8029886: Change SecurityManager check{TopLevelWindow, SystemClipboardAccessAwtEventQueueAccess} to check AllPermission
Reviewed-by: mchung, prr, art, mullan
--- a/jdk/src/macosx/classes/sun/lwawt/LWToolkit.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/macosx/classes/sun/lwawt/LWToolkit.java Wed Dec 18 08:41:46 2013 +0000
@@ -38,7 +38,6 @@
import sun.awt.*;
import sun.lwawt.macosx.*;
import sun.print.*;
-import sun.security.util.SecurityConstants;
public abstract class LWToolkit extends SunToolkit implements Runnable {
@@ -503,7 +502,7 @@
public Clipboard getSystemClipboard() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ security.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
}
synchronized (this) {
--- a/jdk/src/share/classes/java/awt/Dialog.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/Dialog.java Wed Dec 18 08:41:46 2013 +0000
@@ -34,11 +34,11 @@
import java.security.PrivilegedAction;
import javax.accessibility.*;
import sun.awt.AppContext;
+import sun.awt.AWTPermissions;
import sun.awt.SunToolkit;
import sun.awt.PeerEvent;
import sun.awt.util.IdentityArrayList;
import sun.awt.util.IdentityLinkedList;
-import sun.security.util.SecurityConstants;
import java.security.AccessControlException;
/**
@@ -1611,9 +1611,7 @@
if (mt == ModalityType.TOOLKIT_MODAL) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(
- SecurityConstants.AWT.TOOLKIT_MODALITY_PERMISSION
- );
+ sm.checkPermission(AWTPermissions.TOOLKIT_MODALITY_PERMISSION);
}
}
}
--- a/jdk/src/share/classes/java/awt/MouseInfo.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/MouseInfo.java Wed Dec 18 08:41:46 2013 +0000
@@ -25,7 +25,8 @@
package java.awt;
-import sun.security.util.SecurityConstants;
+import sun.awt.AWTPermissions;
+
/**
* <code>MouseInfo</code> provides methods for getting information about the mouse,
* such as mouse pointer location and the number of mouse buttons.
@@ -76,7 +77,7 @@
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.WATCH_MOUSE_PERMISSION);
+ security.checkPermission(AWTPermissions.WATCH_MOUSE_PERMISSION);
}
Point point = new Point(0, 0);
--- a/jdk/src/share/classes/java/awt/Robot.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/Robot.java Wed Dec 18 08:41:46 2013 +0000
@@ -34,10 +34,10 @@
import java.awt.image.WritableRaster;
import java.awt.peer.RobotPeer;
import java.lang.reflect.InvocationTargetException;
+import sun.awt.AWTPermissions;
import sun.awt.ComponentFactory;
import sun.awt.SunToolkit;
import sun.awt.image.SunWritableRaster;
-import sun.security.util.SecurityConstants;
/**
* This class is used to generate native system input events
@@ -167,7 +167,7 @@
private void checkRobotAllowed() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.CREATE_ROBOT_PERMISSION);
+ security.checkPermission(AWTPermissions.CREATE_ROBOT_PERMISSION);
}
}
@@ -465,8 +465,7 @@
private static void checkScreenCaptureAllowed() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(
- SecurityConstants.AWT.READ_DISPLAY_PIXELS_PERMISSION);
+ security.checkPermission(AWTPermissions.READ_DISPLAY_PIXELS_PERMISSION);
}
}
--- a/jdk/src/share/classes/java/awt/SystemTray.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/SystemTray.java Wed Dec 18 08:41:46 2013 +0000
@@ -32,8 +32,8 @@
import sun.awt.AppContext;
import sun.awt.SunToolkit;
import sun.awt.HeadlessToolkit;
-import sun.security.util.SecurityConstants;
import sun.awt.AWTAccessor;
+import sun.awt.AWTPermissions;
/**
* The <code>SystemTray</code> class represents the system tray for a
@@ -503,7 +503,7 @@
static void checkSystemTrayAllowed() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ACCESS_SYSTEM_TRAY_PERMISSION);
+ security.checkPermission(AWTPermissions.ACCESS_SYSTEM_TRAY_PERMISSION);
}
}
--- a/jdk/src/share/classes/java/awt/TextComponent.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/TextComponent.java Wed Dec 18 08:41:46 2013 +0000
@@ -30,12 +30,12 @@
import java.io.ObjectOutputStream;
import java.io.ObjectInputStream;
import java.io.IOException;
-import sun.awt.InputMethodSupport;
import java.text.BreakIterator;
import javax.swing.text.AttributeSet;
import javax.accessibility.*;
import java.awt.im.InputMethodRequests;
-import sun.security.util.SecurityConstants;
+import sun.awt.AWTPermissions;
+import sun.awt.InputMethodSupport;
/**
* The <code>TextComponent</code> class is the superclass of
@@ -729,7 +729,7 @@
SecurityManager sm = System.getSecurityManager();
if (sm == null) return true;
try {
- sm.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ sm.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
return true;
} catch (SecurityException e) {}
return false;
--- a/jdk/src/share/classes/java/awt/Toolkit.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/Toolkit.java Wed Dec 18 08:41:46 2013 +0000
@@ -57,7 +57,7 @@
import sun.awt.PeerEvent;
import sun.awt.SunToolkit;
import sun.awt.AWTAccessor;
-import sun.security.util.SecurityConstants;
+import sun.awt.AWTPermissions;
import sun.util.CoreResourceBundleControl;
@@ -1731,7 +1731,7 @@
public final EventQueue getSystemEventQueue() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.CHECK_AWT_EVENTQUEUE_PERMISSION);
+ security.checkPermission(AWTPermissions.CHECK_AWT_EVENTQUEUE_PERMISSION);
}
return getSystemEventQueueImpl();
}
@@ -2063,7 +2063,7 @@
}
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ALL_AWT_EVENTS_PERMISSION);
+ security.checkPermission(AWTPermissions.ALL_AWT_EVENTS_PERMISSION);
}
synchronized (this) {
SelectiveAWTEventListener selectiveListener =
@@ -2132,7 +2132,7 @@
}
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ALL_AWT_EVENTS_PERMISSION);
+ security.checkPermission(AWTPermissions.ALL_AWT_EVENTS_PERMISSION);
}
synchronized (this) {
@@ -2197,7 +2197,7 @@
public AWTEventListener[] getAWTEventListeners() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ALL_AWT_EVENTS_PERMISSION);
+ security.checkPermission(AWTPermissions.ALL_AWT_EVENTS_PERMISSION);
}
synchronized (this) {
EventListener[] la = ToolkitEventMulticaster.getListeners(eventListener,AWTEventListener.class);
@@ -2249,7 +2249,7 @@
public AWTEventListener[] getAWTEventListeners(long eventMask) {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ALL_AWT_EVENTS_PERMISSION);
+ security.checkPermission(AWTPermissions.ALL_AWT_EVENTS_PERMISSION);
}
synchronized (this) {
EventListener[] la = ToolkitEventMulticaster.getListeners(eventListener,AWTEventListener.class);
--- a/jdk/src/share/classes/java/awt/Window.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/Window.java Wed Dec 18 08:41:46 2013 +0000
@@ -51,6 +51,7 @@
import java.util.concurrent.atomic.AtomicBoolean;
import javax.accessibility.*;
import sun.awt.AWTAccessor;
+import sun.awt.AWTPermissions;
import sun.awt.AppContext;
import sun.awt.CausedFocusEvent;
import sun.awt.SunToolkit;
@@ -58,7 +59,6 @@
import sun.java2d.Disposer;
import sun.java2d.pipe.Region;
import sun.security.action.GetPropertyAction;
-import sun.security.util.SecurityConstants;
import sun.util.logging.PlatformLogger;
/**
@@ -1386,7 +1386,7 @@
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
try {
- sm.checkPermission(SecurityConstants.AWT.TOPLEVEL_WINDOW_PERMISSION);
+ sm.checkPermission(AWTPermissions.TOPLEVEL_WINDOW_PERMISSION);
} catch (SecurityException se) {
// make sure the privileged action is only
// for getting the property! We don't want the
@@ -1680,7 +1680,7 @@
if (exclusionType == Dialog.ModalExclusionType.TOOLKIT_EXCLUDE) {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(SecurityConstants.AWT.TOOLKIT_MODALITY_PERMISSION);
+ sm.checkPermission(AWTPermissions.TOOLKIT_MODALITY_PERMISSION);
}
}
modalExclusionType = exclusionType;
@@ -2228,7 +2228,7 @@
public final void setAlwaysOnTop(boolean alwaysOnTop) throws SecurityException {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.SET_WINDOW_ALWAYS_ON_TOP_PERMISSION);
+ security.checkPermission(AWTPermissions.SET_WINDOW_ALWAYS_ON_TOP_PERMISSION);
}
boolean oldAlwaysOnTop;
--- a/jdk/src/share/classes/java/awt/event/InputEvent.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/awt/event/InputEvent.java Wed Dec 18 08:41:46 2013 +0000
@@ -32,8 +32,8 @@
import java.util.Arrays;
import sun.awt.AWTAccessor;
+import sun.awt.AWTPermissions;
import sun.util.logging.PlatformLogger;
-import sun.security.util.SecurityConstants;
/**
* The root event class for all component-level input events.
