Java 1.2 How-To

home *** CD-ROM | disk | FTP | other *** search

/ Java 1.2 How-To / JavaHowTo.iso / 3rdParty / jbuilder / unsupported / JDK1.2beta3 / SOURCE / SRC.ZIP / java / lang / SecurityManager.java < prev next >

Wrap

Java Source | 1998-03-20 | 46.3 KB | 1,187 lines

/* * @(#)SecurityManager.java 1.81 98/03/18 * * Copyright 1995-1998 by Sun Microsystems, Inc., * 901 San Antonio Road, Palo Alto, California, 94303, U.S.A. * All rights reserved. * * This software is the confidential and proprietary information * of Sun Microsystems, Inc. ("Confidential Information"). You * shall not disclose such Confidential Information and shall use * it only in accordance with the terms of the license agreement * you entered into with Sun. */ package java.lang; import java.security.*; import java.io.FileDescriptor; import java.io.File; import java.io.FilePermission; import java.awt.AWTPermission; import java.util.PropertyPermission; import java.lang.RuntimePermission; import java.net.SocketPermission; import java.net.NetPermission; import java.util.Hashtable; import java.net.InetAddress; import java.lang.reflect.Member; import java.lang.reflect.*; import java.net.URL; /** * The security manager is a class that allows * applications to implement a security policy. It allows an * application to determine, before performing a possibly unsafe or * sensitive operation, what the operation is and whether the * operation is being performed by a class created via a class loader * rather than installed locally. Classes loaded via a class loader * (especially if they have been downloaded over a network) may be * less trustworthy than classes from files installed locally. The * application can allow or disallow the operation. * * The <code>SecurityManager</code> class contains many methods with * names that begin with the word <code>check</code>. These methods * are called by various methods in the Java libraries before those * methods perform certain potentially sensitive operations. The * invocation of such a check method typically looks like this: * <blockquote><pre> * SecurityManager security = System.getSecurityManager(); * if (security != null) { * security.checkXXX(argument, . . . ); * } * </pre></blockquote> * * The security manager is thereby given an opportunity to prevent * completion of the operation by throwing an exception. A security * manager routine simply returns if the operation is permitted, but * throws a <code>SecurityException</code> if the operation is not * permitted. The only exception to this convention is * <code>checkTopLevelWindow</code>, which returns a * <code>boolean</code> value. * * The current security manager is set by the * <code>setSecurityManager</code> method in class * <code>System</code>. The current security manager is obtained * by the <code>getSecurityManager</code> method. * * As of JDK 1.2, the default implementation of each of the * <code>check</code>XXX methods is to use the AccessController * to determine if the caller has permission to perform the requested * operation. * * The special method * <a href = "#checkPermission(java.security.Permission)">checkPermission</a> * determines whether an access request indicated by a specified * permission should be granted or denied. The * default implementation calls * * <pre> * AccessController.checkPermission(perm); * </pre> * * * If a requested access is allowed, * <code>checkPermission</code> returns quietly. If denied, a * SecurityException is thrown. * * Note that the <code>checkPermission</code> method with * just a single permission argument always performs security checks * within the context of the currently executing thread. * Sometimes a security check that should be made within a given context * will actually need to be done from within a * different context (for example, from within a worker thread). * The <a href = "#getSecurityContext">getSecurityContext</a> method and * the <a href = "#checkPermission(java.security.Permission, java.lang.Object)">checkPermission</a> * method that includes a context argument are provided * for this situation. The * <code>getSecurityContext</code> method returns a "snapshot" * of the current calling context. (The default implementation * returns an AccessControlContext object.) A sample call is * the following: * * <pre> * Object context = null; * SecurityManager sm = System.getSecurityManager(); * if (sm != null) context = sm.getSecurityContext(); * </pre> * * * The <code>checkPermission</code> method * that takes a context object (in addition to a permission) * makes access decisions based on that context, * rather than that of the current execution thread. * Code within a different context can thus call that method, * passing the permission and the * previously-saved context object. A sample call (using the * SecurityManager <code>sm</code> obtained as in the previous example) * is the following: * * <pre> * if (sm != null) sm.checkPermission(permission, context); * </pre> * * Permissions fall into these categories: File, Socket, Net, * Security, Runtime, Property, and AWT. The classes managing these various * permission categories are <code>java.io.FilePermission</code>, * <code>java.net.SocketPermission</code>, * <code>java.net.NetPermission</code>, * <code>java.security.SecurityPermission</code>, * <code>java.lang.RuntimePermission</code>, * <code>java.util.PropertyPermission</code>, and * <code>java.awt.AWTPermission</code>. * * All but the first two (FilePermission and SocketPermission) are * subclasses of <code>java.security.BasicPermission</code>, which itself * is an abstract subclass of the * top-level class for permissions, which is * <code>java.security.Permission</code>. BasicPermission defines the * functionality needed for all permissions that contain a name * that follows the hierarchical property naming convention * (for example, "exit", "setFactory", "print.queueJob", etc). * An asterisk * may appear at the end of the name, following a ".", or by itself, to * signify a wildcard match. For example: "a.*" or "*" is valid, * "*a" or "a*b" is not valid. * * FilePermission and SocketPermission are subclasses of the * top-level class for permissions * (<code>java.security.Permission</code>). Classes like these * that have a more complicated name syntax than that used by * BasicPermission subclass directly from Permission rather than from * BasicPermission. For example, * for a <code>java.io.FilePermission</code> object, the permission name is * the pathname of a file (or directory). * * Some of the permission classes have an "actions" list that tells * the actions that are permitted for the object. For example, * for a <code>java.io.FilePermission</code> object, the actions list * (such as "read, write") specifies which actions are granted for the * specified file (or for files in the specified directory). * * Other permission classes are for "named" permissions - * ones that contain a name but no actions list; you either have the * named permission or you don't. * * Note: There is also a <code>java.security.AllPermission</code> * permission that implies all permissions. It exists to simplify the work * of system administrators who might need to perform multiple * tasks that require all (or numerous) permissions. * * The permission namespace is organized * in the manner shown below. For each category, the category name * is given, followed by an indented list of permission names * (such as "createClassLoader" and "exit") and permission name * types in braces (such as "{property name}" to represent an * actual property name). Each permission name (or name type) * is followed by the name in parentheses of the SecurityManager * class(es) that handle that kind of permission. * <pre> * RuntimePermission * createClassLoader (checkCreateClassLoader) * exit (checkExit) * setFactory (checkSetFactory) * setIO (java.lang.System.{setIn,setOut,SetErr}) * thread (checkAccess(Thread), checkAccess(ThreadGroup)) * fileDescriptor.read (checkRead(FileDescriptor)) * fileDescriptor.write (checkWrite(FileDescriptor)) * loadLibrary.{library name} (checkLink) * package.access.{package name} (checkPackageAccess) * package.define.{package name} (checkPackageDefinition) * reflect.declared.{class name} (checkMemberAccess) * print.queueJob (checkPrintJobAccess) * NetPermission * multicast (checkMulticast) * Authenticator.setDefault * Authenticator.requestPasswordAuthentication * PropertyPermission * * (checkPropertiesAccess) * {property name} (checkPropertyAccess) * AWTPermission * topLevelWindow (checkTopLevelWindow) * systemClipboard (checkSystemClipboardAccess) * eventQueue (checkAwtEventQueueAccess) * SecurityPermission * {action} (checkSecurityAccess) * FilePermission * {file or directory pathname} (checkExec, * checkRead(String), checkWrite(String), checkDelete} * SocketPermission * {host:port} {checkConnect, checkListen, checkAccept} * </pre> * * @author Arthur van Hoff * @author Roland Schemers * * @version 1.81, 03/18/98 * @see java.lang.ClassLoader * @see java.lang.SecurityException * @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object) * @see java.lang.System#getSecurityManager() * @see java.lang.System#setSecurityManager(java.lang.SecurityManager) * @see java.security.AccessController * @see java.security.AccessControlContext * @see java.security.AccessControlException * @see java.security.Permission * @see java.security.BasicPermission * @see java.io.FilePermission * @see java.net.SocketPermission * @see java.util.PropertyPermission * @see java.lang.RuntimePermission * @see java.awt.AWTPermission * @see java.security.Policy * @see java.security.SecurityPermission * @see java.security.ProtectionDomain * * @since JDK1.0 */ public class SecurityManager { /** * This field is <code>true</code> if there is a security check in * progress; <code>false</code> otherwise. * * @deprecated This type of security checking is not recommended. * It is recommended that the <code>checkPermission</code> * call be used instead. */ protected boolean inCheck; /* * Have we been initialized. Effective against finalizer attacks. */ private boolean initialized = false; // static permissions. Create here and used in the various // check permission calls private static final RuntimePermission createClassLoaderPermission = new RuntimePermission("createClassLoader"); private static final RuntimePermission threadPermission = new RuntimePermission("thread"); private static final PropertyPermission propertiesPermission = new PropertyPermission("*", "read,write"); private static final AWTPermission topLevelWindowPermission = new AWTPermission("topLevelWindow"); /** * Tests if there is a security check in progress. * * @return the value of the <code>inCheck</code> field. This field * should contain <code>true</code> if a security check is * in progress, * <code>false</code> otherwise. * @see java.lang.SecurityManager#inCheck * @deprecated This type of security checking is not recommended. * It is recommended that the <code>checkPermission</code> * call be used instead. */ public boolean getInCheck() { return inCheck; } /** * Constructs a new <code>SecurityManager</code>. An application is * not allowed to create a new security manager if there is already a * current security manager. * * @exception SecurityException if a security manager already exists. * @see java.lang.System#getSecurityManager() */ public SecurityManager() { synchronized(SecurityManager.class) { if (System.getSecurityManager() != null) { throw new SecurityException("security manager already installed."); } initialized = true; } } /** * Returns the current execution stack as an array of classes. * * The length of the array is the number of methods on the execution * stack. The element at index <code>0</code> is the class of the * currently executing method, the element at index <code>1</code> is * the class of that method's caller, and so on. * * @return the execution stack. */ protected native Class[] getClassContext(); /** * Returns an object describing the most recent class loader executing * on the stack. * * @return the class loader of the most recent occurrence on the stack * of a method from a class defined using a class loader; * returns <code>null</code> if there is no occurrence on the * stack of a method from a class defined using a class loader. */ protected native ClassLoader currentClassLoader(); /** * Returns the current Class with a ClassLoader on the execution stack. * * @since JDK1.1 */ protected Class currentLoadedClass() { return currentLoadedClass0(); } /** * Returns the stack depth of the specified class. * * @param name the fully qualified name of the class to search for. * @return the depth on the stack frame of the first occurrence of a * method from a class with the specified name; * <code>-1</code> if such a frame cannot be found. * @deprecated This type of security checking is not recommended. * It is recommended that the <code>checkPermission</code> * call be used instead. * */ protected native int classDepth(String name); /** * Returns the stack depth of the most recently executing method * from a class defined using a class loader. * * @return the depth on the stack frame of the most recent occurrence of * a method from a class defined using a class loader; returns * <code>-1</code> if there is no occurrence of a method from * a class defined using a class loader. * @deprecated This type of security checking is not recommended. * It is recommended that the <code>checkPermission</code> * call be used instead. */ protected native int classLoaderDepth(); /** * Tests if a method from a class with the specified * name is on the execution stack. * * @param name the fully qualified name of the class. * @return <code>true</code> if a method from a class with the specified * name is on the execution stack; <code>false</code> otherwise. * @deprecated This type of security checking is not recommended. * It is recommended that the <code>checkPermission</code> * call be used instead. */ protected boolean inClass(String name) { return classDepth(name) >= 0; } /** * Tests if a method from a class defined using a * class loader is on the execution stack. * * @return <code>true</code> if a method from a class defined using a * class loader is on the execution stack. * * @deprecated This type of security checking is not recommended. * It is recommended that the <code>checkPermission</code> * call be used instead. */ protected boolean inClassLoader() { return currentClassLoader() != null; } /** * Creates an object that encapsulates the current execution * environment. The result of this method is used, for example, by the * three-argument <code>checkConnect</code> method and by the * two-argument <code>checkRead</code> method. * The