src/share/classes/java/io/FilePermission.java
Print this page
*** 74,84 ****
* <P>
* The actions string is converted to lowercase before processing.
* <P>
* Be careful when granting FilePermissions. Think about the implications
* of granting read and especially write access to various files and
! * directories. The "<<ALL FILES>>" permission with write action is
* especially dangerous. This grants permission to write to the entire
* file system. One thing this effectively allows is replacement of the
* system binary, including the JVM runtime environment.
*
* <p>Please note: Code can always read a file from the same
--- 74,84 ----
* <P>
* The actions string is converted to lowercase before processing.
* <P>
* Be careful when granting FilePermissions. Think about the implications
* of granting read and especially write access to various files and
! * directories. The "<<ALL FILES>>" permission with write action is
* especially dangerous. This grants permission to write to the entire
* file system. One thing this effectively allows is replacement of the
* system binary, including the JVM runtime environment.
*
* <p>Please note: Code can always read a file from the same
*** 178,190 ****
* Also called during de-serialization.
*
* @param mask the actions mask to use.
*
*/
! private void init(int mask)
! {
!
if ((mask & ALL) != mask)
throw new IllegalArgumentException("invalid actions mask");
if (mask == NONE)
throw new IllegalArgumentException("invalid actions mask");
--- 178,188 ----
* Also called during de-serialization.
*
* @param mask the actions mask to use.
*
*/
! private void init(int mask) {
if ((mask & ALL) != mask)
throw new IllegalArgumentException("invalid actions mask");
if (mask == NONE)
throw new IllegalArgumentException("invalid actions mask");
*** 272,284 ****
*
* @throws IllegalArgumentException
* If actions is <code>null</code>, empty or contains an action
* other than the specified possible actions.
*/
!
! public FilePermission(String path, String actions)
! {
super(path);
init(getMask(actions));
}
/**
--- 270,280 ----
*
* @throws IllegalArgumentException
* If actions is <code>null</code>, empty or contains an action
* other than the specified possible actions.
*/
! public FilePermission(String path, String actions) {
super(path);
init(getMask(actions));
}
/**
*** 291,302 ****
* @param path the pathname of the file/directory.
* @param mask the action mask to use.
*/
// package private for use by the FilePermissionCollection add method
! FilePermission(String path, int mask)
! {
super(path);
init(mask);
}
/**
--- 287,297 ----
* @param path the pathname of the file/directory.
* @param mask the action mask to use.
*/
// package private for use by the FilePermissionCollection add method
! FilePermission(String path, int mask) {
super(path);
init(mask);
}
/**
*** 335,345 ****
* Checks if the Permission's actions are a proper subset of the
* this object's actions. Returns the effective mask iff the
* this FilePermission's path also implies that FilePermission's path.
*
* @param that the FilePermission to check against.
- * @param exact return immediately if the masks are not equal
* @return the effective mask
*/
boolean impliesIgnoreMask(FilePermission that) {
if (this.directory) {
if (this.recursive) {
--- 330,339 ----
*** 410,420 ****
/**
* Returns the hash code value for this object.
*
* @return a hash code value for this object.
*/
-
public int hashCode() {
return this.cpath.hashCode();
}
/**
--- 404,413 ----
*** 422,432 ****
*
* @param actions the action string.
* @return the actions mask.
*/
private static int getMask(String actions) {
-
int mask = NONE;
// Null action valid?
if (actions == null) {
return mask;
--- 415,424 ----
*** 550,560 ****
/**
* Return the current action mask. Used by the FilePermissionCollection.
*
* @return the actions mask.
*/
-
int getMask() {
return mask;
}
/**
--- 542,551 ----
*** 562,573 ****
* Always returns present actions in the following order:
* read, write, execute, delete, readlink.
*
* @return the canonical string representation of the actions.
*/
! private static String getActions(int mask)
! {
StringBuilder sb = new StringBuilder();
boolean comma = false;
if ((mask & READ) == READ) {
comma = true;
--- 553,563 ----
* Always returns present actions in the following order:
* read, write, execute, delete, readlink.
*
* @return the canonical string representation of the actions.
*/
! private static String getActions(int mask) {
StringBuilder sb = new StringBuilder();
boolean comma = false;
if ((mask & READ) == READ) {
comma = true;
*** 608,626 ****
* object allows both write and read actions, a call to <code>getActions</code>
* will return the string "read,write".
*
* @return the canonical string representation of the actions.
*/
! public String getActions()
! {
if (actions == null)
actions = getActions(this.mask);
return actions;
}
-
/**
* Returns a new PermissionCollection object for storing FilePermission
* objects.
* <p>
* FilePermission objects must be stored in a manner that allows them
--- 598,614 ----
* object allows both write and read actions, a call to <code>getActions</code>
* will return the string "read,write".
*
* @return the canonical string representation of the actions.
*/
! public String getActions() {
if (actions == null)
actions = getActions(this.mask);
return actions;
}
/**
* Returns a new PermissionCollection object for storing FilePermission
* objects.
* <p>
* FilePermission objects must be stored in a manner that allows them
*** 648,658 ****
* returned by this <code>newPermissionCollection</code> method.
*
* @return a new PermissionCollection object suitable for storing
* FilePermissions.
*/
-
public PermissionCollection newPermissionCollection() {
return new FilePermissionCollection();
}
/**
--- 636,645 ----
*** 710,735 ****
* @serial include
*
*/
final class FilePermissionCollection extends PermissionCollection
! implements Serializable {
!
// Not serialized; see serialization section at end of class
private transient List<Permission> perms;
/**
! * Create an empty FilePermissions object.
! *
*/
-
public FilePermissionCollection() {
perms = new ArrayList<>();
}
/**
! * Adds a permission to the FilePermissions. The key for the hash is
* permission.path.
*
* @param permission the Permission object to add.
*
* @exception IllegalArgumentException - if the permission is not a
--- 697,720 ----
* @serial include
*
*/
final class FilePermissionCollection extends PermissionCollection
! implements Serializable
! {
// Not serialized; see serialization section at end of class
private transient List<Permission> perms;
/**
! * Create an empty FilePermissionCollection object.
*/
public FilePermissionCollection() {
perms = new ArrayList<>();
}
/**
! * Adds a permission to the FilePermissionCollection. The key for the hash is
* permission.path.
*
* @param permission the Permission object to add.
*
* @exception IllegalArgumentException - if the permission is not a
*** 736,748 ****
* FilePermission
*
* @exception SecurityException - if this FilePermissionCollection object
* has been marked readonly
*/
!
! public void add(Permission permission)
! {
if (! (permission instanceof FilePermission))
throw new IllegalArgumentException("invalid permission: "+
permission);
if (isReadOnly())
throw new SecurityException(
--- 721,731 ----
* FilePermission
*
* @exception SecurityException - if this FilePermissionCollection object
* has been marked readonly
*/
! public void add(Permission permission) {
if (! (permission instanceof FilePermission))
throw new IllegalArgumentException("invalid permission: "+
permission);
if (isReadOnly())
throw new SecurityException(
*** 755,772 ****
/**
* Check and see if this set of permissions implies the permissions
* expressed in "permission".
*
! * @param p the Permission object to compare
*
* @return true if "permission" is a proper subset of a permission in
* the set, false if not.
*/
!
! public boolean implies(Permission permission)
! {
if (! (permission instanceof FilePermission))
return false;
FilePermission fp = (FilePermission) permission;
--- 738,753 ----
/**
* Check and see if this set of permissions implies the permissions
* expressed in "permission".
*
! * @param permission the Permission object to compare
*
* @return true if "permission" is a proper subset of a permission in
* the set, false if not.
*/
! public boolean implies(Permission permission) {
if (! (permission instanceof FilePermission))
return false;
FilePermission fp = (FilePermission) permission;
*** 793,803 ****
* Returns an enumeration of all the FilePermission objects in the
* container.
*
* @return an enumeration of all the FilePermission objects.
*/
-
public Enumeration<Permission> elements() {
// Convert Iterator into Enumeration
synchronized (this) {
return Collections.enumeration(perms);
}
--- 774,783 ----
*** 839,850 ****
}
/*
* Reads in a Vector of FilePermissions and saves them in the perms field.
*/
! private void readObject(ObjectInputStream in) throws IOException,
! ClassNotFoundException {
// Don't call defaultReadObject()
// Read in serialized fields
ObjectInputStream.GetField gfields = in.readFields();
--- 819,831 ----
}
/*
* Reads in a Vector of FilePermissions and saves them in the perms field.
*/
! private void readObject(ObjectInputStream in)
! throws IOException, ClassNotFoundException
! {
// Don't call defaultReadObject()
// Read in serialized fields
ObjectInputStream.GetField gfields = in.readFields();