|
1 /* |
|
2 * Copyright (c) 2005, Oracle and/or its affiliates. All rights reserved. |
|
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
|
4 * |
|
5 * This code is free software; you can redistribute it and/or modify it |
|
6 * under the terms of the GNU General Public License version 2 only, as |
|
7 * published by the Free Software Foundation. |
|
8 * |
|
9 * This code is distributed in the hope that it will be useful, but WITHOUT |
|
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or |
|
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License |
|
12 * version 2 for more details (a copy is included in the LICENSE file that |
|
13 * accompanied this code). |
|
14 * |
|
15 * You should have received a copy of the GNU General Public License version |
|
16 * 2 along with this work; if not, write to the Free Software Foundation, |
|
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. |
|
18 * |
|
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA |
|
20 * or visit www.oracle.com if you need additional information or have any |
|
21 * questions. |
|
22 */ |
|
23 |
|
24 /* |
|
25 * @test |
|
26 * @bug 6256734 |
|
27 * @summary ProtectionDomain could optimize implies by first checking for |
|
28 * AllPermission in internal collection |
|
29 */ |
|
30 |
|
31 import java.io.*; |
|
32 import java.net.*; |
|
33 import java.security.*; |
|
34 import java.lang.reflect.*; |
|
35 |
|
36 public class AllPerm { |
|
37 |
|
38 private static final Class[] ARGS = new Class[] { }; |
|
39 private static ProtectionDomain allPermClassDomain; |
|
40 |
|
41 public static void main(String[]args) throws Exception { |
|
42 |
|
43 // create custom class loader that assigns AllPermission to |
|
44 // classes it loads |
|
45 |
|
46 File file = new File(System.getProperty("test.src"), "AllPerm.jar"); |
|
47 URL[] urls = new URL[] { file.toURL() }; |
|
48 ClassLoader parent = Thread.currentThread().getContextClassLoader(); |
|
49 AllPermLoader loader = new AllPermLoader(urls, parent); |
|
50 |
|
51 // load a class from AllPerm.jar using custom loader |
|
52 |
|
53 Object o = loader.loadClass("AllPermClass").newInstance(); |
|
54 Method doCheck = o.getClass().getMethod("doCheck", ARGS); |
|
55 allPermClassDomain = o.getClass().getProtectionDomain(); |
|
56 |
|
57 // set a custom Policy and set the SecurityManager |
|
58 |
|
59 Policy.setPolicy(new AllPermPolicy()); |
|
60 System.setSecurityManager(new SecurityManager()); |
|
61 |
|
62 // invoke method on loaded class, which will perform a |
|
63 // security-sensitive operation. custom policy will check |
|
64 // to see if it is called (it should not be called) |
|
65 |
|
66 doCheck.invoke(o, ARGS); |
|
67 } |
|
68 |
|
69 /** |
|
70 * this class loader assigns AllPermission to classes that it loads |
|
71 */ |
|
72 private static class AllPermLoader extends URLClassLoader { |
|
73 |
|
74 public AllPermLoader(URL[] urls, ClassLoader parent) { |
|
75 super(urls, parent); |
|
76 } |
|
77 |
|
78 protected PermissionCollection getPermissions(CodeSource codesource) { |
|
79 Permissions perms = new Permissions(); |
|
80 perms.add(new AllPermission()); |
|
81 return perms; |
|
82 } |
|
83 } |
|
84 |
|
85 /** |
|
86 * this policy should not be called if domain is allPermClassDomain |
|
87 */ |
|
88 private static class AllPermPolicy extends Policy { |
|
89 public boolean implies(ProtectionDomain domain, Permission permission) { |
|
90 if (domain == allPermClassDomain) { |
|
91 throw new SecurityException |
|
92 ("Unexpected call into AllPermPolicy"); |
|
93 } |
|
94 return true; |
|
95 } |
|
96 } |
|
97 } |
|
98 |
|
99 /** |
|
100 * here is the source code for AllPermClass inside AllPerm.jar |
|
101 */ |
|
102 /* |
|
103 public class AllPermClass { |
|
104 public void doCheck() { |
|
105 System.getProperty("user.name"); |
|
106 } |
|
107 } |
|
108 */ |