@@ -351,7 +351,7 @@
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
try {
- sm.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ sm.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
b = true;
} catch (SecurityException se) {
if (logger.isLoggable(PlatformLogger.Level.FINE)) {
--- a/jdk/src/share/classes/java/lang/SecurityManager.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/java/lang/SecurityManager.java Wed Dec 18 08:41:46 2013 +0000
@@ -29,7 +29,6 @@
import java.io.FileDescriptor;
import java.io.File;
import java.io.FilePermission;
-import java.awt.AWTPermission;
import java.util.PropertyPermission;
import java.lang.RuntimePermission;
import java.net.SocketPermission;
@@ -67,9 +66,7 @@
* completion of the operation by throwing an exception. A security
* manager routine simply returns if the operation is permitted, but
* throws a <code>SecurityException</code> if the operation is not
- * permitted. The only exception to this convention is
- * <code>checkTopLevelWindow</code>, which returns a
- * <code>boolean</code> value.
+ * permitted.
* <p>
* The current security manager is set by the
* <code>setSecurityManager</code> method in class
@@ -202,8 +199,6 @@
*
* @see java.lang.ClassLoader
* @see java.lang.SecurityException
- * @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object)
- * checkTopLevelWindow
* @see java.lang.System#getSecurityManager() getSecurityManager
* @see java.lang.System#setSecurityManager(java.lang.SecurityManager)
* setSecurityManager
@@ -246,8 +241,7 @@
/**
* returns true if the current context has been granted AllPermission
*/
- private boolean hasAllPermission()
- {
+ private boolean hasAllPermission() {
try {
checkPermission(SecurityConstants.ALL_PERMISSION);
return true;
@@ -352,8 +346,7 @@
* @see #checkPermission(java.security.Permission) checkPermission
*/
@Deprecated
- protected ClassLoader currentClassLoader()
- {
+ protected ClassLoader currentClassLoader() {
ClassLoader cl = currentClassLoader0();
if ((cl != null) && hasAllPermission())
cl = null;
@@ -457,8 +450,7 @@
* @see #checkPermission(java.security.Permission) checkPermission
*/
@Deprecated
- protected int classLoaderDepth()
- {
+ protected int classLoaderDepth() {
int depth = classLoaderDepth0();
if (depth != -1) {
if (hasAllPermission())
@@ -1303,45 +1295,16 @@
}
/**
- * Returns <code>false</code> if the calling
- * thread is not trusted to bring up the top-level window indicated
- * by the <code>window</code> argument. In this case, the caller can
- * still decide to show the window, but the window should include
- * some sort of visual warning. If the method returns
- * <code>true</code>, then the window can be shown without any
- * special restrictions.
- * <p>
- * See class <code>Window</code> for more information on trusted and
- * untrusted windows.
- * <p>
- * This method calls
- * <code>checkPermission</code> with the
- * <code>AWTPermission("showWindowWithoutWarningBanner")</code> permission,
- * and returns <code>true</code> if a SecurityException is not thrown,
- * otherwise it returns <code>false</code>.
- * In the case of subset Profiles of Java SE that do not include the
- * {@code java.awt} package, {@code checkPermission} is instead called
- * to check the permission {@code java.security.AllPermission}.
- * <p>
- * If you override this method, then you should make a call to
- * <code>super.checkTopLevelWindow</code>
- * at the point the overridden method would normally return
- * <code>false</code>, and the value of
- * <code>super.checkTopLevelWindow</code> should
- * be returned.
+ * Returns {@code true} if the calling thread has {@code AllPermission}.
*
- * @param window the new window that is being created.
- * @return <code>true</code> if the calling thread is trusted to put up
- * top-level windows; <code>false</code> otherwise.