default implementation of this method is to return * an <code>AccessControlContext</code> object. * * These methods are needed because a trusted method may be called * on to read a file or open a socket on behalf of another method. * The trusted method needs to determine if the other (possibly * untrusted) method would be allowed to perform the operation on its * own. * * @return an implementation-dependent object that encapsulates * sufficient information about the current execution environment * to perform some security checks later. * @see java.lang.SecurityManager#checkConnect(java.lang.String, int, java.lang.Object) * @see java.lang.SecurityManager#checkRead(java.lang.String, java.lang.Object) */ public Object getSecurityContext() { return AccessController.getContext(); } /** * Throws a <code>SecurityException</code> if the requested * access, specified by the given permission, is not permitted based * on the security policy currently in effect. * * The <code>checkPermission</code> method for class * <code>SecurityManager</code> calls * <code>AccessController.checkPermission</code> with the * given permission. * * @param perm the requested permission * @exception SecurityException if access is not permitted based on * the current security policy. * @since JDK1.2 */ public void checkPermission(Permission perm) { java.security.AccessController.checkPermission(perm); } /** * Throws a <code>SecurityException</code> if the * specified security context is denied access to the resource * specified by the given permission. * The context must be a security * context returned by a previous call to * <code>getSecurityContext</code> and the access control * decision is based upon the configured security policy for * that security context. * * If <code>context</code> is an instance of * <code>AccessControlContext</code> then the * <code>AccessControlContext.checkPermission</code> method will * be invoked with the specified permission. * * If <code>context</code> is not an instance of * <code>AccessControlContext</code> then a * <code>SecurityException</code> is thrown. * * @param perm the specified permission * @param context a system-dependent security context. * @exception SecurityException if the specified security context is * denied access to the resource specified by the * given permission. * @see java.lang.SecurityManager#getSecurityContext() * @since JDK1.2 */ public void checkPermission(Permission perm, Object context) { if (context instanceof AccessControlContext) { ((AccessControlContext)context).checkPermission(perm); } else { throw new SecurityException(); } } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to create a new class loader. * * The <code>checkCreateClassLoader</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("createClassLoader")</code> * permission. * * @exception SecurityException if the caller does not have permission * to create a new class loader. * @see java.lang.ClassLoader#ClassLoader() */ public void checkCreateClassLoader() { checkPermission(createClassLoaderPermission); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to modify the thread argument. * * This method is invoked for the current security manager by the * <code>stop</code>, <code>suspend</code>, <code>resume</code>, * <code>setPriority</code>, <code>setName</code>, and * <code>setDaemon</code> methods of class <code>Thread</code>. * * The <code>checkAccess</code> method for class * <code>SecurityManager</code> first sees if the current * thread's ThreadGroup is a parent of <code>t</code>'s ThreadGroup. * If so, it returns. If not it calls * <code>checkPermission</code> with the * <code>RuntimePermission("thread")</code> permission. * * @param t the thread to be checked. * @exception SecurityException if the caller does not have * permission to modify the thread. * @see java.lang.System#getSecurityManager() * @see java.lang.Thread#resume() * @see java.lang.Thread#setDaemon(boolean) * @see java.lang.Thread#setName(java.lang.String) * @see java.lang.Thread#setPriority(int) * @see java.lang.Thread#stop() * @see java.lang.Thread#suspend() */ public void checkAccess(Thread t) { ThreadGroup ctg = Thread.currentThread().getThreadGroup(); if (!ctg.parentOf(t.getThreadGroup())) { checkPermission(threadPermission); } } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to modify the thread group argument. * * This method is invoked for the current security manager when a * new child thread or child thread group is created, and by the * <code>setDaemon</code>, <code>setMaxPriority</code>, * <code>stop</code>, <code>suspend</code>, <code>resume</code>, and * <code>destroy</code> methods of class <code>ThreadGroup</code>. * * * The <code>checkAccess</code> method for class * <code>SecurityManager</code> first sees if the current * thread's ThreadGroup is a parent of <code>t</code>'s ThreadGroup. * If so, it returns. If not it calls * <code>checkPermission</code> with the * <code>RuntimePermission("thread")</code> permission. * * @param g the thread group to be checked. * @exception SecurityException if the caller does not have * permission to modify the thread group. * @see java.lang.System#getSecurityManager() * @see java.lang.ThreadGroup#destroy() * @see java.lang.ThreadGroup#resume() * @see java.lang.ThreadGroup#setDaemon(boolean) * @see java.lang.ThreadGroup#setMaxPriority(int) * @see java.lang.ThreadGroup#stop() * @see java.lang.ThreadGroup#suspend() */ public void checkAccess(ThreadGroup g) { ThreadGroup ctg = Thread.currentThread().getThreadGroup(); if (!ctg.parentOf(g)) { checkPermission(threadPermission); } } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to cause the Java Virtual Machine to * halt with the specified status code. * * This method is invoked for the current security manager by the * <code>exit</code> method of class <code>Runtime</code>. A status * of <code>0</code> indicates success; other values indicate various * errors. * * The <code>checkExit</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("exit")</code> permission. * * @param status the exit status. * @exception SecurityException if the caller does not have permission * to halt the Java Virtual Machine with the specified status. * @see java.lang.Runtime#exit(int) * @see java.lang.System#getSecurityManager() */ public void checkExit(int status) { checkPermission(new RuntimePermission("exit")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to create a subprocess. * * This method is invoked for the current security manager by the * <code>exec</code> methods of class <code>Runtime</code>. * * The <code>checkExec</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>FilePermission(cmd,"execute")</code> permission. * * @param cmd the specified system command. * @exception SecurityException if the caller does not have permission * to create a subprocess. * @see java.lang.Runtime#exec(java.lang.String) * @see java.lang.Runtime#exec(java.lang.String, java.lang.String[]) * @see java.lang.Runtime#exec(java.lang.String[]) * @see java.lang.Runtime#exec(java.lang.String[], java.lang.String[]) * @see java.lang.System#getSecurityManager() */ public void checkExec(String cmd) { File f = new File(cmd); if (f.isAbsolute()) { checkPermission(new FilePermission(cmd, "execute")); } else { checkPermission(new FilePermission("<<ALL FILES>>", "execute")); } } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to dynamic link the library code * specified by the string argument file. The argument is either a * simple library name or a complete filename. * * This method is invoked for the current security manager by * methods <code>load</code> and <code>loadLibrary</code> of class * <code>Runtime</code>. * * The <code>checkLink</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("loadLibrary."+lib)</code> permission. * * @param lib the name of the library. * @exception SecurityException if the caller does not have * permission to dynamically link the library. * @see java.lang.Runtime#load(java.lang.String) * @see java.lang.Runtime#loadLibrary(java.lang.String) * @see java.lang.System#getSecurityManager() */ public void checkLink(String lib) { checkPermission(new RuntimePermission("loadLibrary."+lib)); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to read from the specified file * descriptor. * * The <code>checkRead</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("fileDescriptor.read")</code> * permission. * * @param fd the system-dependent file descriptor. * @exception SecurityException if the caller does not have * permission to access the specified file descriptor. * @see java.io.FileDescriptor */ public void checkRead(FileDescriptor fd) { checkPermission(new RuntimePermission("fileDescriptor.read")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to read the file specified by the * string argument. * * The <code>checkRead</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>FilePermission(file,"read")</code> permission. * * @param file the system-dependent file name. * @exception SecurityException if the caller does not have * permission to access the specified file. */ public void checkRead(String file) { checkPermission(new FilePermission(file, "read")); } /** * Throws a <code>SecurityException</code> if the * specified security context is not allowed to read the file * specified by the string argument. The context must be a security * context returned by a previous call to * <code>getSecurityContext</code>. * If <code>context</code> is an instance of * <code>AccessControlContext</code> then the * <code>AccessControlContext.checkPermission</code> method will * be invoked with the <code>FilePermission(file,"read")</code> permission. * If <code>context</code> is not an instance of * <code>AccessControlContext</code> then a * <code>SecurityException</code> is thrown. * * @param file