1 /* |
1 /* |
2 * Copyright (c) 1995, 2017, Oracle and/or its affiliates. All rights reserved. |
2 * Copyright (c) 1995, 2018, Oracle and/or its affiliates. All rights reserved. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. |
4 * |
4 * |
5 * This code is free software; you can redistribute it and/or modify it |
5 * This code is free software; you can redistribute it and/or modify it |
6 * under the terms of the GNU General Public License version 2 only, as |
6 * under the terms of the GNU General Public License version 2 only, as |
7 * published by the Free Software Foundation. Oracle designates this |
7 * published by the Free Software Foundation. Oracle designates this |
233 /* |
233 /* |
234 * Have we been initialized. Effective against finalizer attacks. |
234 * Have we been initialized. Effective against finalizer attacks. |
235 */ |
235 */ |
236 private boolean initialized = false; |
236 private boolean initialized = false; |
237 |
237 |
238 |
|
239 /** |
|
240 * returns true if the current context has been granted AllPermission |
|
241 */ |
|
242 private boolean hasAllPermission() { |
|
243 try { |
|
244 checkPermission(SecurityConstants.ALL_PERMISSION); |
|
245 return true; |
|
246 } catch (SecurityException se) { |
|
247 return false; |
|
248 } |
|
249 } |
|
250 |
|
251 /** |
238 /** |
252 * Constructs a new <code>SecurityManager</code>. |
239 * Constructs a new <code>SecurityManager</code>. |
253 * |
240 * |
254 * <p> If there is a security manager already installed, this method first |
241 * <p> If there is a security manager already installed, this method first |
255 * calls the security manager's <code>checkPermission</code> method |
242 * calls the security manager's <code>checkPermission</code> method |
1079 checkPermission(new PropertyPermission(key, |
1066 checkPermission(new PropertyPermission(key, |
1080 SecurityConstants.PROPERTY_READ_ACTION)); |
1067 SecurityConstants.PROPERTY_READ_ACTION)); |
1081 } |
1068 } |
1082 |
1069 |
1083 /** |
1070 /** |
1084 * Returns {@code true} if the calling thread has {@code AllPermission}. |
|
1085 * |
|
1086 * @param window not used except to check if it is {@code null}. |
|
1087 * @return {@code true} if the calling thread has {@code AllPermission}. |
|
1088 * @exception NullPointerException if the {@code window} argument is |
|
1089 * {@code null}. |
|
1090 * @deprecated This method was originally used to check if the calling thread |
|
1091 * was trusted to bring up a top-level window. The method has been |
|
1092 * obsoleted and code should instead use {@link #checkPermission} |
|
1093 * to check {@code AWTPermission("showWindowWithoutWarningBanner")}. |
|
1094 * This method is subject to removal in a future version of Java SE. |
|
1095 * @see #checkPermission(java.security.Permission) checkPermission |
|
1096 */ |
|
1097 @Deprecated(since="1.8", forRemoval=true) |
|
1098 public boolean checkTopLevelWindow(Object window) { |
|
1099 if (window == null) { |
|
1100 throw new NullPointerException("window can't be null"); |
|
1101 } |
|
1102 return hasAllPermission(); |
|
1103 } |
|
1104 |
|
1105 /** |
|
1106 * Throws a <code>SecurityException</code> if the |
1071 * Throws a <code>SecurityException</code> if the |
1107 * calling thread is not allowed to initiate a print job request. |
1072 * calling thread is not allowed to initiate a print job request. |
1108 * <p> |
1073 * <p> |
1109 * This method calls |
1074 * This method calls |
1110 * <code>checkPermission</code> with the |
1075 * <code>checkPermission</code> with the |
1120 * @since 1.1 |
1085 * @since 1.1 |
1121 * @see #checkPermission(java.security.Permission) checkPermission |
1086 * @see #checkPermission(java.security.Permission) checkPermission |
1122 */ |
1087 */ |
1123 public void checkPrintJobAccess() { |
1088 public void checkPrintJobAccess() { |
1124 checkPermission(new RuntimePermission("queuePrintJob")); |
1089 checkPermission(new RuntimePermission("queuePrintJob")); |
1125 } |
|
1126 |
|
1127 /** |
|
1128 * Throws {@code SecurityException} if the calling thread does |
|
1129 * not have {@code AllPermission}. |
|
1130 * |
|
1131 * @since 1.1 |
