Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/java.base/share/classes/sun/security/action/GetPropertyAction.java
changeset 37781 71ed5645f17c
parent 37593 824750ada3d6
equal deleted inserted replaced
37780:06f3783b338f 37781:71ed5645f17c 
    91     /**
 
    91     /**
 
    92      * Convenience method to get a property without going through doPrivileged
 
    92      * Convenience method to get a property without going through doPrivileged
 
    93      * if no security manager is present. This is unsafe for inclusion in a
 
    93      * if no security manager is present. This is unsafe for inclusion in a
 
    94      * public API but allowable here since this class is now encapsulated.
 
    94      * public API but allowable here since this class is now encapsulated.
 
    95      *
 
    95      *
 
       
    96      * Note that this method performs a privileged action using caller-provided
 
       
    97      * inputs. The caller of this method should take care to ensure that the
 
       
    98      * inputs are not tainted and the returned property is not made accessible
 
       
    99      * to untrusted code if it contains sensitive information.
 
       
   100      *
 
    96      * @param theProp the name of the system property.
 
   101      * @param theProp the name of the system property.
 
    97      */
 
   102      */
 
    98     public static String getProperty(String theProp) {
 
   103     public static String privilegedGetProperty(String theProp) {
 
    99         if (System.getSecurityManager() == null) {
 
   104         if (System.getSecurityManager() == null) {
 
   100             return System.getProperty(theProp);
 
   105             return System.getProperty(theProp);
 
   101         } else {
 
   106         } else {
 
   102             return AccessController.doPrivileged(
 
   107             return AccessController.doPrivileged(
 
   103                     new GetPropertyAction(theProp));
 
   108                     new GetPropertyAction(theProp));
 
   107     /**
 
   112     /**
 
   108      * Convenience method to get a property without going through doPrivileged
 
   113      * Convenience method to get a property without going through doPrivileged
 
   109      * if no security manager is present. This is unsafe for inclusion in a
 
   114      * if no security manager is present. This is unsafe for inclusion in a
 
   110      * public API but allowable here since this class is now encapsulated.
 
   115      * public API but allowable here since this class is now encapsulated.
 
   111      *
 
   116      *
 
       
   117      * Note that this method performs a privileged action using caller-provided
 
       
   118      * inputs. The caller of this method should take care to ensure that the
 
       
   119      * inputs are not tainted and the returned property is not made accessible
 
       
   120      * to untrusted code if it contains sensitive information.
 
       
   121      *
 
   112      * @param theProp the name of the system property.
 
   122      * @param theProp the name of the system property.
 
   113      * @param defaultVal the default value.
 
   123      * @param defaultVal the default value.
 
   114      */
 
   124      */
 
   115     public static String getProperty(String theProp, String defaultVal) {
 
   125     public static String privilegedGetProperty(String theProp,
 
       
   126             String defaultVal) {
 
   116         if (System.getSecurityManager() == null) {
 
   127         if (System.getSecurityManager() == null) {
 
   117             return System.getProperty(theProp, defaultVal);
 
   128             return System.getProperty(theProp, defaultVal);
 
   118         } else {
 
   129         } else {
 
   119             return AccessController.doPrivileged(
 
   130             return AccessController.doPrivileged(
 
   120                     new GetPropertyAction(theProp, defaultVal));
 
   131                     new GetPropertyAction(theProp, defaultVal));
 
   124     /**
 
   135     /**
 
   125      * Convenience method to call <code>System.getProperties</code> without
 
   136      * Convenience method to call <code>System.getProperties</code> without
 
   126      * having to go through doPrivileged if no security manager is present.
 
   137      * having to go through doPrivileged if no security manager is present.
 
   127      * This is unsafe for inclusion in a public API but allowable here since
 
   138      * This is unsafe for inclusion in a public API but allowable here since
 
   128      * this class is now encapsulated.
 
   139      * this class is now encapsulated.
 
       
   140      *
 
       
   141      * Note that this method performs a privileged action, and callers of
 
       
   142      * this method should take care to ensure that the returned properties
 
       
   143      * are not made accessible to untrusted code since it may contain
 
       
   144      * sensitive information.
 
   129      */
 
   145      */
 
   130     public static Properties getProperties() {
 
   146     public static Properties privilegedGetProperties() {
 
   131         if (System.getSecurityManager() == null) {
 
   147         if (System.getSecurityManager() == null) {
 
   132             return System.getProperties();
 
   148             return System.getProperties();
 
   133         } else {
 
   149         } else {
 
   134             return AccessController.doPrivileged(
 
   150             return AccessController.doPrivileged(
 
   135                     new PrivilegedAction<Properties>() {
 
   151                     new PrivilegedAction<Properties>() {
jdk-sandbox