the system-dependent filename. * @param context a system-dependent security context. * @exception SecurityException if the specified security context does * not have permission to read the specified file. * @see java.lang.SecurityManager#getSecurityContext() */ public void checkRead(String file, Object context) { if (context instanceof AccessControlContext) { ((AccessControlContext)context).checkPermission( new FilePermission(file, "read")); } else{ throw new SecurityException(); } } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to write to the specified file * descriptor. * * The <code>checkWrite</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("fileDescriptor.write")</code> * permission. * * @param fd the system-dependent file descriptor. * @exception SecurityException if the caller does not have * permission to access the specified file descriptor. * @see java.io.FileDescriptor */ public void checkWrite(FileDescriptor fd) { checkPermission(new RuntimePermission("fileDescriptor.write")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to write to the file specified by * the string argument. * * The <code>checkWrite</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>FilePermission(file,"write")</code> permission. * * @param file the system-dependent filename. * @exception SecurityException if the caller does not * have permission to access the specified file. */ public void checkWrite(String file) { checkPermission(new FilePermission(file, "write")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to delete the specified file. * * This method is invoked for the current security manager by the * <code>delete</code> method of class <code>File</code>. * * The <code>checkDelete</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>FilePermission(file,"delete")</code> permission. * * @param file the system-dependent filename. * @exception SecurityException if the caller does not * have permission to delete the file. * * @see java.io.File#delete() * @see java.lang.System#getSecurityManager() */ public void checkDelete(String file) { checkPermission(new FilePermission(file, "delete")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to open a socket connection to the * specified host and port number. * * A port number of <code>-1</code> indicates that the calling * method is attempting to determine the IP address of the specified * host name. * * The <code>checkConnect</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>SocketPermission(host+":"+port,"connect")</code> permission if * the port is not equal to -1. If the port is equal to -1, then * it calls <code>checkPermission</code> with the * <code>SocketPermission(host,"resolve")</code> permission. * * @param host the host name port to connect to. * @param port the protocol port to connect to. * @exception SecurityException if the caller does not have * permission to open a socket connection to the specified * <code>host</code> and <code>port</code>. */ public void checkConnect(String host, int port) { if (port == -1) { checkPermission(new SocketPermission(host,"resolve")); } else { checkPermission(new SocketPermission(host+":"+port,"connect")); } } /** * Throws a <code>SecurityException</code> if the * specified security context is not allowed to open a socket * connection to the specified host and port number. * * A port number of <code>-1</code> indicates that the calling * method is attempting to determine the IP address of the specified * host name. * * If <code>context</code> is an instance of * <code>AccessControlContext</code> then the * <code>AccessControlContext.checkPermission</code> method will * be invoked with the * <code>SocketPermission(host+":"+port,"connect")</code> permission if * the port is not equal to -1. If the port is equal to -1, then * it calls <code>checkPermission</code> with the * <code>SocketPermission(host,"resolve")</code> permission. * * If <code>context</code> is not an instance of * <code>AccessControlContext</code> then a * <code>SecurityException</code> is thrown. * * @param host the host name port to connect to. * @param port the protocol port to connect to. * @param context a system-dependent security context. * @exception SecurityException if the specified security context does * not have permission to open a socket connection to the * specified <code>host</code> and <code>port</code>. * @see java.lang.SecurityManager#getSecurityContext() */ public void checkConnect(String host, int port, Object context) { if (context instanceof AccessControlContext) { if (port == -1) { ((AccessControlContext)context).checkPermission( new SocketPermission(host,"resolve")); } else { ((AccessControlContext)context).checkPermission( new SocketPermission(host+":"+port,"connect")); } } else{ throw new SecurityException(); } } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to wait for a connection request on * the specified local port number. * * If port is not 0, the <code>checkListen</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>SocketPermission("localhost:"+port,"listen")</code>. * If port is zero, calls <code>checkPermission</code> * with <code>SocketPermission("localhost:1024-","listen").