2362N/A * Copyright (c) 1995, 2006, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * The security manager is a class that allows 0N/A * applications to implement a security policy. It allows an 0N/A * application to determine, before performing a possibly unsafe or 0N/A * sensitive operation, what the operation is and whether 0N/A * it is being attempted in a security context that allows the 0N/A * operation to be performed. The 0N/A * application can allow or disallow the operation. 0N/A * The <code>SecurityManager</code> class contains many methods with 0N/A * names that begin with the word <code>check</code>. These methods 0N/A * are called by various methods in the Java libraries before those 0N/A * methods perform certain potentially sensitive operations. The 0N/A * invocation of such a <code>check</code> method typically looks like this: 0N/A * <p><blockquote><pre> 0N/A * SecurityManager security = System.getSecurityManager(); 0N/A * if (security != null) { 0N/A * security.check<i>XXX</i>(argument, . . . ); 0N/A * </pre></blockquote> 0N/A * The security manager is thereby given an opportunity to prevent 0N/A * completion of the operation by throwing an exception. A security 0N/A * manager routine simply returns if the operation is permitted, but 0N/A * throws a <code>SecurityException</code> if the operation is not 0N/A * permitted. The only exception to this convention is 0N/A * <code>checkTopLevelWindow</code>, which returns a 0N/A * <code>boolean</code> value. 0N/A * The current security manager is set by the 0N/A * <code>setSecurityManager</code> method in class 0N/A * <code>System</code>. The current security manager is obtained 0N/A * by the <code>getSecurityManager</code> method. 0N/A * The special method 0N/A * {@link SecurityManager#checkPermission(java.security.Permission)} 0N/A * determines whether an access request indicated by a specified 0N/A * permission should be granted or denied. The 0N/A * default implementation calls 0N/A * AccessController.checkPermission(perm); 0N/A * If a requested access is allowed, 0N/A * <code>checkPermission</code> returns quietly. If denied, a 0N/A * <code>SecurityException</code> is thrown. 0N/A * As of Java 2 SDK v1.2, the default implementation of each of the other 0N/A * <code>check</code> methods in <code>SecurityManager</code> is to 0N/A * call the <code>SecurityManager checkPermission</code> method 0N/A * to determine if the calling thread has permission to perform the requested 0N/A * Note that the <code>checkPermission</code> method with 0N/A * just a single permission argument always performs security checks 0N/A * within the context of the currently executing thread. 0N/A * Sometimes a security check that should be made within a given context 0N/A * will actually need to be done from within a 0N/A * <i>different</i> context (for example, from within a worker thread). 0N/A * The {@link SecurityManager#getSecurityContext getSecurityContext} method 0N/A * and the {@link SecurityManager#checkPermission(java.security.Permission, 0N/A * java.lang.Object) checkPermission} 0N/A * method that includes a context argument are provided 0N/A * for this situation. The 0N/A * <code>getSecurityContext</code> method returns a "snapshot" 0N/A * of the current calling context. (The default implementation 0N/A * returns an AccessControlContext object.) A sample call is 0N/A * Object context = null; 0N/A * SecurityManager sm = System.getSecurityManager(); 0N/A * if (sm != null) context = sm.getSecurityContext(); 0N/A * The <code>checkPermission</code> method 0N/A * that takes a context object in addition to a permission 0N/A * makes access decisions based on that context, 0N/A * rather than on that of the current execution thread. 0N/A * Code within a different context can thus call that method, 0N/A * passing the permission and the 0N/A * previously-saved context object. A sample call, using the 0N/A * SecurityManager <code>sm</code> obtained as in the previous example, 0N/A * if (sm != null) sm.checkPermission(permission, context); 0N/A * <p>Permissions fall into these categories: File, Socket, Net, 0N/A * Security, Runtime, Property, AWT, Reflect, and Serializable. 0N/A * The classes managing these various 0N/A * permission categories are <code>java.io.FilePermission</code>, 0N/A * <code>java.net.SocketPermission</code>, 0N/A * <code>java.net.NetPermission</code>, 0N/A * <code>java.security.SecurityPermission</code>, 0N/A * <code>java.lang.RuntimePermission</code>, 0N/A * <code>java.util.PropertyPermission</code>, 0N/A * <code>java.awt.AWTPermission</code>, 0N/A * <code>java.lang.reflect.ReflectPermission</code>, and 0N/A * <code>java.io.SerializablePermission</code>. 0N/A * <p>All but the first two (FilePermission and SocketPermission) are 0N/A * subclasses of <code>java.security.BasicPermission</code>, which itself 0N/A * is an abstract subclass of the 0N/A * top-level class for permissions, which is 0N/A * <code>java.security.Permission</code>. BasicPermission defines the 0N/A * functionality needed for all permissions that contain a name 0N/A * that follows the hierarchical property naming convention 0N/A * (for example, "exitVM", "setFactory", "queuePrintJob", etc). 0N/A * may appear at the end of the name, following a ".", or by itself, to 0N/A * signify a wildcard match. For example: "a.*" or "*" is valid, 0N/A * "*a" or "a*b" is not valid. 0N/A * <p>FilePermission and SocketPermission are subclasses of the 0N/A * top-level class for permissions 0N/A * (<code>java.security.Permission</code>). Classes like these 0N/A * that have a more complicated name syntax than that used by 0N/A * BasicPermission subclass directly from Permission rather than from 0N/A * BasicPermission. For example, 0N/A * for a <code>java.io.FilePermission</code> object, the permission name is 0N/A * the path name of a file (or directory). 