|
1132 * @exception SecurityException if the calling thread does not have |
|
1133 * {@code AllPermission} |
|
1134 * @deprecated This method was originally used to check if the calling |
|
1135 * thread could access the system clipboard. The method has been |
|
1136 * obsoleted and code should instead use {@link #checkPermission} |
|
1137 * to check {@code AWTPermission("accessClipboard")}. |
|
1138 * This method is subject to removal in a future version of Java SE. |
|
1139 * @see #checkPermission(java.security.Permission) checkPermission |
|
1140 */ |
|
1141 @Deprecated(since="1.8", forRemoval=true) |
|
1142 public void checkSystemClipboardAccess() { |
|
1143 checkPermission(SecurityConstants.ALL_PERMISSION); |
|
1144 } |
|
1145 |
|
1146 /** |
|
1147 * Throws {@code SecurityException} if the calling thread does |
|
1148 * not have {@code AllPermission}. |
|
1149 * |
|
1150 * @since 1.1 |
|
1151 * @exception SecurityException if the calling thread does not have |
|
1152 * {@code AllPermission} |
|
1153 * @deprecated This method was originally used to check if the calling |
|
1154 * thread could access the AWT event queue. The method has been |
|
1155 * obsoleted and code should instead use {@link #checkPermission} |
|
1156 * to check {@code AWTPermission("accessEventQueue")}. |
|
1157 * This method is subject to removal in a future version of Java SE. |
|
1158 * @see #checkPermission(java.security.Permission) checkPermission |
|
1159 */ |
|
1160 @Deprecated(since="1.8", forRemoval=true) |
|
1161 public void checkAwtEventQueueAccess() { |
|
1162 checkPermission(SecurityConstants.ALL_PERMISSION); |
|
1163 } |
1090 } |
1164 |
1091 |
1165 /* |
1092 /* |
1166 * We have an initial invalid bit (initially false) for the class |
1093 * We have an initial invalid bit (initially false) for the class |
1167 * variables which tell if the cache is valid. If the underlying |
1094 * variables which tell if the cache is valid. If the underlying |
1473 public void checkSetFactory() { |
1400 public void checkSetFactory() { |
1474 checkPermission(new RuntimePermission("setFactory")); |
1401 checkPermission(new RuntimePermission("setFactory")); |
1475 } |
1402 } |
1476 |
1403 |
1477 /** |
1404 /** |
1478 * Throws a {@code SecurityException} if the calling thread does |
|
1479 * not have {@code AllPermission}. |
|
1480 * |
|
1481 * @param clazz the class that reflection is to be performed on. |
|
1482 * @param which type of access, PUBLIC or DECLARED. |
|
1483 * @throws SecurityException if the caller does not have |
|
1484 * {@code AllPermission} |
|
1485 * @throws NullPointerException if the {@code clazz} argument is |
|
1486 * {@code null} |
|
1487 * @deprecated This method was originally used to check if the calling |
|
1488 * thread was allowed to access members. It relied on the |
|
1489 * caller being at a stack depth of 4 which is error-prone and |
|
1490 * cannot be enforced by the runtime. The method has been |
|
1491 * obsoleted and code should instead use |
|
1492 * {@link #checkPermission} to check |
|
1493 * {@code RuntimePermission("accessDeclaredMembers")}. This |
|
1494 * method is subject to removal in a future version of Java SE. |
|
1495 * @since 1.1 |
|
1496 * @see #checkPermission(java.security.Permission) checkPermission |
|
1497 */ |
|
1498 @Deprecated(since="1.8", forRemoval=true) |
|
1499 public void checkMemberAccess(Class<?> clazz, int which) { |
|
1500 if (clazz == null) { |
|
1501 throw new NullPointerException("class can't be null"); |
|
1502 } |
|
1503 checkPermission(SecurityConstants.ALL_PERMISSION); |
|
1504 } |
|
1505 |
|
1506 /** |
|
1507 * Determines whether the permission with the specified permission target |
1405 * Determines whether the permission with the specified permission target |
1508 * name should be granted or denied. |
1406 * name should be granted or denied. |
1509 * |
1407 * |
1510 * <p> If the requested permission is allowed, this method returns |
1408 * <p> If the requested permission is allowed, this method returns |
1511 * quietly. If denied, a SecurityException is raised. |
1409 * quietly. If denied, a SecurityException is raised. |