * java/lang/reflect/Constructor.java (toString): Avoid extra
whitespace on constructor with no modifiers. whitespace on constructor with no modifiers.
* java/lang/reflect/natConstructor.java (newInstance): Look up * java/lang/reflect/natConstructor.java (newInstance): Look up
......
...@@ -59,8 +59,7 @@ public class AccessibleObject ...@@ -59,8 +59,7 @@ public class AccessibleObject
{ {
/** /**
* True if this object is marked accessible, which means the reflected * True if this object is marked accessible, which means the reflected
* object bypasses normal security checks. <em>NOTE</em>Don't try messing * object bypasses normal security checks.
* with this by reflection. You'll mess yourself up.
*/ */
// default visibility for use by inherited classes // default visibility for use by inherited classes
boolean flag = false; boolean flag = false;
...@@ -88,19 +87,11 @@ public class AccessibleObject ...@@ -88,19 +87,11 @@ public class AccessibleObject
* security check. If a security manager exists, it is checked for * security check. If a security manager exists, it is checked for
* <code>ReflectPermission("suppressAccessChecks")</code>.<p> * <code>ReflectPermission("suppressAccessChecks")</code>.<p>
* *
* If <code>flag</code> is true, and the initial security check succeeds, * It is forbidden to set the accessibility flag to true on any constructor
* this can still fail if a forbidden object is encountered, leaving the * for java.lang.Class. This will result in a SecurityException. If the
* array half-modified. At the moment, the forbidden members are:<br> * SecurityException is thrown for any of the passed AccessibleObjects,
* <ul> * the accessibility flag will be set on AccessibleObjects in the array prior
* <li>Any Constructor for java.lang.Class</li> * to the one which resulted in the exception.
* <li>Any AccessibleObject for java.lang.reflect.AccessibleObject
* (this is not specified by Sun, but it closes a big security hole
* where you can use reflection to bypass the security checks that
* reflection is supposed to provide)</li>
* </ul>
* (Sun has not specified others, but good candidates might include
* ClassLoader, String, and such. However, the more checks we do, the
* slower this method gets).
* *
* @param array the array of accessible objects * @param array the array of accessible objects
* @param flag the desired state of accessibility, true to bypass security * @param flag the desired state of accessibility, true to bypass security
...@@ -121,19 +112,8 @@ public class AccessibleObject ...@@ -121,19 +112,8 @@ public class AccessibleObject
* manager exists, it is checked for * manager exists, it is checked for
* <code>ReflectPermission("suppressAccessChecks")</code>.<p> * <code>ReflectPermission("suppressAccessChecks")</code>.<p>
* *
* If <code>flag</code> is true, and the initial security check succeeds, * It is forbidden to set the accessibility flag to true on any constructor for
* this will still fail for a forbidden object. At the moment, the * java.lang.Class. This will result in a SecurityException.
* forbidden members are:<br>
* <ul>
* <li>Any Constructor for java.lang.Class</li>
* <li>Any AccessibleObject for java.lang.reflect.AccessibleObject
* (this is not specified by Sun, but it closes a big security hole
* where you can use reflection to bypass the security checks that
* reflection is supposed to provide)</li>
* </ul>
* (Sun has not specified others, but good candidates might include
* ClassLoader, String, and such. However, the more checks we do, the
* slower this method gets).
* *
* @param flag the desired state of accessibility, true to bypass security * @param flag the desired state of accessibility, true to bypass security
* @throws NullPointerException if array is null * @throws NullPointerException if array is null
...@@ -165,15 +145,14 @@ public class AccessibleObject ...@@ -165,15 +145,14 @@ public class AccessibleObject
* after calling checkPermission. * after calling checkPermission.
* *
* @param flag the desired status * @param flag the desired status
* @throws SecurityException if flag is true and this is one of the * @throws SecurityException if flag is true and this is a constructor
* forbidden members mentioned in {@link setAccessible(boolean)}. * for <code>java.lang.Class</code>.
*/ */
private final void secureSetAccessible(boolean flag) private final void secureSetAccessible(boolean flag)
{ {
if (flag && if (flag &&
((this instanceof Constructor (this instanceof Constructor
&& ((Constructor) this).getDeclaringClass() == Class.class) && ((Constructor) this).getDeclaringClass() == Class.class))
|| ((Member) this).getDeclaringClass() == AccessibleObject.class))
throw new SecurityException("Cannot make object accessible: " + this); throw new SecurityException("Cannot make object accessible: " + this);
this.flag = flag; this.flag = flag;
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment