Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/java/security/AccessController.java
changeset 21321 923ca53e6572
parent 19828 b4f91bc595fe
child 21334 c60dfce46a77 
--- a/jdk/src/share/classes/java/security/AccessController.java	Mon Oct 14 14:28:50 2013 +0200
+++ b/jdk/src/share/classes/java/security/AccessController.java	Tue Oct 22 08:03:16 2013 -0400
@@ -344,9 +344,10 @@
      * If the action's {@code run} method throws an (unchecked) exception,
      * it will propagate through this method.
      * <p>
-     * If a security manager is installed and the {@code AccessControlContext}
-     * was not created by system code and the caller's {@code ProtectionDomain}
-     * has not been granted the {@literal "createAccessControlContext"}
+     * If a security manager is installed and the specified
+     * {@code AccessControlContext} was not created by system code and the
+     * caller's {@code ProtectionDomain} has not been granted the
+     * {@literal "createAccessControlContext"}
      * {@link java.security.SecurityPermission}, then the action is performed
      * with no permissions.
      *
@@ -384,6 +385,13 @@
      * <p>
      * If the action's {@code run} method throws an (unchecked) exception,
      * it will propagate through this method.
+     * <p>
+     * If a security manager is installed and the specified
+     * {@code AccessControlContext} was not created by system code and the
+     * caller's {@code ProtectionDomain} has not been granted the
+     * {@literal "createAccessControlContext"}
+     * {@link java.security.SecurityPermission}, then the action is performed
+     * with no permissions.
      *
      * @param <T> the type of the value returned by the PrivilegedAction's
      *                  {@code run} method.
@@ -438,6 +446,13 @@
      *
      * <p> This method preserves the current AccessControlContext's
      * DomainCombiner (which may be null) while the action is performed.
+     * <p>
+     * If a security manager is installed and the specified
+     * {@code AccessControlContext} was not created by system code and the
+     * caller's {@code ProtectionDomain} has not been granted the
+     * {@literal "createAccessControlContext"}
+     * {@link java.security.SecurityPermission}, then the action is performed
+     * with no permissions.
      *
      * @param <T> the type of the value returned by the PrivilegedAction's
      *                  {@code run} method.
@@ -571,8 +586,18 @@
                       AccessControlContext parent, AccessControlContext context,
                       Permission[] perms)
     {
-        return new AccessControlContext(getCallerPD(caller), combiner, parent,
-                                        context, perms);
+        ProtectionDomain callerPD = getCallerPD(caller);
+        // check if caller is authorized to create context
+        if (context != null && !context.isAuthorized() &&
+            System.getSecurityManager() != null &&
+            !callerPD.impliesCreateAccessControlContext())
+        {
+            ProtectionDomain nullPD = new ProtectionDomain(null, null);
+            return new AccessControlContext(new ProtectionDomain[] { nullPD });
+        } else {
+            return new AccessControlContext(callerPD, combiner, parent,
+                                            context, perms);
+        }
     }
 
     private static ProtectionDomain getCallerPD(final Class <?> caller) {
@@ -597,9 +622,10 @@
      * If the action's {@code run} method throws an <i>unchecked</i>
      * exception, it will propagate through this method.
      * <p>
-     * If a security manager is installed and the {@code AccessControlContext}
-     * was not created by system code and the caller's {@code ProtectionDomain}
-     * has not been granted the {@literal "createAccessControlContext"}
+     * If a security manager is installed and the specified
+     * {@code AccessControlContext} was not created by system code and the
+     * caller's {@code ProtectionDomain} has not been granted the
+     * {@literal "createAccessControlContext"}
      * {@link java.security.SecurityPermission}, then the action is performed
      * with no permissions.
      *
@@ -641,6 +667,13 @@
      * <p>
      * If the action's {@code run} method throws an (unchecked) exception,
      * it will propagate through this method.
+     * <p>
+     * If a security manager is installed and the specified
+     * {@code AccessControlContext} was not created by system code and the
+     * caller's {@code ProtectionDomain} has not been granted the
+     * {@literal "createAccessControlContext"}
+     * {@link java.security.SecurityPermission}, then the action is performed
+     * with no permissions.
      *
      * @param <T> the type of the value returned by the
      *                  PrivilegedExceptionAction's {@code run} method.
@@ -697,6 +730,13 @@
      *
      * <p> This method preserves the current AccessControlContext's
      * DomainCombiner (which may be null) while the action is performed.
+     * <p>
+     * If a security manager is installed and the specified
+     * {@code AccessControlContext} was not created by system code and the
+     * caller's {@code ProtectionDomain} has not been granted the
+     * {@literal "createAccessControlContext"}
+     * {@link java.security.SecurityPermission}, then the action is performed
+     * with no permissions.
      *
      * @param <T> the type of the value returned by the
      *                  PrivilegedExceptionAction's {@code run} method.
jdk-sandbox