0N/A * <p>Some of the permission classes have an "actions" list that tells 0N/A * the actions that are permitted for the object. For example, 0N/A * for a <code>java.io.FilePermission</code> object, the actions list 0N/A * (such as "read, write") specifies which actions are granted for the 0N/A * specified file (or for files in the specified directory). 0N/A * <p>Other permission classes are for "named" permissions - 0N/A * ones that contain a name but no actions list; you either have the 0N/A * named permission or you don't. 0N/A * <p>Note: There is also a <code>java.security.AllPermission</code> 0N/A * permission that implies all permissions. It exists to simplify the work 0N/A * of system administrators who might need to perform multiple 0N/A * tasks that require all (or numerous) permissions. 0N/A * Permissions in the JDK</a> for permission-related information. 0N/A * This document includes, for example, a table listing the various SecurityManager 0N/A * <code>check</code> methods and the permission(s) the default 0N/A * implementation of each such method requires. 0N/A * It also contains a table of all the version 1.2 methods 0N/A * that require permissions, and for each such method tells 0N/A * which permission it requires. 0N/A * For more information about <code>SecurityManager</code> changes made in 0N/A * the JDK and advice regarding porting of 1.1-style security managers, 0N/A * @author Arthur van Hoff 0N/A * @author Roland Schemers 0N/A * @see java.lang.ClassLoader 0N/A * @see java.lang.SecurityException 0N/A * @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object) 0N/A * checkTopLevelWindow 0N/A * @see java.lang.System#getSecurityManager() getSecurityManager 0N/A * @see java.lang.System#setSecurityManager(java.lang.SecurityManager) 0N/A * setSecurityManager 0N/A * @see java.security.AccessController AccessController 0N/A * @see java.security.AccessControlContext AccessControlContext 0N/A * @see java.security.AccessControlException AccessControlException 0N/A * @see java.security.Permission 0N/A * @see java.security.BasicPermission 0N/A * @see java.io.FilePermission 0N/A * @see java.net.SocketPermission 0N/A * @see java.util.PropertyPermission 0N/A * @see java.lang.RuntimePermission 0N/A * @see java.awt.AWTPermission 0N/A * @see java.security.Policy Policy 0N/A * @see java.security.SecurityPermission SecurityPermission 0N/A * @see java.security.ProtectionDomain 0N/A * This field is <code>true</code> if there is a security check in 0N/A * progress; <code>false</code> otherwise. 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * Have we been initialized. Effective against finalizer attacks. 0N/A * returns true if the current context has been granted AllPermission 0N/A * Tests if there is a security check in progress. 0N/A * @return the value of the <code>inCheck</code> field. This field 0N/A * should contain <code>true</code> if a security check is 0N/A * <code>false</code> otherwise. 0N/A * @see java.lang.SecurityManager#inCheck 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * Constructs a new <code>SecurityManager</code>. 0N/A * <p> If there is a security manager already installed, this method first 0N/A * calls the security manager's <code>checkPermission</code> method 0N/A * with the <code>RuntimePermission("createSecurityManager")</code> 0N/A * permission to ensure the calling thread has permission to create a new 0N/A * This may result in throwing a <code>SecurityException</code>. 0N/A * @exception java.lang.SecurityException if a security manager already 0N/A * exists and its <code>checkPermission</code> method 0N/A * doesn't allow creation of a new security manager. 0N/A * @see java.lang.System#getSecurityManager() 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * @see java.lang.RuntimePermission 0N/A // ask the currently installed security manager if we 0N/A // can create a new one. 0N/A (
"createSecurityManager"));
0N/A * Returns the current execution stack as an array of classes. 0N/A * The length of the array is the number of methods on the execution 0N/A * stack. The element at index <code>0</code> is the class of the 0N/A * currently executing method, the element at index <code>1</code> is 0N/A * the class of that method's caller, and so on. 0N/A * @return the execution stack. 0N/A * Returns the class loader of the most recently executing method from 0N/A * a class defined using a non-system class loader. A non-system 0N/A * class loader is defined as being a class loader that is not equal to 0N/A * the system class loader (as returned 0N/A * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors. 0N/A * This method will return 0N/A * <code>null</code> in the following three cases:<p> 0N/A * <li>All methods on the execution stack are from classes 0N/A * defined using the system class loader or one of its ancestors. 0N/A * <li>All methods on the execution stack up to the first 0N/A * "privileged" caller 0N/A * (see {@link java.security.AccessController#doPrivileged}) 0N/A * defined using the system class loader or one of its ancestors. 0N/A * <li> A call to <code>checkPermission</code> with 0N/A * <code>java.security.AllPermission</code> does not 0N/A * result in a SecurityException. 0N/A * @return the class loader of the most recent occurrence on the stack 0N/A * of a method from a class defined using a non-system class 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Returns the class of the most recently executing method from 0N/A * a class defined using a non-system class loader. A non-system 0N/A * class loader is defined as being a class loader that is not equal to 0N/A * the system class loader (as returned 0N/A * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors. 0N/A * This method will return 0N/A * <code>null</code> in the following three cases:<p> 0N/A * <li>All methods on the execution stack are from classes 0N/A * defined using the system class loader or one of its ancestors. 0N/A * <li>All methods on the execution stack up to the first 0N/A * "privileged" caller 0N/A * (see {@link java.security.AccessController#doPrivileged}) 0N/A * defined using the system class loader or one of its ancestors. 0N/A * <li> A call to <code>checkPermission</code> with 0N/A * <code>java.security.AllPermission</code> does not 0N/A * result in a SecurityException. 0N/A * @return the class of the most recent occurrence on the stack 0N/A * of a method from a class defined using a non-system class 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Returns the stack depth of the specified class. 0N/A * @param name the fully qualified name of the class to search for. 0N/A * @return the depth on the stack frame of the first occurrence of a 0N/A * method from a class with the specified name; 0N/A * <code>-1</code> if such a frame cannot be found. 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * Returns the stack depth of the most recently executing method 0N/A * from a class defined using a non-system class loader. A non-system 0N/A * class loader is defined as being a class loader that is not equal to 0N/A * the system class loader (as returned 0N/A * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors. 0N/A * This method will return 0N/A * -1 in the following three cases:<p> 0N/A * <li>All methods on the execution stack are from classes 0N/A * defined using the system class loader or one of its ancestors. 0N/A * <li>All methods on the execution stack up to the first 0N/A * "privileged" caller 0N/A * (see {@link java.security.AccessController#doPrivileged}) 0N/A * defined using the system class loader or one of its ancestors. 0N/A * <li> A call to <code>checkPermission</code> with 0N/A * <code>java.security.AllPermission</code> does not 0N/A * result in a SecurityException. 0N/A * @return the depth on the stack frame of the most recent occurrence of 0N/A * a method from a class defined using a non-system class loader. 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A depth--;
// make sure we don't include ourself 0N/A * Tests if a method from a class with the specified 0N/A * name is on the execution stack. 0N/A * @param name the fully qualified name of the class. 0N/A * @return <code>true</code> if a method from a class with the specified 0N/A * name is on the execution stack; <code>false</code> otherwise. 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * Basically, tests if a method from a class defined using a 0N/A * class loader is on the execution stack. 0N/A * @return <code>true</code> if a call to <code>currentClassLoader</code> 0N/A * has a non-null return value. 0N/A * @deprecated This type of security checking is not recommended. 0N/A * It is recommended that the <code>checkPermission</code> 0N/A * call be used instead. 0N/A * @see #currentClassLoader() currentClassLoader 0N/A * Creates an object that encapsulates the current execution 0N/A * environment. The result of this method is used, for example, by the 0N/A * three-argument <code>checkConnect</code> method and by the 0N/A * two-argument <code>checkRead</code> method. 0N/A * These methods are needed because a trusted method may be called 0N/A * on to read a file or open a socket on behalf of another method. 0N/A * The trusted method needs to determine if the other (possibly 0N/A * untrusted) method would be allowed to perform the operation on its 0N/A * <p> The default implementation of this method is to return 0N/A * an <code>AccessControlContext</code> object. 0N/A * @return an implementation-dependent object that encapsulates 0N/A * sufficient information about the current execution environment 0N/A * to perform some security checks later. 0N/A * @see java.lang.SecurityManager#checkConnect(java.lang.String, int, 0N/A * java.lang.Object) checkConnect 0N/A * @see java.lang.SecurityManager#checkRead(java.lang.String, 0N/A * java.lang.Object) checkRead 0N/A * @see java.security.AccessControlContext AccessControlContext 0N/A * Throws a <code>SecurityException</code> if the requested 0N/A * access, specified by the given permission, is not permitted based 0N/A * on the security policy currently in effect. 0N/A * This method calls <code>AccessController.checkPermission</code> 0N/A * with the given permission. 0N/A * @param perm the requested permission. 0N/A * @exception SecurityException if access is not permitted based on 0N/A * the current security policy. 0N/A * @exception NullPointerException if the permission argument is 0N/A * <code>null</code>. 0N/A * Throws a <code>SecurityException</code> if the 0N/A * specified security context is denied access to the resource 0N/A * specified by the given permission. 0N/A * The context must be a security 0N/A * context returned by a previous call to 0N/A * <code>getSecurityContext</code> and the access control 0N/A * decision is based upon the configured security policy for 0N/A * that security context. 0N/A * If <code>context</code> is an instance of 0N/A * <code>AccessControlContext</code> then the 0N/A * <code>AccessControlContext.checkPermission</code> method is 0N/A * invoked with the specified permission. 