public abstract class SecurityManager extends Object
SecurityException
if the
action is forbidden.
A typical check is as follows, just before the dangerous operation:
SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkABC(argument, ...);Note that this is thread-safe, by caching the security manager in a local variable rather than risking a NullPointerException if the mangager is changed between the check for null and before the permission check.
Modifier and Type | Field and Description |
---|---|
protected boolean |
inCheck
Tells whether or not the SecurityManager is currently performing a
security check.
|
Modifier | Constructor and Description |
---|---|
protected |
SecurityManager()
Construct a new security manager.
|
Modifier and Type | Method and Description |
---|---|
void |
checkAccept(String host,
int port)
Check if the current thread is allowed to accept a connection from a
particular host on a particular port.
|
void |
checkAccess(Thread t)
Check if the current thread is allowed to modify another Thread.
|
void |
checkAccess(ThreadGroup g)
Check if the current thread is allowed to modify a ThreadGroup.
|
void |
checkConnect(String host,
int port)
Check if the current thread is allowed to connect to a given host on a
given port.
|
void |
checkConnect(String host,
int port,
Object securityContext)
Check if the current thread is allowed to connect to a given host on a
given port, using the given security context.
|
void |
checkCreateClassLoader()
Check if the current thread is allowed to create a ClassLoader.
|
void |
checkDelete(String filename)
Check if the current thread is allowed to delete the given file.
|
void |
checkExec(String program)
Check if the current thread is allowed to execute the given program.
|
void |
checkExit(int status)
Check if the current thread is allowed to exit the JVM with the given
status.
|
void |
checkLink(String filename)
Check if the current thread is allowed to link in the given native
library.
|
void |
checkListen(int port)
Check if the current thread is allowed to listen to a specific port for
data.
|
void |
checkMemberAccess(Class c,
int memberType)
Check if the current thread is allowed to get certain types of Methods,
Fields and Constructors from a Class object.
|
void |
checkPackageAccess(String packageName)
Check if the current thread is allowed to access the specified package
at all.
|
void |
checkPackageDefinition(String packageName)
Check if the current thread is allowed to define a class into the
specified package.
|
void |
checkPermission(Permission perm)
Check if the current thread is allowed to perform an operation that
requires the specified
Permission . |
void |
checkPermission(Permission perm,
Object context)
Check if the current thread is allowed to perform an operation that
requires the specified
Permission . |
void |
checkPrintJobAccess()
Check if the current thread is allowed to create a print job.
|
void |
checkPropertiesAccess()
Check if the current thread is allowed to read or write all the system
properties at once.
|
void |
checkPropertyAccess(String key)
Check if the current thread is allowed to read a particular system
property (writes are checked directly via checkPermission).
|
void |
checkRead(String filename)
Check if the current thread is allowed to read the given file.
|
void |
checkRead(String filename,
Object context)
Check if the current thread is allowed to read the given file. using the
given security context.
|
void |
checkSecurityAccess(String action)
Test whether a particular security action may be taken.
|
void |
checkSetFactory()
Check if the current thread is allowed to set the current socket factory.
|
void |
checkSystemClipboardAccess()
Check if the current thread is allowed to use the system clipboard.
|
boolean |
checkTopLevelWindow(Object window)
Check if the current thread is allowed to create a top-level window.
|
void |
checkWrite(String filename)
Check if the current thread is allowed to write the given file.
|
protected int |
classDepth(String className)
Get the depth of a particular class on the execution stack.
|
protected int |
classLoaderDepth()
Deprecated.
use
checkPermission(Permission) instead |
protected ClassLoader |
currentClassLoader()
Find the ClassLoader of the first non-system class on the execution
stack.
|
protected Class |
currentLoadedClass()
Find the first non-system class on the execution stack.
|
protected Class[] |
getClassContext()
This is not implemented yet in Eve.
|
boolean |
getInCheck()
Tells whether or not the SecurityManager is currently performing a
security check.
|
Object |
getSecurityContext()
Get an implementation-dependent Object that contains enough information
about the current environment to be able to perform standard security
checks later.
|
ThreadGroup |
getThreadGroup()
Get the ThreadGroup that a new Thread should belong to by default.
|
protected boolean |
inClass(String className)
Tell whether the specified class is on the execution stack.
|
protected boolean |
inClassLoader()
Deprecated.
use
checkPermission(Permission) instead |
protected boolean inCheck
protected SecurityManager()
SecurityException
- if permission is deniedpublic boolean getInCheck()
inCheck
protected final Class[] getClassContext()
protected ClassLoader currentClassLoader()
protected Class currentLoadedClass()
ClassLoader.getSystemClassLoader()
or its ancestors.protected int classDepth(String className)
className
- the fully-qualified name to search forprotected int classLoaderDepth()
checkPermission(Permission)
insteadClassLoader.getSystemClassLoader()
or its ancestors. This
will return -1 in three cases:AccessController.doPrivileged(PrivilegedAction)
,
are from system classesjava.security.AllPermission
succeeds.protected boolean inClass(String className)
className
- the fully-qualified name of the class to findprotected boolean inClassLoader()
checkPermission(Permission)
insteadpublic Object getSecurityContext()
Currently the only methods that use this are checkRead() and
checkConnect(). The default implementation returns an
AccessControlContext
.
checkConnect(String, int, Object)
,
checkRead(String, Object)
,
AccessControlContext
,
AccessController#getContext()
public void checkPermission(Permission perm)
Permission
. This defaults to
AccessController.checkPermission
.perm
- the Permission
requiredSecurityException
- if permission is deniedNullPointerException
- if perm is nullpublic void checkPermission(Permission perm, Object context)
Permission
. This is done in a
context previously returned by getSecurityContext()
. The
default implementation expects context to be an AccessControlContext,
and it calls AccessControlContext.checkPermission(perm)
.perm
- the Permission
requiredcontext
- a security contextSecurityException
- if permission is denied, or if context is
not an AccessControlContextNullPointerException
- if perm is nullgetSecurityContext()
,
AccessControlContext#checkPermission(Permission)
public void checkCreateClassLoader()
RuntimePermission("createClassLoader")
. If you override
this, you should call super.checkCreateClassLoader()
rather
than throwing an exception.SecurityException
- if permission is deniedClassLoader.ClassLoader()
public void checkAccess(Thread t)
RuntimePermission("modifyThread") on system threads (ie.
threads in ThreadGroup with a null parent), and returns silently on
other threads.
If you override this, you must do two things. First, call
super.checkAccess(t)
, to make sure you are not relaxing
requirements. Second, if the calling thread has
RuntimePermission("modifyThread")
, return silently, so that
core classes (the Classpath library!) can modify any thread.
t
- the other Thread to checkSecurityException
- if permission is deniedNullPointerException
- if t is nullThread.stop()
,
Thread.suspend()
,
Thread.resume()
,
Thread.setPriority(int)
,
Thread.setName(String)
,
Thread.setDaemon(boolean)
public void checkAccess(ThreadGroup g)
RuntimePermission("modifyThread") on the system group (ie.
the one with a null parent), and returns silently on other groups.
If you override this, you must do two things. First, call
super.checkAccess(t)
, to make sure you are not relaxing
requirements. Second, if the calling thread has
RuntimePermission("modifyThreadGroup")
, return silently,
so that core classes (the Classpath library!) can modify any thread.
g
- the ThreadGroup to checkSecurityException
- if permission is deniedNullPointerException
- if g is nullThread.Thread()
,
ThreadGroup.ThreadGroup()
,
ThreadGroup.stop()
,
ThreadGroup.suspend()
,
ThreadGroup.resume()
,
ThreadGroup.interrupt()
,
ThreadGroup.setDaemon(boolean)
,
ThreadGroup.setMaxPriority(int)
public void checkExit(int status)
RuntimePermission("exitVM")
. If you override this, call
super.checkExit
rather than throwing an exception.status
- the status to exit withSecurityException
- if permission is deniedRuntime.exit(int)
,
Runtime.halt(int)
public void checkExec(String program)
FilePermission(program, "execute")
, otherwise it checks
FilePermission("<<ALL FILES>>", "execute")
. If
you override this, call super.checkExec
rather than
throwing an exception.program
- the name of the program to execSecurityException
- if permission is deniedNullPointerException
- if program is nullRuntime#exec(String[], String[], File)
public void checkLink(String filename)
RuntimePermission("loadLibrary." + filename)
. If you
override this, call super.checkLink
rather than throwing
an exception.filename
- the full name of the library to loadSecurityException
- if permission is deniedNullPointerException
- if filename is nullRuntime.load(String)
public void checkRead(String filename)
FilePermission(filename, "read")
. If
you override this, call super.checkRead
rather than
throwing an exception.filename
- the full name of the file to accessSecurityException
- if permission is deniedNullPointerException
- if filename is nullFile
,
FileInputStream#FileInputStream(String)
,
RandomAccessFile#RandomAccessFile(String)
public void checkRead(String filename, Object context)
getSecurityContext()
. The default implementation checks
AccessControlContext.checkPermission(new FilePermission(filename,
"read"))
. If you override this, call super.checkRead
rather than throwing an exception.filename
- the full name of the file to accesscontext
- the context to determine access forSecurityException
- if permission is denied, or if context is
not an AccessControlContextNullPointerException
- if filename is nullgetSecurityContext()
,
AccessControlContext#checkPermission(Permission)
public void checkWrite(String filename)
FilePermission(filename, "write")
. If you override this,
call super.checkWrite
rather than throwing an exception.filename
- the full name of the file to accessSecurityException
- if permission is deniedNullPointerException
- if filename is nullFile
,
File#canWrite()
,
File#mkdir()
,
File#renameTo()
,
FileOutputStream#FileOutputStream(String)
,
RandomAccessFile#RandomAccessFile(String)
public void checkDelete(String filename)
FilePermission(filename, "delete")
. If you override this,
call super.checkDelete
rather than throwing an exception.filename
- the full name of the file to deleteSecurityException
- if permission is deniedNullPointerException
- if filename is nullFile#delete()
public void checkConnect(String host, int port)
SocketPermission(host, "resolve")
