1 /* 2 * Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. 8 * 9 * This code is distributed in the hope that it will be useful, but WITHOUT 10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 12 * version 2 for more details (a copy is included in the LICENSE file that 13 * accompanied this code). 14 * 15 * You should have received a copy of the GNU General Public License version 16 * 2 along with this work; if not, write to the Free Software Foundation, 17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 18 * 19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 20 * or visit www.oracle.com if you need additional information or have any 21 * questions. 22 */ 23 24 import java.security.Security; 25 import java.util.ArrayList; 26 import java.util.Arrays; 27 import java.util.List; 28 import java.util.StringTokenizer; 29 30 /** 31 * A collection of utility methods and constants for testing the package 32 * access and package definition security checks. 33 */ 34 final class RestrictedPackages { 35 36 /* 37 * The expected list of restricted packages. 38 * 39 * This array should be updated whenever new packages are added to the 40 * package.access property in the java.security file 41 * NOTE: it should be in the same order as the java.security file 42 */ 43 static final String[] EXPECTED = { 44 "sun.", 45 "com.sun.xml.internal.", 46 "com.sun.imageio.", 47 "com.sun.istack.internal.", 48 "com.sun.jmx.", 49 "com.sun.media.sound.", 50 "com.sun.naming.internal.", 51 "com.sun.proxy.", 52 "com.sun.corba.se.", 53 "com.sun.org.apache.bcel.internal.", 54 "com.sun.org.apache.regexp.internal.", 55 "com.sun.org.apache.xerces.internal.", 56 "com.sun.org.apache.xpath.internal.", 57 "com.sun.org.apache.xalan.internal.extensions.", 58 "com.sun.org.apache.xalan.internal.lib.", 59 "com.sun.org.apache.xalan.internal.res.", 60 "com.sun.org.apache.xalan.internal.templates.", 61 "com.sun.org.apache.xalan.internal.utils.", 62 "com.sun.org.apache.xalan.internal.xslt.", 63 "com.sun.org.apache.xalan.internal.xsltc.cmdline.", 64 "com.sun.org.apache.xalan.internal.xsltc.compiler.", 65 "com.sun.org.apache.xalan.internal.xsltc.trax.", 66 "com.sun.org.apache.xalan.internal.xsltc.util.", 67 "com.sun.org.apache.xml.internal.res.", 68 "com.sun.org.apache.xml.internal.security.", 69 "com.sun.org.apache.xml.internal.serializer.dom3.", 70 "com.sun.org.apache.xml.internal.serializer.utils.", 71 "com.sun.org.apache.xml.internal.utils.", 72 "com.sun.org.glassfish.", 73 "com.sun.tools.script.", 74 "com.oracle.xmlns.internal.", 75 "com.oracle.webservices.internal.", 76 "org.jcp.xml.dsig.internal.", 77 "jdk.internal.", 78 "jdk.nashorn.internal.", 79 "jdk.nashorn.tools.", 80 "jdk.tools.jimage.", 81 "com.sun.activation.registries.", 82 "com.sun.java.accessibility.util.internal." 83 }; 84 85 /* 86 * A non-exhaustive list of restricted packages. 87 * 88 * Contrary to what is in the EXPECTED list, this list does not need 89 * to be exhaustive. 90 */ 91 static final String[] EXPECTED_NONEXHAUSTIVE = { 92 "sun.", 93 "com.sun.xml.internal.", 94 "com.sun.imageio.", 95 "com.sun.istack.internal.", 96 "com.sun.jmx.", 97 "com.sun.proxy.", 98 "com.sun.org.apache.bcel.internal.", 99 "com.sun.org.apache.regexp.internal.", 100 "com.sun.org.apache.xerces.internal.", 101 "com.sun.org.apache.xpath.internal.", 102 "com.sun.org.apache.xalan.internal.extensions.", 103 "com.sun.org.apache.xalan.internal.lib.", 104 "com.sun.org.apache.xalan.internal.res.", 105 "com.sun.org.apache.xalan.internal.templates.", 106 "com.sun.org.apache.xalan.internal.utils.", 107 "com.sun.org.apache.xalan.internal.xslt.", 108 "com.sun.org.apache.xalan.internal.xsltc.cmdline.", 109 "com.sun.org.apache.xalan.internal.xsltc.compiler.", 110 "com.sun.org.apache.xalan.internal.xsltc.trax.", 111 "com.sun.org.apache.xalan.internal.xsltc.util.", 112 "com.sun.org.apache.xml.internal.res.", 113 "com.sun.org.apache.xml.internal.serializer.utils.", 114 "com.sun.org.apache.xml.internal.utils.", 115 "com.sun.org.apache.xml.internal.security.", 116 "com.sun.org.glassfish.", 117 "org.jcp.xml.dsig.internal." 118 }; 119 120 private static final String OS_NAME = System.getProperty("os.name"); 121 122 /** 123 * Returns a list of expected restricted packages, including any 124 * OS specific packages. The returned list is mutable. 125 */ 126 static List<String> expected() { 127 List<String> pkgs = new ArrayList<>(Arrays.asList(EXPECTED)); 128 if (OS_NAME.contains("OS X")) { 129 pkgs.add("apple."); // add apple package for OS X 130 } 131 if (OS_NAME.contains("Win")) { 132 pkgs.add("com.sun.java.accessibility.internal."); // add Win only package 133 } 134 return pkgs; 135 } 136 137 /** 138 * Returns a list of actual restricted packages. The returned list 139 * is mutable. 140 */ 141 static List<String> actual() { 142 String prop = Security.getProperty("package.access"); 143 List<String> packages = new ArrayList<>(); 144 if (prop != null && !prop.equals("")) { 145 StringTokenizer tok = new StringTokenizer(prop, ","); 146 while (tok.hasMoreElements()) { 147 String s = tok.nextToken().trim(); 148 packages.add(s); 149 } 150 } 151 return packages; 152 } 153 154 private RestrictedPackages() { } 155 }