0N/A * If <code>context</code> is not an instance of 0N/A * <code>AccessControlContext</code> then a 0N/A * <code>SecurityException</code> is thrown. 0N/A * @param perm the specified permission 0N/A * @param context a system-dependent security context. 0N/A * @exception SecurityException if the specified security context 0N/A * is not an instance of <code>AccessControlContext</code> 0N/A * (e.g., is <code>null</code>), or is denied access to the 0N/A * resource specified by the given permission. 0N/A * @exception NullPointerException if the permission argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.SecurityManager#getSecurityContext() 0N/A * @see java.security.AccessControlContext#checkPermission(java.security.Permission) 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to create a new class loader. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("createClassLoader")</code> 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkCreateClassLoader</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @exception SecurityException if the calling thread does not 0N/A * to create a new class loader. 0N/A * @see java.lang.ClassLoader#ClassLoader() 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * reference to the root thread group, used for the checkAccess 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to modify the thread argument. 0N/A * This method is invoked for the current security manager by the 0N/A * <code>stop</code>, <code>suspend</code>, <code>resume</code>, 0N/A * <code>setPriority</code>, <code>setName</code>, and 0N/A * <code>setDaemon</code> methods of class <code>Thread</code>. 0N/A * If the thread argument is a system thread (belongs to 0N/A * the thread group with a <code>null</code> parent) then 0N/A * this method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("modifyThread")</code> permission. 0N/A * If the thread argument is <i>not</i> a system thread, 0N/A * this method just returns silently. 0N/A * Applications that want a stricter policy should override this 0N/A * method. If this method is overridden, the method that overrides 0N/A * it should additionally check to see if the calling thread has the 0N/A * <code>RuntimePermission("modifyThread")</code> permission, and 0N/A * if so, return silently. This is to ensure that code granted 0N/A * that permission (such as the JDK itself) is allowed to 0N/A * manipulate any thread. 0N/A * If this method is overridden, then 0N/A * <code>super.checkAccess</code> should 0N/A * be called by the first statement in the overridden method, or the 0N/A * equivalent security check should be placed in the overridden method. 0N/A * @param t the thread to be checked. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to modify the thread. 0N/A * @exception NullPointerException if the thread argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.Thread#resume() resume 0N/A * @see java.lang.Thread#setDaemon(boolean) setDaemon 0N/A * @see java.lang.Thread#setName(java.lang.String) setName 0N/A * @see java.lang.Thread#setPriority(int) setPriority 0N/A * @see java.lang.Thread#stop() stop 0N/A * @see java.lang.Thread#suspend() suspend 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to modify the thread group argument. 0N/A * This method is invoked for the current security manager when a 0N/A * new child thread or child thread group is created, and by the 0N/A * <code>setDaemon</code>, <code>setMaxPriority</code>, 0N/A * <code>stop</code>, <code>suspend</code>, <code>resume</code>, and 0N/A * <code>destroy</code> methods of class <code>ThreadGroup</code>. 0N/A * If the thread group argument is the system thread group ( 0N/A * has a <code>null</code> parent) then 0N/A * this method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("modifyThreadGroup")</code> permission. 0N/A * If the thread group argument is <i>not</i> the system thread group, 0N/A * this method just returns silently. 0N/A * Applications that want a stricter policy should override this 0N/A * method. If this method is overridden, the method that overrides 0N/A * it should additionally check to see if the calling thread has the 0N/A * <code>RuntimePermission("modifyThreadGroup")</code> permission, and 0N/A * if so, return silently. This is to ensure that code granted 0N/A * that permission (such as the JDK itself) is allowed to 0N/A * manipulate any thread. 0N/A * If this method is overridden, then 0N/A * <code>super.checkAccess</code> should 0N/A * be called by the first statement in the overridden method, or the 0N/A * equivalent security check should be placed in the overridden method. 0N/A * @param g the thread group to be checked. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to modify the thread group. 0N/A * @exception NullPointerException if the thread group argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.ThreadGroup#destroy() destroy 0N/A * @see java.lang.ThreadGroup#resume() resume 0N/A * @see java.lang.ThreadGroup#setDaemon(boolean) setDaemon 0N/A * @see java.lang.ThreadGroup#setMaxPriority(int) setMaxPriority 0N/A * @see java.lang.ThreadGroup#stop() stop 0N/A * @see java.lang.ThreadGroup#suspend() suspend 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to cause the Java Virtual Machine to 0N/A * halt with the specified status code. 0N/A * This method is invoked for the current security manager by the 0N/A * <code>exit</code> method of class <code>Runtime</code>. A status 0N/A * of <code>0</code> indicates success; other values indicate various 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("exitVM."