. Otherwise, the default
implementation checks
SocketPermission(host + ":" + port, "connect")
. If you
override this, call super.checkConnect
rather than throwing
an exception.host
- the host to connect toport
- the port to connect onSecurityException
- if permission is deniedNullPointerException
- if host is nullSocket#Socket()
public void checkConnect(String host, int port, Object securityContext)
getSecurityContext
. A port
number of -1 indicates the caller is attempting to determine an IP
address, so the default implementation checks
AccessControlContext.checkPermission(new SocketPermission(host,
"resolve"))
. Otherwise, the default implementation checks
AccessControlContext.checkPermission(new SocketPermission(host
+ ":" + port, "connect"))
. If you override this, call
super.checkConnect
rather than throwing an exception.host
- the host to connect toport
- the port to connect oncontext
- the context to determine access forSecurityException
- if permission is denied, or if context is
not an AccessControlContextNullPointerException
- if host is nullgetSecurityContext()
,
AccessControlContext#checkPermission(Permission)
public void checkListen(int port)
SocketPermission("localhost:" + (port == 0 ? "1024-" : "" + port),
"listen")
. If you override this, call
super.checkListen
rather than throwing an exception.port
- the port to listen onSecurityException
- if permission is deniedServerSocket#ServerSocket(int)
public void checkAccept(String host, int port)
SocketPermission(host + ":" + port, "accept")
. If you
override this, call super.checkAccept
rather than throwing
an exception.host
- the host which wishes to connectport
- the port the connection will be onSecurityException
- if permission is deniedNullPointerException
- if host is nullServerSocket#accept()
public void checkPropertiesAccess()
PropertyPermission("*", "read,write")
. If you override
this, call super.checkPropertiesAccess
rather than
throwing an exception.SecurityException
- if permission is deniedSystem.getProperties()
,
System#setProperties(Properties)
public void checkPropertyAccess(String key)
PropertyPermission(key, "read")
. If
you override this, call super.checkPropertyAccess
rather
than throwing an exception.SecurityException
- if permission is deniedNullPointerException
- if key is nullIllegalArgumentException
- if key is ""System.getProperty(String)
public boolean checkTopLevelWindow(Object window)
window
- the window to createNullPointerException
- if window is nullWindowSurface#Window(Frame)
public void checkPrintJobAccess()
RuntimePermission("queuePrintJob")
. If you override
this, call super.checkPrintJobAccess
rather than throwing
an exception.SecurityException
- if permission is deniedToolkit#getPrintJob(Frame, String, Properties)
public void checkSystemClipboardAccess()
AWTPermission("accessClipboard")
. If
you override this, call super.checkSystemClipboardAccess
rather than throwing an exception.SecurityException
- if permission is deniedToolkit#getSystemClipboard()
public void checkPackageAccess(String packageName)
Security.getProperty("package.access")
. Then,
if packageName starts with or equals any restricted package, it checks
RuntimePermission("accessClassInPackage." + packageName)
.
If you override this, you should call
super.checkPackageAccess
before doing anything else.packageName
- the package name to check access toSecurityException
- if permission is deniedNullPointerException
- if packageName is nullClassLoader.loadClass(String, boolean)
,
Security#getProperty(String)
public void checkPackageDefinition(String packageName)
Security.getProperty("package.definition")
. Then, if
packageName starts with or equals any restricted package, it checks
RuntimePermission("defineClassInPackage." + packageName)
.
If you override this, you should call
super.checkPackageDefinition
before doing anything else.packageName
- the package name to check access toSecurityException
- if permission is deniedNullPointerException
- if packageName is nullClassLoader.loadClass(String, boolean)
,
Security#getProperty(String)
public void checkSetFactory()
RuntimePermission("setFactory")
. If you override this, call
super.checkSetFactory
rather than throwing an exception.SecurityException
- if permission is deniedSocket#setSocketImplFactory(SocketImplFactory)
,
ServerSocket#setSocketFactory(SocketImplFactory)
,
URL#setURLStreamHandlerFactory(URLStreamHandlerFactory)
public void checkMemberAccess(Class c, int memberType)
RuntimePermission("accessDeclaredMembers")
. If you override
this, do not call super.checkMemberAccess
, as this would
mess up the stack depth check that determines the ClassLoader requesting
the access.c
- the Class to checkmemberType
- either DECLARED or PUBLICSecurityException
- if permission is denied, including when
memberType is not DECLARED or PUBLICNullPointerException
- if c is nullClass
,
Member#DECLARED
,
Member#PUBLIC
public void checkSecurityAccess(String action)
SecurityPermission(action)
. If you
override this, call super.checkSecurityAccess
rather than
throwing an exception.action
- the desired action to takeSecurityException
- if permission is deniedNullPointerException
- if action is nullIllegalArgumentException
- if action is ""public ThreadGroup getThreadGroup()