- * @exception NullPointerException if the <code>window</code> argument is
- * <code>null</code>.
- * @deprecated The dependency on {@code AWTPermission} creates an
- * impediment to future modularization of the Java platform.
- * Users of this method should instead invoke
- * {@link #checkPermission} directly.
- * This method will be changed in a future release to check
- * the permission {@code java.security.AllPermission}.
- * @see java.awt.Window
+ * @param window not used except to check if it is {@code null}.
+ * @return {@code true} if the calling thread has {@code AllPermission}.
+ * @exception NullPointerException if the {@code window} argument is
+ * {@code null}.
+ * @deprecated This method was originally used to check if the calling thread
+ * was trusted to bring up a top-level window. The method has been
+ * obsoleted and code should instead use {@link #checkPermission}
+ * to check {@code AWTPermission("showWindowWithoutWarningBanner")}.
* @see #checkPermission(java.security.Permission) checkPermission
*/
@Deprecated
@@ -1349,17 +1312,7 @@
if (window == null) {
throw new NullPointerException("window can't be null");
}
- Permission perm = SecurityConstants.AWT.TOPLEVEL_WINDOW_PERMISSION;
- if (perm == null) {
- perm = SecurityConstants.ALL_PERMISSION;
- }
- try {
- checkPermission(perm);
- return true;
- } catch (SecurityException se) {
- // just return false
- }
- return false;
+ return hasAllPermission();
}
/**
@@ -1386,75 +1339,39 @@
}
/**
- * Throws a <code>SecurityException</code> if the
- * calling thread is not allowed to access the system clipboard.
- * <p>
- * This method calls <code>checkPermission</code> with the
- * <code>AWTPermission("accessClipboard")</code>
- * permission.
- * In the case of subset Profiles of Java SE that do not include the
- * {@code java.awt} package, {@code checkPermission} is instead called
- * to check the permission {@code java.security.AllPermission}.
- * <p>
- * If you override this method, then you should make a call to
- * <code>super.checkSystemClipboardAccess</code>
- * at the point the overridden method would normally throw an
- * exception.
+ * Throws {@code SecurityException} if the calling thread does
+ * not have {@code AllPermission}.
*
* @since JDK1.1
* @exception SecurityException if the calling thread does not have
- * permission to access the system clipboard.
- * @deprecated The dependency on {@code AWTPermission} creates an
- * impediment to future modularization of the Java platform.
- * Users of this method should instead invoke
- * {@link #checkPermission} directly.
- * This method will be changed in a future release to check
- * the permission {@code java.security.AllPermission}.
+ * {@code AllPermission}
+ * @deprecated This method was originally used to check if the calling
+ * thread could access the system clipboard. The method has been
+ * obsoleted and code should instead use {@link #checkPermission}
+ * to check {@code AWTPermission("accessClipboard")}.
* @see #checkPermission(java.security.Permission) checkPermission
*/
@Deprecated
public void checkSystemClipboardAccess() {
- Permission perm = SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION;
- if (perm == null) {
- perm = SecurityConstants.ALL_PERMISSION;
- }
- checkPermission(perm);
+ checkPermission(SecurityConstants.ALL_PERMISSION);
}
/**
- * Throws a <code>SecurityException</code> if the
- * calling thread is not allowed to access the AWT event queue.
- * <p>
- * This method calls <code>checkPermission</code> with the
- * <code>AWTPermission("accessEventQueue")</code> permission.
- * In the case of subset Profiles of Java SE that do not include the
- * {@code java.awt} package, {@code checkPermission} is instead called
- * to check the permission {@code java.security.AllPermission}.
- *
- * <p>
- * If you override this method, then you should make a call to
- * <code>super.checkAwtEventQueueAccess</code>
- * at the point the overridden method would normally throw an
- * exception.
+ * Throws {@code SecurityException} if the calling thread does
+ * not have {@code AllPermission}.
*
* @since JDK1.1
* @exception SecurityException if the calling thread does not have
- * permission to access the AWT event queue.
- * @deprecated The dependency on {@code AWTPermission} creates an
- * impediment to future modularization of the Java platform.
- * Users of this method should instead invoke
- * {@link #checkPermission} directly.
- * This method will be changed in a future release to check
- * the permission {@code java.security.AllPermission}.
+ * {@code AllPermission}
+ * @deprecated This method was originally used to check if the calling
+ * thread could access the AWT event queue. The method has been
+ * obsoleted and code should instead use {@link #checkPermission}
+ * to check {@code AWTPermission("accessEventQueue")}.