+status)</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkExit</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param status the exit status. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to halt the Java Virtual Machine with 0N/A * the specified status. 0N/A * @see java.lang.Runtime#exit(int) exit 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to create a subprocess. 0N/A * This method is invoked for the current security manager by the 0N/A * <code>exec</code> methods of class <code>Runtime</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>FilePermission(cmd,"execute")</code> permission 0N/A * if cmd is an absolute path, otherwise it calls 0N/A * <code>checkPermission</code> with 0N/A * <code>FilePermission("<<ALL FILES>>","execute")</code>. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkExec</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param cmd the specified system command. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to create a subprocess. 0N/A * @exception NullPointerException if the <code>cmd</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.Runtime#exec(java.lang.String) 0N/A * @see java.lang.Runtime#exec(java.lang.String, java.lang.String[]) 0N/A * @see java.lang.Runtime#exec(java.lang.String[]) 0N/A * @see java.lang.Runtime#exec(java.lang.String[], java.lang.String[]) 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to dynamic link the library code 0N/A * specified by the string argument file. The argument is either a 0N/A * simple library name or a complete filename. 0N/A * This method is invoked for the current security manager by 0N/A * methods <code>load</code> and <code>loadLibrary</code> of class 0N/A * <code>Runtime</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("loadLibrary."+lib)</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkLink</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param lib the name of the library. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to dynamically link the library. 0N/A * @exception NullPointerException if the <code>lib</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.Runtime#load(java.lang.String) 0N/A * @see java.lang.Runtime#loadLibrary(java.lang.String) 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to read from the specified file 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("readFileDescriptor")</code> 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkRead</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param fd the system-dependent file descriptor. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the specified file descriptor. 0N/A * @exception NullPointerException if the file descriptor argument is 0N/A * <code>null</code>. 0N/A * @see java.io.FileDescriptor 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to read the file specified by the 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>FilePermission(file,"read")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkRead</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param file the system-dependent file name. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the specified file. 0N/A * @exception NullPointerException if the <code>file</code> argument is 0N/A * <code>null</code>. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * specified security context is not allowed to read the file 0N/A * specified by the string argument. The context must be a security 0N/A * context returned by a previous call to 0N/A * <code>getSecurityContext</code>. 0N/A * <p> If <code>context</code> is an instance of 0N/A * <code>AccessControlContext</code> then the 0N/A * <code>AccessControlContext.checkPermission</code> method will 0N/A * be invoked with the <code>FilePermission(file,"read")</code> permission. 0N/A * <p> If <code>context</code> is not an instance of 0N/A * <code>AccessControlContext</code> then a 0N/A * <code>SecurityException</code> is thrown. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkRead</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param file the system-dependent filename. 0N/A * @param context a system-dependent security context. 0N/A * @exception SecurityException if the specified security context 0N/A * is not an instance of <code>AccessControlContext</code> 0N/A * (e.g., is <code>null</code>), or does not have permission 0N/A * to read the specified file. 0N/A * @exception NullPointerException if the <code>file</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.SecurityManager#getSecurityContext() 0N/A * @see java.security.AccessControlContext#checkPermission(java.security.Permission) 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to write to the specified file 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("writeFileDescriptor")</code> 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkWrite</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param fd the system-dependent file descriptor. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the specified file descriptor. 0N/A * @exception NullPointerException if the file descriptor argument is 0N/A * <code>null</code>. 0N/A * @see java.io.FileDescriptor 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to write to the file specified by 0N/A * the string argument. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>FilePermission(file,"write")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkWrite</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param file the system-dependent filename. 0N/A * @exception SecurityException if the calling thread does not 0N/A * have permission to access the specified file. 0N/A * @exception NullPointerException if the <code>file</code> argument is 0N/A * <code>null</code>. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to delete the specified file. 0N/A * This method is invoked for the current security manager by the 0N/A * <code>delete</code> method of class <code>File</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>FilePermission(file,"delete")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkDelete</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param file the system-dependent filename. 0N/A * @exception SecurityException if the calling thread does not 0N/A * have permission to delete the file. 0N/A * @exception NullPointerException if the <code>file</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.io.File#delete() 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to open a socket connection to the 0N/A * specified host and port number. 0N/A * A port number of <code>-1</code> indicates that the calling 0N/A * method is attempting to determine the IP address of the specified 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>SocketPermission(host+":"+port,"connect")</code> permission if 0N/A * the port is not equal to -1. If the port is equal to -1, then 0N/A * it calls <code>checkPermission</code> with the 0N/A * <code>SocketPermission(host,"resolve")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkConnect</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param host the host name port to connect to. 0N/A * @param port the protocol port to connect to. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to open a socket connection to the specified 0N/A * <code>host</code> and <code>port</code>. 0N/A * @exception NullPointerException if the <code>host</code> argument is 0N/A * <code>null</code>. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * specified security context is not allowed to open a socket 0N/A * connection to the specified host and port number. 0N/A * A port number of <code>-1</code> indicates that the calling 0N/A * method is attempting to determine the IP address of the specified 0N/A * <p> If <code>context</code> is not an instance of 0N/A * <code>AccessControlContext</code> then a 0N/A * <code>SecurityException</code> is thrown. 0N/A * Otherwise, the port number is checked. If it is not equal 0N/A * to -1, the <code>context</code>'s <code>checkPermission</code> 0N/A * method is called with a 0N/A * <code>SocketPermission(host+":"+port,"connect")</code> permission. 0N/A * If the port is equal to -1, then 0N/A * the <code>context</code>'s <code>checkPermission</code> method 0N/A * <code>SocketPermission(host,"resolve")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkConnect</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param host the host name port to connect to. 0N/A * @param port the protocol port to connect to. 0N/A * @param context a system-dependent security context. 0N/A * @exception SecurityException if the specified security context 0N/A * is not an instance of <code>AccessControlContext</code> 0N/A * (e.g., is <code>null</code>), or does not have permission 0N/A * to open a socket connection to the specified 0N/A * <code>host</code> and <code>port</code>. 0N/A * @exception NullPointerException if the <code>host</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.SecurityManager#getSecurityContext() 0N/A * @see java.security.AccessControlContext#checkPermission(java.security.Permission) 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to wait for a connection request on 0N/A * the specified local port number. 0N/A * If port is not 0, this method calls 0N/A * <code>checkPermission</code> with the 0N/A * <code>SocketPermission("localhost:"+port,"listen")</code>. 0N/A * If port is zero, this method calls <code>checkPermission</code> 0N/A * with <code>SocketPermission("localhost:1024-","listen").</code> 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkListen</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param port the local port. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to listen on the specified port. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not permitted to accept a socket connection from 0N/A * the specified host and port number. 0N/A * This method is invoked for the current security manager by the 0N/A * <code>accept</code> method of class <code>ServerSocket</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>SocketPermission(host+":"+port,"accept")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkAccept</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param host the host name of the socket connection. 0N/A * @param port the port number of the socket connection. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to accept the connection. 0N/A * @exception NullPointerException if the <code>host</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.net.ServerSocket#accept() 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to use 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>java.net.SocketPermission(maddr.getHostAddress(), 0N/A * "accept,connect")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkMulticast</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param maddr Internet group address to be used. 0N/A * @exception SecurityException if the calling thread is not allowed to 0N/A * @exception NullPointerException if the address argument is 0N/A * <code>null</code>. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to use 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>java.net.SocketPermission(maddr.getHostAddress(), 0N/A * "accept,connect")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkMulticast</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param maddr Internet group address to be used. 0N/A * @param ttl value in use, if it is multicast send. 0N/A * Note: this particular implementation does not use the ttl 0N/A * @exception SecurityException if the calling thread is not allowed to 0N/A * @exception NullPointerException if the address argument is 0N/A * <code>null</code>. 0N/A * @deprecated Use #checkPermission(java.security.Permission) instead 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access or modify the system 0N/A * This method is used by the <code>getProperties</code> and 0N/A * <code>setProperties</code> methods of class <code>System</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>PropertyPermission("*", "read,write")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkPropertiesAccess</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access or modify the system properties. 0N/A * @see java.lang.System#getProperties() 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access the system property with 0N/A * the specified <code>key</code> name. 0N/A * This method is used by the <code>getProperty</code> method of 0N/A * class <code>System</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>PropertyPermission(key, "read")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkPropertyAccess</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param key a system property key. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the specified system property. 0N/A * @exception NullPointerException if the <code>key</code> argument is 0N/A * <code>null</code>. 0N/A * @exception IllegalArgumentException if <code>key</code> is empty. 0N/A * @see java.lang.System#getProperty(java.lang.String) 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Returns <code>false</code> if the calling 0N/A * thread is not trusted to bring up the top-level window indicated 0N/A * by the <code>window</code> argument. In this case, the caller can 0N/A * still decide to show the window, but the window should include 0N/A * some sort of visual warning. If the method returns 0N/A * <code>true</code>, then the window can be shown without any 0N/A * special restrictions. 0N/A * See class <code>Window</code> for more information on trusted and 0N/A * untrusted windows. 0N/A * <code>checkPermission</code> with the 0N/A * <code>AWTPermission("showWindowWithoutWarningBanner")</code> permission, 0N/A * and returns <code>true</code> if a SecurityException is not thrown, 0N/A * otherwise it returns <code>false</code>. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkTopLevelWindow</code> 0N/A * at the point the overridden method would normally return 0N/A * <code>false</code>, and the value of 0N/A * <code>super.checkTopLevelWindow</code> should 0N/A * @param window the new window that is being created. 0N/A * @return <code>true</code> if the calling thread is trusted to put up 0N/A * top-level windows; <code>false</code> otherwise. 0N/A * @exception NullPointerException if the <code>window</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.awt.Window 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A // just return false 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to initiate a print job request. 0N/A * <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("queuePrintJob")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkPrintJobAccess</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to initiate a print job request. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access the system clipboard. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>AWTPermission("accessClipboard")</code> 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkSystemClipboardAccess</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the system clipboard. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access the AWT event queue. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>AWTPermission("accessEventQueue")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkAwtEventQueueAccess</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the AWT event queue. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * We have an initial invalid bit (initially false) for the class 0N/A * variables which tell if the cache is valid. If the underlying 0N/A * java.security.Security property changes via setProperty(), the 0N/A * Security class uses reflection to change the variable and thus 0N/A * invalidate the cache. 0N/A * Locking is handled by synchronization to the 0N/A * used in this class. 0N/A * Note that cache invalidation as a result of the property change 0N/A * happens without using these locks, so there may be a delay between 0N/A * when a thread updates the property and when other threads updates 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access the package specified by 0N/A * This method is used by the <code>loadClass</code> method of class 0N/A * This method first gets a list of 0N/A * restricted packages by obtaining a comma-separated list from 0N/A * <code>java.security.Security.getProperty("package.access")</code>, 0N/A * and checks to see if <code>pkg</code> starts with or equals 0N/A * any of the restricted packages. If it does, then 0N/A * <code>checkPermission</code> gets called with the 0N/A * <code>RuntimePermission("accessClassInPackage."+pkg)</code> 0N/A * If this method is overridden, then 0N/A * <code>super.checkPackageAccess</code> should be called 0N/A * as the first line in the overridden method. 0N/A * @param pkg the package name. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to access the specified package. 0N/A * @exception NullPointerException if the package name argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) 0N/A * @see java.security.Security#getProperty getProperty 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Do we need to update our property array? 0N/A // Using a snapshot of packageAccess -- don't care if static field 0N/A // changes afterwards; array contents won't change. 0N/A * Traverse the list of packages, check for any matches. 0N/A break;
