AppletSecurity.java revision 2362
2362N/A * Copyright (c) 1995, 2006, Oracle and/or its affiliates. All rights reserved. 0N/A * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 0N/A * This code is free software; you can redistribute it and/or modify it 0N/A * under the terms of the GNU General Public License version 2 only, as 2362N/A * published by the Free Software Foundation. Oracle designates this 0N/A * particular file as subject to the "Classpath" exception as provided 2362N/A * by Oracle in the LICENSE file that accompanied this code. 0N/A * This code is distributed in the hope that it will be useful, but WITHOUT 0N/A * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 0N/A * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 0N/A * version 2 for more details (a copy is included in the LICENSE file that 0N/A * accompanied this code). 0N/A * You should have received a copy of the GNU General Public License version 0N/A * 2 along with this work; if not, write to the Free Software Foundation, 0N/A * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2362N/A * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2362N/A * or visit www.oracle.com if you need additional information or have any 0N/A * This class defines an applet security policy 0N/A //URLClassLoader.acc 0N/A //AccessControlContext.context; 0N/A * Construct and initialize. 0N/A // Cache to store known restricted packages 0N/A * Reset from Properties 0N/A // Enumerate system properties 0N/A // Cache restricted packages 0N/A * get the current (first) instance of an AppletClassLoader on the stack. 0N/A // try currentClassLoader first 0N/A // if that fails, get all the classes on the stack and check them. 0N/A * fix bug # 6433620 the logic here is : try to find URLClassLoader from 0N/A * class context, check its AccessControlContext to see if 0N/A * AppletClassLoader is in stack when it's created. for this kind of 0N/A * URLClassLoader, return the AppContext assocated with the 0N/A * AppletClassLoader. 0N/A // if that fails, try the context class loader 0N/A // no AppletClassLoaders on the stack 0N/A * Returns true if this threadgroup is in the applet's own thread 0N/A * group. This will return false if there is no current class 0N/A * Returns true of the threadgroup of thread is in the applet's 0N/A * Applets are not allowed to manipulate threads outside 0N/A * applet thread groups. However a terminated thread no longer belongs 0N/A /* When multiple applets is reloaded simultaneously, there will be 0N/A * multiple invocations to this method from plugin's SecurityManager. 0N/A * This method should not be synchronized to avoid deadlock when 0N/A * a page with multiple applets is reloaded 0N/A * Applets are not allowed to manipulate thread groups outside 0N/A * applet thread groups. 0N/A // if we are in a recursive check, it is because 0N/A // inThreadGroup is calling appletLoader.getThreadGroup 0N/A // in that case, only do the super check, as appletLoader 0N/A * Throws a <code>SecurityException</code> if the 0N/A * calling thread is not allowed to access the package specified by 0N/A * This method is used by the <code>loadClass</code> method of class 0N/A * The <code>checkPackageAccess</code> method for class 0N/A * <code>SecurityManager</code> calls 0N/A * <code>checkPermission</code> with the 0N/A * <code>RuntimePermission("accessClassInPackage."+pkg)</code> 0N/A * @param pkg the package name. 0N/A * @exception SecurityException if the caller does not have 0N/A * permission to access the specified package. 0N/A * @see java.lang.ClassLoader#loadClass(java.lang.String, boolean) 0N/A // first see if the VM-wide policy allows access to this package 0N/A // now check the list of restricted packages 0N/A // Prevent matching "sun" and "sunir" even if they 0N/A // starts with similar beginning characters 0N/A * Tests if a client can get access to the AWT event queue. 0N/A * This method calls <code>checkPermission</code> with the 0N/A * <code>AWTPermission("accessEventQueue")</code> permission. 0N/A * @exception SecurityException if the caller does not have 0N/A * permission to accesss the AWT event queue. 0N/A // If we're about to allow access to the main EventQueue, 0N/A // and anything untrusted is on the class context stack, 0N/A }
// checkAwtEventQueueAccess() 0N/A * Returns the thread group of the applet. We consult the classloader 0N/A /* If any applet code is on the execution stack, we return 0N/A that applet's ThreadGroup. Otherwise, we use the default 0N/A }
// getThreadGroup() 0N/A * Get the AppContext corresponding to the current context. 0N/A * The default implementation returns null, but this method 0N/A * may be overridden by various SecurityManagers 0N/A * (e.g. AppletSecurity) to index AppContext objects by the 0N/A * @return the AppContext corresponding to the current context. 0N/A * @see sun.awt.AppContext 0N/A * @see java.lang.SecurityManager 0N/A // context == null when some thread in applet thread group 0N/A // has not been destroyed in AppContext.dispose() 0N/A}
// class AppletSecurity