private <T> T createProxy(final Class<T> portInterface, final SEIStub pis) { // accessClassInPackage privilege needs to be granted ... RuntimePermission perm = new RuntimePermission("accessClassInPackage.com.sun." + "xml.internal.*"); PermissionCollection perms = perm.newPermissionCollection(); perms.add(perm); return AccessController.doPrivileged( new PrivilegedAction<T>() { @Override public T run() { Object proxy = Proxy.newProxyInstance(portInterface.getClassLoader(), new Class[]{portInterface, WSBindingProvider.class, Closeable.class}, pis); return portInterface.cast(proxy); } }, new AccessControlContext( new ProtectionDomain[]{ new ProtectionDomain(null, perms) }) ); }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to define classes in the package * specified by the argument. * <p> * This method is used by the <code>loadClass</code> method of some * class loaders. * <p> * This method first gets a list of restricted packages by * obtaining a comma-separated list from a call to * <code>java.security.Security.getProperty("package.definition")</code>, * and checks to see if <code>pkg</code> starts with or equals * any of the restricted packages. If it does, then * <code>checkPermission</code> gets called with the * <code>RuntimePermission("defineClassInPackage."+pkg)</code> * permission. * <p> * If this method is overridden, then * <code>super.checkPackageDefinition</code> should be called * as the first line in the overridden method. * * @param pkg the package name. * @exception SecurityException if the calling thread does not have * permission to define classes in the specified package. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) * @see java.security.Security#getProperty getProperty * @see #checkPermission(java.security.Permission) checkPermission */ public void checkPackageDefinition(String pkg) { if (pkg == null) { throw new NullPointerException("package name can't be null"); } String[] pkgs; synchronized (packageDefinitionLock) { /* * Do we need to update our property array? */ if (!packageDefinitionValid) { String tmpPropertyStr = AccessController.doPrivileged( new PrivilegedAction<String>() { public String run() { return java.security.Security.getProperty( "package.definition"); } } ); packageDefinition = getPackages(tmpPropertyStr); packageDefinitionValid = true; } // Using a snapshot of packageDefinition -- don't care if static // field changes afterwards; array contents won't change. pkgs = packageDefinition; } /* * Traverse the list of packages, check for any matches. */ for (int i = 0; i < pkgs.length; i++) { if (pkg.startsWith(pkgs[i]) || pkgs[i].equals(pkg + ".")) { checkPermission( new RuntimePermission("defineClassInPackage."+pkg)); break; // No need to continue; only need to check this once } } }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to define classes in the package * specified by the argument. * <p> * This method is used by the <code>loadClass</code> method of some * class loaders. * <p> * This method first gets a list of restricted packages by * obtaining a comma-separated list from a call to * <code>java.security.Security.getProperty("package.definition")</code>, * and checks to see if <code>pkg</code> starts with or equals * any of the restricted packages. If it does, then * <code>checkPermission</code> gets called with the * <code>RuntimePermission("defineClassInPackage."+pkg)</code> * permission. * <p> * If this method is overridden, then * <code>super.checkPackageDefinition</code> should be called * as the first line in the overridden method. * * @param pkg the package name. * @exception SecurityException if the calling thread does not have * permission to define classes in the specified package. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) * @see java.security.Security#getProperty getProperty * @see #checkPermission(java.security.Permission) checkPermission */ public void checkPackageDefinition(String pkg) { if (pkg == null) { throw new NullPointerException("package name can't be null"); } String[] pkgs; synchronized (packageDefinitionLock) { /* * Do we need to update our property array? */ if (!packageDefinitionValid) { String tmpPropertyStr = AccessController.doPrivileged( new PrivilegedAction<>() { public String run() { return java.security.Security.getProperty( "package.definition"); } } ); packageDefinition = getPackages(tmpPropertyStr); packageDefinitionValid = true; } // Using a snapshot of packageDefinition -- don't care if static // field changes afterwards; array contents won't change. pkgs = packageDefinition; } /* * Traverse the list of packages, check for any matches. */ for (String restrictedPkg : pkgs) { if (pkg.startsWith(restrictedPkg) || restrictedPkg.equals(pkg + ".")) { checkPermission( new RuntimePermission("defineClassInPackage." + pkg)); break; // No need to continue; only need to check this once } } }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to define classes in the package * specified by the argument. * <p> * This method is used by the <code>loadClass</code> method of some * class loaders. * <p> * This method first gets a list of restricted packages by * obtaining a comma-separated list from a call to * <code>java.security.Security.getProperty("package.definition")</code>, * and checks to see if <code>pkg</code> starts with or equals * any of the restricted packages. If it does, then * <code>checkPermission</code> gets called with the * <code>RuntimePermission("defineClassInPackage."+pkg)</code> * permission. * <p> * If this method is overridden, then * <code>super.checkPackageDefinition</code> should be called * as the first line in the overridden method. * * @param pkg the package name. * @exception SecurityException if the calling thread does not have * permission to define classes in the specified package. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) * @see java.security.Security#getProperty getProperty * @see #checkPermission(java.security.Permission) checkPermission */ public void checkPackageDefinition(String pkg) { if (pkg == null) { throw new NullPointerException("package name can't be null"); } String[] pkgs; synchronized (packageDefinitionLock) { /* * Do we need to update our property array? */ if (!packageDefinitionValid) { String tmpPropertyStr = (String) AccessController.doPrivileged( new PrivilegedAction() { public Object run() { return java.security.Security.getProperty( "package.definition"); } } ); packageDefinition = getPackages(tmpPropertyStr); packageDefinitionValid = true; } // Using a snapshot of packageDefinition -- don't care if static // field changes afterwards; array contents won't change. pkgs = packageDefinition; } /* * Traverse the list of packages, check for any matches. */ for (int i = 0; i < pkgs.length; i++) { if (pkg.startsWith(pkgs[i]) || pkgs[i].equals(pkg + ".")) { checkPermission( new RuntimePermission("defineClassInPackage."+pkg)); break; // No need to continue; only need to check this once } } }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to access the package specified by * the argument. * <p> * This method is used by the <code>loadClass</code> method of class * loaders. * <p> * This method first gets a list of * restricted packages by obtaining a comma-separated list from * a call to * <code>java.security.Security.getProperty("package.access")</code>, * and checks to see if <code>pkg</code> starts with or equals * any of the restricted packages. If it does, then * <code>checkPermission</code> gets called with the * <code>RuntimePermission("accessClassInPackage."+pkg)</code> * permission. * <p> * If this method is overridden, then * <code>super.checkPackageAccess</code> should be called * as the first line in the overridden method. * * @param pkg the package name. * @exception SecurityException if the calling thread does not have * permission to access the specified package. * @exception NullPointerException if the package name argument is * <code>null</code>. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) * loadClass * @see java.security.Security#getProperty getProperty * @see #checkPermission(java.security.Permission) checkPermission */ public void checkPackageAccess(String pkg) { if (pkg == null) { throw new NullPointerException("package name can't be null"); } String[] pkgs; synchronized (packageAccessLock) { /* * Do we need to update our property array? */ if (!packageAccessValid) { String tmpPropertyStr = AccessController.doPrivileged( new PrivilegedAction<String>() { public String run() { return java.security.Security.getProperty( "package.access"); } } ); packageAccess = getPackages(tmpPropertyStr); packageAccessValid = true; } // Using a snapshot of packageAccess -- don't care if static field // changes afterwards; array contents won't change. pkgs = packageAccess; } /* * Traverse the list of packages, check for any matches. */ for (int i = 0; i < pkgs.length; i++) { if (pkg.startsWith(pkgs[i]) || pkgs[i].equals(pkg + ".")) { checkPermission( new RuntimePermission("accessClassInPackage."+pkg)); break; // No need to continue; only need to check this once } } }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to access the package specified by * the argument. * <p> * This method is used by the <code>loadClass</code> method of class * loaders. * <p> * This method first gets a list of * restricted packages by obtaining a comma-separated list from * a call to * <code>java.security.Security.getProperty("package.access")</code>, * and checks to see if <code>pkg</code> starts with or equals * any of the restricted packages. If it does, then * <code>checkPermission</code> gets called with the * <code>RuntimePermission("accessClassInPackage."+pkg)</code> * permission. * <p> * If this method is overridden, then * <code>super.checkPackageAccess</code> should be called * as the first line in the overridden method. * * @param pkg the package name. * @exception SecurityException if the calling thread does not have * permission to access the specified package. * @exception NullPointerException if the package name argument is * <code>null</code>. * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) * loadClass * @see java.security.Security#getProperty getProperty * @see #checkPermission(java.security.Permission) checkPermission */ public void checkPackageAccess(String pkg) { if (pkg == null) { throw new NullPointerException("package name can't be null"); } String[] pkgs; synchronized (packageAccessLock) { /* * Do we need to update our property array? */ if (!packageAccessValid) { String tmpPropertyStr = (String) AccessController.doPrivileged( new PrivilegedAction() { public Object run() { return java.security.Security.getProperty( "package.access"); } } ); packageAccess = getPackages(tmpPropertyStr); packageAccessValid = true; } // Using a snapshot of packageAccess -- don't care if static field // changes afterwards; array contents won't change. pkgs = packageAccess; } /* * Traverse the list of packages, check for any matches. */ for (int i = 0; i < pkgs.length; i++) { if (pkg.startsWith(pkgs[i]) || pkgs[i].equals(pkg + ".")) { checkPermission( new RuntimePermission("accessClassInPackage."+pkg)); break; // No need to continue; only need to check this once } } }