// No need to continue; only need to check this once 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to define classes in the package 0N/A * specified by the argument. 0N/A * This method is used by the <code>loadClass</code> method of some 0N/A * This method first gets a list of restricted packages by 0N/A * obtaining a comma-separated list from a call to 0N/A * <code>java.security.Security.getProperty("package.definition")</code>, 0N/A * and checks to see if <code>pkg</code> starts with or equals 0N/A * any of the restricted packages. If it does, then 0N/A * <code>checkPermission</code> gets called with the 0N/A * <code>RuntimePermission("defineClassInPackage."+pkg)</code> 0N/A * If this method is overridden, then 0N/A * <code>super.checkPackageDefinition</code> should be called 0N/A * as the first line in the overridden method. 0N/A * @param pkg the package name. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to define classes in the specified package. 0N/A * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) 0N/A * @see java.security.Security#getProperty getProperty 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Do we need to update our property array? 0N/A "package.definition");
0N/A // Using a snapshot of packageDefinition -- don't care if static 0N/A // field changes afterwards; array contents won't change. 0N/A * Traverse the list of packages, check for any matches. 0N/A break;
// No need to continue; only need to check this once 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to set the socket factory used by 0N/A * <code>ServerSocket</code> or <code>Socket</code>, or the stream 0N/A * handler factory used by <code>URL</code>. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("setFactory")</code> permission. 0N/A * If you override this method, then you should make a call to 0N/A * <code>super.checkSetFactory</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission to specify a socket factory or a stream 0N/A * @see java.net.ServerSocket#setSocketFactory(java.net.SocketImplFactory) setSocketFactory 0N/A * @see java.net.Socket#setSocketImplFactory(java.net.SocketImplFactory) setSocketImplFactory 0N/A * @see java.net.URL#setURLStreamHandlerFactory(java.net.URLStreamHandlerFactory) setURLStreamHandlerFactory 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access members. 0N/A * The default policy is to allow access to PUBLIC members, as well 0N/A * as access to classes that have the same class loader as the caller. 0N/A * In all other cases, this method calls <code>checkPermission</code> 0N/A * with the <code>RuntimePermission("accessDeclaredMembers") 0N/A * </code> permission. 0N/A * If this method is overridden, then a call to 0N/A * <code>super.checkMemberAccess</code> cannot be made, 0N/A * as the default implementation of <code>checkMemberAccess</code> 0N/A * relies on the code being checked being at a stack depth of 0N/A * @param clazz the class that reflection is to be performed on. 0N/A * @param which type of access, PUBLIC or DECLARED. 0N/A * @exception SecurityException if the caller does not have 0N/A * permission to access members. 0N/A * @exception NullPointerException if the <code>clazz</code> argument is 0N/A * <code>null</code>. 0N/A * @see java.lang.reflect.Member 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * stack depth of 4 should be the caller of one of the 0N/A * methods in java.lang.Class that invoke checkMember 0N/A * access. The stack should look like: 0N/A * java.lang.Class.someReflectionAPI [2] 0N/A * java.lang.Class.checkMemberAccess [1] 0N/A * SecurityManager.checkMemberAccess [0] 0N/A * Determines whether the permission with the specified permission target 0N/A * name should be granted or denied. 0N/A * <p> If the requested permission is allowed, this method returns 0N/A * quietly. If denied, a SecurityException is raised. 0N/A * <p> This method creates a <code>SecurityPermission</code> object for 0N/A * the given permission target name and calls <code>checkPermission</code> 0N/A * <p> See the documentation for 0N/A * <code>{@link java.security.SecurityPermission}</code> for 0N/A * a list of possible permission target names. 0N/A * <p> If you override this method, then you should make a call to 0N/A * <code>super.checkSecurityAccess</code> 0N/A * at the point the overridden method would normally throw an 0N/A * @param target the target name of the <code>SecurityPermission</code>. 0N/A * @exception SecurityException if the calling thread does not have 0N/A * permission for the requested access. 0N/A * @exception NullPointerException if <code>target</code> is null. 0N/A * @exception IllegalArgumentException if <code>target</code> is empty. 0N/A * @see #checkPermission(java.security.Permission) checkPermission 0N/A * Returns the thread group into which to instantiate any new 0N/A * thread being created at the time this is being called. 0N/A * By default, it returns the thread group of the current 0N/A * thread. This should be overridden by a specific security 0N/A * manager to return the appropriate thread group. 0N/A * @return ThreadGroup that new threads are instantiated into 0N/A * @see java.lang.ThreadGroup