Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/java.base/share/classes/sun/security/action/GetPropertyAction.java
changeset 37781 71ed5645f17c
parent 37593 824750ada3d6 
--- a/jdk/src/java.base/share/classes/sun/security/action/GetPropertyAction.java	Tue May 03 11:45:56 2016 +0100
+++ b/jdk/src/java.base/share/classes/sun/security/action/GetPropertyAction.java	Tue May 03 15:50:54 2016 +0200
@@ -93,9 +93,14 @@
      * if no security manager is present. This is unsafe for inclusion in a
      * public API but allowable here since this class is now encapsulated.
      *
+     * Note that this method performs a privileged action using caller-provided
+     * inputs. The caller of this method should take care to ensure that the
+     * inputs are not tainted and the returned property is not made accessible
+     * to untrusted code if it contains sensitive information.
+     *
      * @param theProp the name of the system property.
      */
-    public static String getProperty(String theProp) {
+    public static String privilegedGetProperty(String theProp) {
         if (System.getSecurityManager() == null) {
             return System.getProperty(theProp);
         } else {
@@ -109,10 +114,16 @@
      * if no security manager is present. This is unsafe for inclusion in a
      * public API but allowable here since this class is now encapsulated.
      *
+     * Note that this method performs a privileged action using caller-provided
+     * inputs. The caller of this method should take care to ensure that the
+     * inputs are not tainted and the returned property is not made accessible
+     * to untrusted code if it contains sensitive information.
+     *
      * @param theProp the name of the system property.
      * @param defaultVal the default value.
      */
-    public static String getProperty(String theProp, String defaultVal) {
+    public static String privilegedGetProperty(String theProp,
+            String defaultVal) {
         if (System.getSecurityManager() == null) {
             return System.getProperty(theProp, defaultVal);
         } else {
@@ -126,8 +137,13 @@
      * having to go through doPrivileged if no security manager is present.
      * This is unsafe for inclusion in a public API but allowable here since
      * this class is now encapsulated.
+     *
+     * Note that this method performs a privileged action, and callers of
+     * this method should take care to ensure that the returned properties
+     * are not made accessible to untrusted code since it may contain
+     * sensitive information.
      */
-    public static Properties getProperties() {
+    public static Properties privilegedGetProperties() {
         if (System.getSecurityManager() == null) {
             return System.getProperties();
         } else {
jdk-sandbox