* @see #checkPermission(java.security.Permission) checkPermission
*/
@Deprecated
public void checkAwtEventQueueAccess() {
- Permission perm = SecurityConstants.AWT.CHECK_AWT_EVENTQUEUE_PERMISSION;
- if (perm == null) {
- perm = SecurityConstants.ALL_PERMISSION;
- }
- checkPermission(perm);
+ checkPermission(SecurityConstants.ALL_PERMISSION);
}
/*
--- a/jdk/src/share/classes/sun/applet/AppletSecurity.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/sun/applet/AppletSecurity.java Wed Dec 18 08:41:46 2013 +0000
@@ -42,6 +42,7 @@
import java.lang.reflect.*;
import sun.awt.AWTSecurityManager;
import sun.awt.AppContext;
+import sun.awt.AWTPermissions;
import sun.security.provider.*;
import sun.security.util.SecurityConstants;
@@ -314,7 +315,7 @@
// If we're about to allow access to the main EventQueue,
// and anything untrusted is on the class context stack,
// disallow access.
- super.checkPermission(SecurityConstants.AWT.CHECK_AWT_EVENTQUEUE_PERMISSION);
+ super.checkPermission(AWTPermissions.CHECK_AWT_EVENTQUEUE_PERMISSION);
}
} // checkAwtEventQueueAccess()
--- a/jdk/src/share/classes/sun/awt/AWTPermissionFactory.java Tue Dec 17 17:14:02 2013 -0800
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,42 +0,0 @@
-/*
- * Copyright (c) 2009, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation. Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package sun.awt;
-
-import java.awt.AWTPermission;
-import sun.security.util.PermissionFactory;
-
-/**
- * A factory object for AWTPermission objects.
- */
-
-public class AWTPermissionFactory
- implements PermissionFactory<AWTPermission>
-{
- @Override
- public AWTPermission newPermission(String name) {
- return new AWTPermission(name);
- }
-}
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/src/share/classes/sun/awt/AWTPermissions.java Wed Dec 18 08:41:46 2013 +0000
@@ -0,0 +1,65 @@
+/*
+ * Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation. Oracle designates this
+ * particular file as subject to the "Classpath" exception as provided
+ * by Oracle in the LICENSE file that accompanied this code.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
+ * or visit www.oracle.com if you need additional information or have any
+ * questions.
+ */
+package sun.awt;
+
+import java.awt.AWTPermission;
+
+/**
+ * Defines the {@code AWTPermission} objects used for permission checks.
+ */
+
+public final class AWTPermissions {
+ private AWTPermissions() { }
+
+ public static final AWTPermission TOPLEVEL_WINDOW_PERMISSION =
+ new AWTPermission("showWindowWithoutWarningBanner");
+
+ public static final AWTPermission ACCESS_CLIPBOARD_PERMISSION =
+ new AWTPermission("accessClipboard");
+
+ public static final AWTPermission CHECK_AWT_EVENTQUEUE_PERMISSION =
+ new AWTPermission("accessEventQueue");
+
+ public static final AWTPermission TOOLKIT_MODALITY_PERMISSION =
+ new AWTPermission("toolkitModality");
+
+ public static final AWTPermission READ_DISPLAY_PIXELS_PERMISSION =
+ new AWTPermission("readDisplayPixels");
+
+ public static final AWTPermission CREATE_ROBOT_PERMISSION =
+ new AWTPermission("createRobot");
+
+ public static final AWTPermission WATCH_MOUSE_PERMISSION =
+ new AWTPermission("watchMousePointer");
+
+ public static final AWTPermission SET_WINDOW_ALWAYS_ON_TOP_PERMISSION =
+ new AWTPermission("setWindowAlwaysOnTop");
+
+ public static final AWTPermission ALL_AWT_EVENTS_PERMISSION =
+ new AWTPermission("listenToAllAWTEvents");
+
+ public static final AWTPermission ACCESS_SYSTEM_TRAY_PERMISSION =
+ new AWTPermission("accessSystemTray");
+}
--- a/jdk/src/share/classes/sun/awt/SunToolkit.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/sun/awt/SunToolkit.java Wed Dec 18 08:41:46 2013 +0000
@@ -43,7 +43,6 @@
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
-import sun.security.util.SecurityConstants;
import sun.util.logging.PlatformLogger;
import sun.misc.SoftCache;
