29 import java.util.Enumeration; |
29 import java.util.Enumeration; |
30 import java.util.Hashtable; |
30 import java.util.Hashtable; |
31 import java.util.StringTokenizer; |
31 import java.util.StringTokenizer; |
32 |
32 |
33 /** |
33 /** |
34 * This class is for runtime permissions. A RuntimePermission |
34 * This class is for managing runtime permission checking for |
35 * contains a name (also referred to as a "target name") but |
35 * operations performed by methods in the {@link Linkage} class. |
|
36 * Like a {@link RuntimePermission}, on which it is modeled, |
|
37 * a {@code LinkagePermission} contains a target name but |
36 * no actions list; you either have the named permission |
38 * no actions list; you either have the named permission |
37 * or you don't. |
39 * or you don't. |
38 * |
40 * <p> |
39 * <P> |
41 * The following table lists all the possible {@code LinkagePermission} target names, |
40 * The target name is the name of the runtime permission (see below). The |
|
41 * naming convention follows the hierarchical property naming convention. |
|
42 * Also, an asterisk |
|
43 * may appear at the end of the name, following a ".", or by itself, to |
|
44 * signify a wildcard match. For example: "loadLibrary.*" or "*" is valid, |
|
45 * "*loadLibrary" or "a*b" is not valid. |
|
46 * <P> |
|
47 * The following table lists all the possible RuntimePermission target names, |
|
48 * and for each provides a description of what the permission allows |
42 * and for each provides a description of what the permission allows |
49 * and a discussion of the risks of granting code the permission. |
43 * and a discussion of the risks of granting code the permission. |
50 * <P> |
44 * <p> |
51 * |
45 * |
52 * <table border=1 cellpadding=5 summary="permission target name, |
46 * <table border=1 cellpadding=5 summary="permission target name, |
53 * what the target allows,and associated risks"> |
47 * what the target allows,and associated risks"> |
54 * <tr> |
48 * <tr> |
55 * <th>Permission Target Name</th> |
49 * <th>Permission Target Name</th> |
57 * <th>Risks of Allowing this Permission</th> |
51 * <th>Risks of Allowing this Permission</th> |
58 * </tr> |
52 * </tr> |
59 * |
53 * |
60 * <tr> |
54 * <tr> |
61 * <td>registerBootstrapMethod.{class name}</td> |
55 * <td>registerBootstrapMethod.{class name}</td> |
62 * <td>Specifying a bootstrap method for invokedynamic, within a class of the given name</td> |
56 * <td>Specifying a bootstrap method for {@code invokedynamic} instructions within a class of the given name</td> |
63 * <td>An attacker could attempt to attach a bootstrap method to a class which |
57 * <td>An attacker could attempt to attach a bootstrap method to a class which |
64 * has just been loaded, thus gaining control of its invokedynamic calls.</td> |
58 * has just been loaded, thus gaining control of its {@code invokedynamic} calls.</td> |
65 * </tr> |
59 * </tr> |
66 * |
60 * |
67 * <tr> |
61 * <tr> |
68 * <td>invalidateAll</td> |
62 * <td>invalidateAll</td> |
69 * <td>Force the relinking of invokedynamic call sites everywhere.</td> |
63 * <td>Force the relinking of invokedynamic call sites everywhere.</td> |
70 * <td>This could allow an attacker to slow down the system, or perhaps surface timing bugs in a dynamic language implementations, by forcing redundant relinking operations.</td> |
64 * <td>This could allow an attacker to slow down the system, |
|
65 * or perhaps expose timing bugs in a dynamic language implementations, |
|
66 * by forcing redundant relinking operations.</td> |
71 * </tr> |
67 * </tr> |
72 * |
68 * |
73 * |
69 * |
74 * <tr> |
70 * <tr> |
75 * <td>invalidateCallerClass.{class name}</td> |
71 * <td>invalidateCallerClass.{class name}</td> |
76 * <td>Force the relinking of invokedynamic call sites in the given class.</td> |
72 * <td>Force the relinking of invokedynamic call sites in the given class.</td> |
77 * <td>See {@code invalidateAll}.</td> |
73 * <td>See {@code invalidateAll}.</td> |
78 * </tr> |
74 * </tr> |
79 * </table> |
75 * </table> |
80 * |
76 * |
81 * @see java.security.BasicPermission |
77 * @see java.security.RuntimePermission |
82 * @see java.lang.SecurityManager |
78 * @see java.lang.SecurityManager |
83 * |
79 * |
84 * @author John Rose, JSR 292 EG |
80 * @author John Rose, JSR 292 EG |
85 */ |
81 */ |
86 |
82 |