</code> * * @param port the local port. * @exception SecurityException if the caller does not have * permission to listen on the specified port. */ public void checkListen(int port) { if (port == 0) { checkPermission(localListenPermission); } else { checkPermission(new SocketPermission("localhost:"+port,"listen")); } } private static final SocketPermission localListenPermission = new SocketPermission("localhost:1024-","listen"); /** * Throws a <code>SecurityException</code> if the * calling thread is not permitted to accept a socket connection from * the specified host and port number. * * This method is invoked for the current security manager by the * <code>accept</code> method of class <code>ServerSocket</code>. * * The <code>checkAccept</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>SocketPermission(host+":"+port,"accept")</code> permission. * * * @param host the host name of the socket connection. * @param port the port number of the socket connection. * @exception SecurityException if the caller does not have * permission to accept the connection. * @see java.lang.System#getSecurityManager() * @see java.net.ServerSocket#accept() */ public void checkAccept(String host, int port) { checkPermission(new SocketPermission(host+":"+port,"accept")); } /** * Tests if current execution context is allowed to use * (join/leave/send/receive) IP multicast. * * The <code>checkMulticast</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("multicast")</code> * permission. * * @param maddr Internet group address to be used. * @exception SecurityException if a security error has occurred. * @since JDK1.1 */ public void checkMulticast(InetAddress maddr) { checkPermission(new NetPermission("multicast")); } /** * Tests to see if current execution context is allowed to use * (join/leave/send/receive) IP multicast. * * The <code>checkMulticast</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("multicast")</code> * permission. * * * @param maddr Internet group address to be used. * @param ttl value in use, if it is multicast send. * @exception SecurityException if a security error has occurred. * @since JDK1.1 */ public void checkMulticast(InetAddress maddr, byte ttl) { checkPermission(new NetPermission("multicast")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to access or modify the system * properties. * * This method is used by the <code>getProperties</code> and * <code>setProperties</code> methods of class <code>System</code>. * * The <code>checkPropertiesAccess</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>PropertyPermission("*", "read,write")</code> permission. * * * @exception SecurityException if the caller does not have * permission to access or modify the system properties. * @see java.lang.System#getProperties() * @see java.lang.System#setProperties(java.util.Properties) */ public void checkPropertiesAccess() { checkPermission(propertiesPermission); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to access the system property with * the specified <code>key</code> name. * * This method is used by the <code>getProperty</code> method of * class <code>System</code>. * * The <code>checkPropertyAccess</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>PropertyPermission(key, "read")</code> permission. * * * @param key a system property key. * @exception SecurityException if the caller does not have * permission to access the specified system property. * @see java.lang.System#getProperty(java.lang.String) */ public void checkPropertyAccess(String key) { checkPermission(new PropertyPermission(key,"read")); } /** * Returns <code>false</code> if the calling * thread is not trusted to bring up the top-level window indicated * by the <code>window</code> argument. In this case, the caller can * still decide to show the window, but the window should include * some sort of visual warning. If the method returns * <code>true</code>, then the window can be shown without any * special restrictions. * * See class <code>Window</code> for more information on trusted and * untrusted windows. * * This method calls * <code>checkPermission</code> with the * <code>AWTPermission("topLevelWindow")</code> permission, * and returns true if an SecurityException is not thrown, otherwise * it returns false. * * @param window the new window that is being created. * @return <code>true</code> if the caller is trusted to put up * top-level windows; <code>false</code> otherwise. * @exception SecurityException if creation is disallowed entirely. * @see java.awt.Window */ public boolean checkTopLevelWindow(Object window) { try { checkPermission(topLevelWindowPermission); return