import sun.font.FontDesignMetrics;
@@ -1049,8 +1048,7 @@
try {
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
- sm.checkPermission(
- SecurityConstants.AWT.SET_WINDOW_ALWAYS_ON_TOP_PERMISSION);
+ sm.checkPermission(AWTPermissions.SET_WINDOW_ALWAYS_ON_TOP_PERMISSION);
}
} catch (SecurityException se) {
// There is no permission to show popups over the task bar
--- a/jdk/src/share/classes/sun/awt/dnd/SunDropTargetContextPeer.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/sun/awt/dnd/SunDropTargetContextPeer.java Wed Dec 18 08:41:46 2013 +0000
@@ -54,10 +54,10 @@
import java.io.InputStream;
import sun.awt.AppContext;
+import sun.awt.AWTPermissions;
import sun.awt.SunToolkit;
import sun.awt.datatransfer.DataTransferer;
import sun.awt.datatransfer.ToolkitThreadBlockedHandler;
-import sun.security.util.SecurityConstants;
/**
* <p>
@@ -226,7 +226,7 @@
SecurityManager sm = System.getSecurityManager();
try {
if (!dropInProcess && sm != null) {
- sm.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ sm.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
}
} catch (Exception e) {
Thread currentThread = Thread.currentThread();
--- a/jdk/src/share/classes/sun/security/util/SecurityConstants.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/sun/security/util/SecurityConstants.java Wed Dec 18 08:41:46 2013 +0000
@@ -70,84 +70,6 @@
// sun.security.provider.PolicyFile
public static final AllPermission ALL_PERMISSION = new AllPermission();
- /**
- * AWT Permissions used in the JDK.
- */
- public static class AWT {
- private AWT() { }
-
- /**
- * The class name of the factory to create java.awt.AWTPermission objects.
- */
- private static final String AWTFactory = "sun.awt.AWTPermissionFactory";
-
- /**
- * The PermissionFactory to create AWT permissions (or null if AWT is
- * not present)
- */
- private static final PermissionFactory<?> factory = permissionFactory();
-
- private static PermissionFactory<?> permissionFactory() {
- Class<?> c;
- try {
- c = Class.forName(AWTFactory, false, AWT.class.getClassLoader());
- } catch (ClassNotFoundException e) {
- // not available
- return null;
- }
- // AWT present
- try {
- return (PermissionFactory<?>)c.newInstance();
- } catch (ReflectiveOperationException x) {
- throw new InternalError(x);
- }
- }
-
- private static Permission newAWTPermission(String name) {
- return (factory == null) ? null : factory.newPermission(name);
- }
-
- // java.lang.SecurityManager
- public static final Permission TOPLEVEL_WINDOW_PERMISSION =
- newAWTPermission("showWindowWithoutWarningBanner");
-
- // java.lang.SecurityManager
- public static final Permission ACCESS_CLIPBOARD_PERMISSION =
- newAWTPermission("accessClipboard");
-
- // java.lang.SecurityManager
- public static final Permission CHECK_AWT_EVENTQUEUE_PERMISSION =
- newAWTPermission("accessEventQueue");
-
- // java.awt.Dialog
- public static final Permission TOOLKIT_MODALITY_PERMISSION =
- newAWTPermission("toolkitModality");
-
- // java.awt.Robot
- public static final Permission READ_DISPLAY_PIXELS_PERMISSION =
- newAWTPermission("readDisplayPixels");
-
- // java.awt.Robot
- public static final Permission CREATE_ROBOT_PERMISSION =
- newAWTPermission("createRobot");
-
- // java.awt.MouseInfo
- public static final Permission WATCH_MOUSE_PERMISSION =
- newAWTPermission("watchMousePointer");
-
- // java.awt.Window
- public static final Permission SET_WINDOW_ALWAYS_ON_TOP_PERMISSION =
- newAWTPermission("setWindowAlwaysOnTop");
-
- // java.awt.Toolkit
- public static final Permission ALL_AWT_EVENTS_PERMISSION =
- newAWTPermission("listenToAllAWTEvents");
-
- // java.awt.SystemTray
- public static final Permission ACCESS_SYSTEM_TRAY_PERMISSION =
- newAWTPermission("accessSystemTray");
- }
-
// java.net.URL
public static final NetPermission SPECIFY_HANDLER_PERMISSION =
new NetPermission("specifyStreamHandler");
