equal
deleted
inserted
replaced
43 import java.net.NetPermission; |
43 import java.net.NetPermission; |
44 import java.util.concurrent.atomic.AtomicReference; |
44 import java.util.concurrent.atomic.AtomicReference; |
45 import jdk.internal.misc.JavaSecurityProtectionDomainAccess; |
45 import jdk.internal.misc.JavaSecurityProtectionDomainAccess; |
46 import static jdk.internal.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache; |
46 import static jdk.internal.misc.JavaSecurityProtectionDomainAccess.ProtectionDomainCache; |
47 import jdk.internal.misc.SharedSecrets; |
47 import jdk.internal.misc.SharedSecrets; |
48 import sun.security.util.PolicyUtil; |
48 import sun.security.util.*; |
49 import sun.security.util.PropertyExpander; |
|
50 import sun.security.util.Debug; |
|
51 import sun.security.util.ResourcesMgr; |
|
52 import sun.security.util.SecurityConstants; |
|
53 import sun.net.www.ParseUtil; |
49 import sun.net.www.ParseUtil; |
54 |
50 |
55 /** |
51 /** |
56 * This class represents a default Policy implementation for the |
52 * This class represents a default Policy implementation for the |
57 * "JavaPolicy" type. |
53 * "JavaPolicy" type. |
532 } |
528 } |
533 |
529 |
534 /** |
530 /** |
535 * Reads a policy configuration into the Policy object using a |
531 * Reads a policy configuration into the Policy object using a |
536 * Reader object. |
532 * Reader object. |
537 * |
|
538 * @param policyFile the policy Reader object. |
|
539 */ |
533 */ |
540 private boolean init(URL policy, PolicyInfo newInfo, boolean defPolicy) { |
534 private boolean init(URL policy, PolicyInfo newInfo, boolean defPolicy) { |
541 |
535 |
542 // skip parsing policy file if it has been previously parsed and |
536 // skip parsing policy file if it has been previously parsed and |
543 // has syntax errors |
537 // has syntax errors |
1097 PermissionCollection pc = domain.getPermissions(); |
1091 PermissionCollection pc = domain.getPermissions(); |
1098 if (pc != null) { |
1092 if (pc != null) { |
1099 synchronized (pc) { |
1093 synchronized (pc) { |
1100 Enumeration<Permission> e = pc.elements(); |
1094 Enumeration<Permission> e = pc.elements(); |
1101 while (e.hasMoreElements()) { |
1095 while (e.hasMoreElements()) { |
1102 perms.add(e.nextElement()); |
1096 perms.add(FilePermCompat.newPermPlusAltPath(e.nextElement())); |
1103 } |
1097 } |
1104 } |
1098 } |
1105 } |
1099 } |
1106 |
1100 |
1107 return perms; |
1101 return perms; |
1125 /** |
1119 /** |
1126 * Examines the global policy and returns the provided Permissions |
1120 * Examines the global policy and returns the provided Permissions |
1127 * object with additional permissions granted to the specified |
1121 * object with additional permissions granted to the specified |
1128 * ProtectionDomain. |
1122 * ProtectionDomain. |
1129 * |
1123 * |
1130 * @param perm the Permissions to populate |
1124 * @param perms the Permissions to populate |
1131 * @param pd the ProtectionDomain associated with the caller. |
1125 * @param pd the ProtectionDomain associated with the caller. |
1132 * |
1126 * |
1133 * @return the set of Permissions according to the policy. |
1127 * @return the set of Permissions according to the policy. |
1134 */ |
1128 */ |
1135 private PermissionCollection getPermissions(Permissions perms, |
1129 private PermissionCollection getPermissions(Permissions perms, |
1155 /** |
1149 /** |
1156 * Examines the global policy and returns the provided Permissions |
1150 * Examines the global policy and returns the provided Permissions |
1157 * object with additional permissions granted to the specified |
1151 * object with additional permissions granted to the specified |
1158 * CodeSource. |
1152 * CodeSource. |
1159 * |
1153 * |
1160 * @param permissions the permissions to populate |
1154 * @param perms the permissions to populate |
1161 * @param codesource the codesource associated with the caller. |
1155 * @param cs the codesource associated with the caller. |
1162 * This encapsulates the original location of the code (where the code |
1156 * This encapsulates the original location of the code (where the code |
1163 * came from) and the public key(s) of its signer. |
1157 * came from) and the public key(s) of its signer. |
1164 * |
1158 * |
1165 * @return the set of permissions according to the policy. |
1159 * @return the set of permissions according to the policy. |
1166 */ |
1160 */ |
1384 expandSelf((SelfPermission)p, |
1378 expandSelf((SelfPermission)p, |
1385 entry.getPrincipals(), |
1379 entry.getPrincipals(), |
1386 accPs, |
1380 accPs, |
1387 perms); |
1381 perms); |
1388 } else { |
1382 } else { |
1389 perms.add(p); |
1383 perms.add(FilePermCompat.newPermPlusAltPath(p)); |
1390 } |
1384 } |
1391 } |
1385 } |
1392 } |
1386 } |
1393 |
1387 |
1394 /** |
1388 /** |
1456 debug.println(" expanded:\n\t" + sp.getSelfName() |
1450 debug.println(" expanded:\n\t" + sp.getSelfName() |
1457 + "\n into:\n\t" + sb.toString()); |
1451 + "\n into:\n\t" + sb.toString()); |
1458 } |
1452 } |
1459 try { |
1453 try { |
1460 // first try to instantiate the permission |
1454 // first try to instantiate the permission |
1461 perms.add(getInstance(sp.getSelfType(), |
1455 perms.add(FilePermCompat.newPermPlusAltPath(getInstance(sp.getSelfType(), |
1462 sb.toString(), |
1456 sb.toString(), |
1463 sp.getSelfActions())); |
1457 sp.getSelfActions()))); |
1464 } catch (ClassNotFoundException cnfe) { |
1458 } catch (ClassNotFoundException cnfe) { |
1465 // ok, the permission is not in the bootclasspath. |
1459 // ok, the permission is not in the bootclasspath. |
1466 // before we add an UnresolvedPermission, check to see |
1460 // before we add an UnresolvedPermission, check to see |
1467 // whether this perm already belongs to the collection. |
1461 // whether this perm already belongs to the collection. |
1468 // if so, use that perm's ClassLoader to create a new |
1462 // if so, use that perm's ClassLoader to create a new |