Mercurial Mercurial > jdk-sandbox / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
jdk/src/share/classes/java/dyn/LinkagePermission.java
changeset 5722 4ada807383c8
parent 4537 7c3c7f8d5195
child 5725 16c1792b2ee6
equal deleted inserted replaced
5371:ff9031a745d9 5722:4ada807383c8 
    29 import java.util.Enumeration;
 
    29 import java.util.Enumeration;
 
    30 import java.util.Hashtable;
 
    30 import java.util.Hashtable;
 
    31 import java.util.StringTokenizer;
 
    31 import java.util.StringTokenizer;
 
    32 
    32 
    33 /**
 
    33 /**
 
    34  * This class is for runtime permissions. A RuntimePermission
 
    34  * This class is for managing runtime permission checking for
 
    35  * contains a name (also referred to as a "target name") but
 
    35  * operations performed by methods in the {@link Linkage} class.
 
       
    36  * Like a {@link RuntimePermission}, on which it is modeled,
 
       
    37  * a {@code LinkagePermission} contains a target name but
 
    36  * no actions list; you either have the named permission
 
    38  * no actions list; you either have the named permission
 
    37  * or you don't.
 
    39  * or you don't.
 
    38  *
 
    40  * <p>
 
    39  * <P>
 
    41  * The following table lists all the possible {@code LinkagePermission} target names,
 
    40  * The target name is the name of the runtime permission (see below). The
 
       
    41  * naming convention follows the  hierarchical property naming convention.
 
       
    42  * Also, an asterisk
 
       
    43  * may appear at the end of the name, following a ".", or by itself, to
 
       
    44  * signify a wildcard match. For example: "loadLibrary.*" or "*" is valid,
 
       
    45  * "*loadLibrary" or "a*b" is not valid.
 
       
    46  * <P>
 
       
    47  * The following table lists all the possible RuntimePermission target names,
 
       
    48  * and for each provides a description of what the permission allows
 
    42  * and for each provides a description of what the permission allows
 
    49  * and a discussion of the risks of granting code the permission.
 
    43  * and a discussion of the risks of granting code the permission.
 
    50  * <P>
 
    44  * <p>
 
    51  *
 
    45  *
 
    52  * <table border=1 cellpadding=5 summary="permission target name,
 
    46  * <table border=1 cellpadding=5 summary="permission target name,
 
    53  *  what the target allows,and associated risks">
 
    47  *  what the target allows,and associated risks">
 
    54  * <tr>
 
    48  * <tr>
 
    55  * <th>Permission Target Name</th>
 
    49  * <th>Permission Target Name</th>
 
    57  * <th>Risks of Allowing this Permission</th>
 
    51  * <th>Risks of Allowing this Permission</th>
 
    58  * </tr>
 
    52  * </tr>
 
    59  *
 
    53  *
 
    60  * <tr>
 
    54  * <tr>
 
    61  *   <td>registerBootstrapMethod.{class name}</td>
 
    55  *   <td>registerBootstrapMethod.{class name}</td>
 
    62  *   <td>Specifying a bootstrap method for invokedynamic, within a class of the given name</td>
 
    56  *   <td>Specifying a bootstrap method for {@code invokedynamic} instructions within a class of the given name</td>
 
    63  *   <td>An attacker could attempt to attach a bootstrap method to a class which
 
    57  *   <td>An attacker could attempt to attach a bootstrap method to a class which
 
    64  *       has just been loaded, thus gaining control of its invokedynamic calls.</td>
 
    58  *       has just been loaded, thus gaining control of its {@code invokedynamic} calls.</td>
 
    65  * </tr>
 
    59  * </tr>
 
    66  *
 
    60  *
 
    67  * <tr>
 
    61  * <tr>
 
    68  *   <td>invalidateAll</td>
 
    62  *   <td>invalidateAll</td>
 
    69  *   <td>Force the relinking of invokedynamic call sites everywhere.</td>
 
    63  *   <td>Force the relinking of invokedynamic call sites everywhere.</td>
 
    70  *   <td>This could allow an attacker to slow down the system, or perhaps surface timing bugs in a dynamic language implementations, by forcing redundant relinking operations.</td>
 
    64  *   <td>This could allow an attacker to slow down the system,
 
       
    65  *       or perhaps expose timing bugs in a dynamic language implementations,
 
       
    66  *       by forcing redundant relinking operations.</td>
 
    71  * </tr>
 
    67  * </tr>
 
    72  *
 
    68  *
 
    73  *
 
    69  *
 
    74  * <tr>
 
    70  * <tr>
 
    75  *   <td>invalidateCallerClass.{class name}</td>
 
    71  *   <td>invalidateCallerClass.{class name}</td>
 
    76  *   <td>Force the relinking of invokedynamic call sites in the given class.</td>
 
    72  *   <td>Force the relinking of invokedynamic call sites in the given class.</td>
 
    77  *   <td>See {@code invalidateAll}.</td>
 
    73  *   <td>See {@code invalidateAll}.</td>
 
    78  * </tr>
 
    74  * </tr>
 
    79  * </table>
 
    75  * </table>
 
    80  *
 
    76  *
 
    81  * @see java.security.BasicPermission
 
    77  * @see java.security.RuntimePermission
 
    82  * @see java.lang.SecurityManager
 
    78  * @see java.lang.SecurityManager
 
    83  *
 
    79  *
 
    84  * @author John Rose, JSR 292 EG
 
    80  * @author John Rose, JSR 292 EG
 
    85  */
 
    81  */
 
    86 
    82
jdk-sandbox