true; } catch (SecurityException se) { // just return false } return false; } /** * Tests if a client can initiate a print job request. * * This method calls * <code>checkPermission</code> with the * <code>RuntimePermission("print.queueJob")</code> permission. * * * @exception SecurityException if the caller does not have * permission to initiate a print job request. * @since JDK1.1 */ public void checkPrintJobAccess() { checkPermission(new RuntimePermission("print.queueJob")); } /** * Tests if a client can get access to the system clipboard. * * This method calls <code>checkPermission</code> with the * <code>AWTPermission("systemClipboard")</code> * permission. * * @since JDK1.1 * @exception SecurityException if the caller does not have * permission to accesss the system clipboard. */ public void checkSystemClipboardAccess() { checkPermission(new AWTPermission("systemClipboard")); } /** * Tests if a client can get access to the AWT event queue. * * This method calls <code>checkPermission</code> with the * <code>AWTPermission("eventQueue")</code> permission. * * @since JDK1.1 * @exception SecurityException if the caller does not have * permission to accesss the AWT event queue. */ public void checkAwtEventQueueAccess() { checkPermission(new AWTPermission("eventQueue")); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to access the package specified by * the argument. * * This method is used by the <code>loadClass</code> method of class * loaders. * * The <code>checkPackageAccess</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("package.access."+pkg)</code> * permission. * * @param pkg the package name. * @exception SecurityException if the caller does not have * permission to access the specified package. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) */ public void checkPackageAccess(String pkg) { checkPermission(new RuntimePermission("package.access."+pkg)); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to define classes in the package * specified by the argument. * * This method is used by the <code>loadClass</code> method of some * class loaders. * * The <code>checkPackageDefinition</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("package.define."+pkg)</code> * permission. * * * @param pkg the package name. * @exception SecurityException if the caller does not have * permission to define classes in the specified package. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) */ public void checkPackageDefinition(String pkg) { checkPermission(new RuntimePermission("package.define."+pkg)); } /** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to set the socket factory used by * <code>ServerSocket</code> or <code>Socket</code>, or the stream * handler factory used by <code>URL</code>. * * The <code>checkSetFactory</code> method for class * <code>SecurityManager</code> calls * <code>checkPermission</code> with the * <code>RuntimePermission("setFactory")</code> permission. * * * @exception SecurityException if the caller does not have * permission to specify a socket factory or a stream * handler factory. * * @see java.net.ServerSocket#setSocketFactory(java.net.SocketImplFactory) * @see java.net.Socket#setSocketImplFactory(java.net.SocketImplFactory) * @see java.net.URL#setURLStreamHandlerFactory(java.net.URLStreamHandlerFactory) */ public void checkSetFactory() { checkPermission(new RuntimePermission("setFactory")); } /** * Tests if a client is allowed to access members. If access is * denied, throw a SecurityException. * The default policy is to allow access to PUBLIC members, as well * as access to classes that have the same class loader as the caller. * In all other cases call <code>checkPermission</code> * with the <code>RuntimePermission("reflect.declared."+clazz.getName()) * </code> permission. * * @exception SecurityException if the caller does not have * permission. * @since JDK1.1 */ public void checkMemberAccess(Class clazz, int which) { if (which != Member.PUBLIC) { if (currentClassLoader() != clazz.getClassLoader()) { checkPermission( new RuntimePermission("reflect.declared."+clazz.getName())); } } } /** * Tests access to certain operations for a security API * action. * * * This method calls * <code>checkPermission</code> with the * <code>SecurityPermission(action)</code> * permission. * * @since JDK1.1 * @param action the security API action to check against. */ public void checkSecurityAccess(String action) { checkPermission(new SecurityPermission(action)); } private native Class currentLoadedClass0(); /** * Returns the thread group into which to instantiate any new * thread being created at the time this is being called. * By default, it returns the thread group of the current * thread. This should be overriden by a specific security * manager to return the appropriate thread group. * * @since JDK1.1 */ public ThreadGroup getThreadGroup() { return Thread.currentThread().getThreadGroup(); } }