--- a/jdk/src/share/classes/sun/swing/SwingUtilities2.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/share/classes/sun/swing/SwingUtilities2.java Wed Dec 18 08:41:46 2013 +0000
@@ -53,7 +53,6 @@
import sun.print.ProxyPrintGraphics;
import sun.awt.*;
import sun.security.action.GetPropertyAction;
-import sun.security.util.SecurityConstants;
import java.io.*;
import java.util.*;
import sun.font.FontDesignMetrics;
@@ -1232,7 +1231,7 @@
canAccess = true;
} else {
try {
- sm.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ sm.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
canAccess = true;
} catch (SecurityException e) {
}
--- a/jdk/src/solaris/classes/sun/awt/X11/XToolkit.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/solaris/classes/sun/awt/X11/XToolkit.java Wed Dec 18 08:41:46 2013 +0000
@@ -54,7 +54,6 @@
import sun.security.action.GetPropertyAction;
import sun.security.action.GetBooleanAction;
import sun.util.logging.PlatformLogger;
-import sun.security.util.SecurityConstants;
public final class XToolkit extends UNIXToolkit implements Runnable {
private static final PlatformLogger log = PlatformLogger.getLogger("sun.awt.X11.XToolkit");
@@ -1158,7 +1157,7 @@
public Clipboard getSystemClipboard() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ security.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
}
synchronized (this) {
if (clipboard == null) {
@@ -1171,7 +1170,7 @@
public Clipboard getSystemSelection() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ security.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
}
synchronized (this) {
if (selection == null) {
--- a/jdk/src/windows/classes/sun/awt/windows/WToolkit.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/src/windows/classes/sun/awt/windows/WToolkit.java Wed Dec 18 08:41:46 2013 +0000
@@ -37,6 +37,7 @@
import java.security.AccessController;
import java.security.PrivilegedAction;
import sun.awt.AWTAutoShutdown;
+import sun.awt.AWTPermissions;
import sun.awt.LightweightFrame;
import sun.awt.SunToolkit;
import sun.awt.Win32GraphicsDevice;
@@ -64,7 +65,6 @@
import sun.font.SunFontManager;
import sun.misc.PerformanceLogger;
import sun.util.logging.PlatformLogger;
-import sun.security.util.SecurityConstants;
public class WToolkit extends SunToolkit implements Runnable {
@@ -682,7 +682,7 @@
public Clipboard getSystemClipboard() {
SecurityManager security = System.getSecurityManager();
if (security != null) {
- security.checkPermission(SecurityConstants.AWT.ACCESS_CLIPBOARD_PERMISSION);
+ security.checkPermission(AWTPermissions.ACCESS_CLIPBOARD_PERMISSION);
}
synchronized (this) {
if (clipboard == null) {
--- a/jdk/test/java/lang/SecurityManager/NoAWT.java Tue Dec 17 17:14:02 2013 -0800
+++ b/jdk/test/java/lang/SecurityManager/NoAWT.java Wed Dec 18 08:41:46 2013 +0000
@@ -22,9 +22,9 @@
*/
/* @test
- * @bug 8004502 8008793
- * @summary Sanity check that SecurityManager methods that check AWTPermission
- * behave as expected when AWT is not present
+ * @bug 8004502 8008793 8029886
+ * @summary Sanity check that SecurityManager methods that used to check
+ * AWTPermission now check for AllPermission
*/
import java.security.AllPermission;
@@ -33,9 +33,9 @@
public class NoAWT {
static class MySecurityManager extends SecurityManager {
- Class<?> expectedClass;
+ final Class<?> expectedClass;
- void setExpectedPermissionClass(Class<?> c) {
+ MySecurityManager(Class<?> c) {
expectedClass = c;
}
@@ -48,17 +48,7 @@
}
public static void main(String[] args) {
- Class<?> awtPermissionClass = null;
- try {
- awtPermissionClass = Class.forName("java.awt.AWTPermission");
- } catch (ClassNotFoundException ignore) { }
-
- MySecurityManager sm = new MySecurityManager();
- if (awtPermissionClass != null) {
- sm.setExpectedPermissionClass(awtPermissionClass);
- } else {
- sm.setExpectedPermissionClass(AllPermission.class);
- }
+ MySecurityManager sm = new MySecurityManager(AllPermission.class);
try {
sm.checkAwtEventQueueAccess();