/** * Creates one of the well-known permissions directly instead of * via reflection. Keep list short to not penalize non-JDK-defined * permissions. */ private static final Permission getKnownInstance(Class claz, String name, String actions) { // XXX shorten list to most popular ones? if (claz.equals(FilePermission.class)) { return new FilePermission(name, actions); } else if (claz.equals(SocketPermission.class)) { return new SocketPermission(name, actions); } else if (claz.equals(RuntimePermission.class)) { return new RuntimePermission(name, actions); } else if (claz.equals(PropertyPermission.class)) { return new PropertyPermission(name, actions); } else if (claz.equals(NetPermission.class)) { return new NetPermission(name, actions); } else if (claz.equals(AllPermission.class)) { return SecurityConstants.ALL_PERMISSION; /* } else if (claz.equals(ReflectPermission.class)) { return new ReflectPermission(name, actions); } else if (claz.equals(SecurityPermission.class)) { return new SecurityPermission(name, actions); } else if (claz.equals(PrivateCredentialPermission.class)) { return new PrivateCredentialPermission(name, actions); } else if (claz.equals(AuthPermission.class)) { return new AuthPermission(name, actions); } else if (claz.equals(ServicePermission.class)) { return new ServicePermission(name, actions); } else if (claz.equals(DelegationPermission.class)) { return new DelegationPermission(name, actions); } else if (claz.equals(SerializablePermission.class)) { return new SerializablePermission(name, actions); } else if (claz.equals(AudioPermission.class)) { return new AudioPermission(name, actions); } else if (claz.equals(SSLPermission.class)) { return new SSLPermission(name, actions); } else if (claz.equals(LoggingPermission.class)) { return new LoggingPermission(name, actions); } else if (claz.equals(SQLPermission.class)) { return new SQLPermission(name, actions); */ } else { return null; } }
/** * Constructs a new <code>SecurityManager</code>. * * <p> If there is a security manager already installed, this method first * calls the security manager's <code>checkPermission</code> method * with the <code>RuntimePermission("createSecurityManager")</code> * permission to ensure the calling thread has permission to create a new * security manager. * This may result in throwing a <code>SecurityException</code>. * * @exception java.lang.SecurityException if a security manager already * exists and its <code>checkPermission</code> method * doesn't allow creation of a new security manager. * @see java.lang.System#getSecurityManager() * @see #checkPermission(java.security.Permission) checkPermission * @see java.lang.RuntimePermission */ public SecurityManager() { synchronized(SecurityManager.class) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { // ask the currently installed security manager if we // can create a new one. sm.checkPermission(new RuntimePermission ("createSecurityManager")); } initialized = true; } }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to dynamic link the library code * specified by the string argument file. The argument is either a * simple library name or a complete filename. * <p> * This method is invoked for the current security manager by * methods <code>load</code> and <code>loadLibrary</code> of class * <code>Runtime</code>. * <p> * This method calls <code>checkPermission</code> with the * <code>RuntimePermission("loadLibrary."+lib)</code> permission. * <p> * If you override this method, then you should make a call to * <code>super.checkLink</code> * at the point the overridden method would normally throw an * exception. * * @param lib the name of the library. * @exception SecurityException if the calling thread does not have * permission to dynamically link the library. * @exception NullPointerException if the <code>lib</code> argument is * <code>null</code>. * @see java.lang.Runtime#load(java.lang.String) * @see java.lang.Runtime#loadLibrary(java.lang.String) * @see #checkPermission(java.security.Permission) checkPermission */ public void checkLink(String lib) { if (lib == null) { throw new NullPointerException("library can't be null"); } checkPermission(new RuntimePermission("loadLibrary."+lib)); }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to read from the specified file * descriptor. * <p> * This method calls <code>checkPermission</code> with the * <code>RuntimePermission("readFileDescriptor")</code> * permission. * <p> * If you override this method, then you should make a call to * <code>super.checkRead</code> * at the point the overridden method would normally throw an * exception. * * @param fd the system-dependent file descriptor. * @exception SecurityException if the calling thread does not have * permission to access the specified file descriptor. * @exception NullPointerException if the file descriptor argument is * <code>null</code>. * @see java.io.FileDescriptor * @see #checkPermission(java.security.Permission) checkPermission */ public void checkRead(FileDescriptor fd) { if (fd == null) { throw new NullPointerException("file descriptor can't be null"); } checkPermission(new RuntimePermission("readFileDescriptor")); }
/** * Throws a <code>SecurityException</code> if the * calling thread is not allowed to write to the specified file * descriptor. * <p> * This method calls <code>checkPermission</code> with the * <code>RuntimePermission("writeFileDescriptor")</code> * permission. * <p> * If you override this method, then you should make a call to * <code>super.checkWrite</code> * at the point the overridden method would normally throw an * exception. * * @param fd the system-dependent file descriptor. * @exception SecurityException if the calling thread does not have * permission to access the specified file descriptor. * @exception NullPointerException if the file descriptor argument is * <code>null</code>. * @see java.io.FileDescriptor * @see #checkPermission(java.security.Permission) checkPermission */ public void checkWrite(FileDescriptor fd) { if (fd == null) { throw new NullPointerException("file descriptor can't be null"); } checkPermission(new RuntimePermission("writeFileDescriptor")); }
