1 /*
2 * Copyright (c) 1997, 2006, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
40 * Currently the SecurityPermission object is used to guard access
41 * to the Policy, Security, Provider, Signer, and Identity
42 * objects.
43 * <P>
44 * The following table lists all the possible SecurityPermission target names,
45 * and for each provides a description of what the permission allows
46 * and a discussion of the risks of granting code the permission.
47 * <P>
48 *
49 * <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
50 * <tr>
51 * <th>Permission Target Name</th>
52 * <th>What the Permission Allows</th>
53 * <th>Risks of Allowing this Permission</th>
54 * </tr>
55 *
56 * <tr>
57 * <td>createAccessControlContext</td>
58 * <td>Creation of an AccessControlContext</td>
59 * <td>This allows someone to instantiate an AccessControlContext
60 * with a <code>DomainCombiner</code>. Extreme care must be taken when
61 * granting this permission. Malicious code could create a DomainCombiner
62 * that augments the set of permissions granted to code, and even grant the
63 * code {@link java.security.AllPermission}.</td>
64 * </tr>
65 *
66 * <tr>
67 * <td>getDomainCombiner</td>
68 * <td>Retrieval of an AccessControlContext's DomainCombiner</td>
69 * <td>This allows someone to retrieve an AccessControlContext's
70 * <code>DomainCombiner</code>. Since DomainCombiners may contain
71 * sensitive information, this could potentially lead to a privacy leak.</td>
72 * </tr>
73 *
74 * <tr>
75 * <td>getPolicy</td>
76 * <td>Retrieval of the system-wide security policy (specifically, of the
77 * currently-installed Policy object)</td>
78 * <td>This allows someone to query the policy via the
79 * <code>getPermissions</code> call,
80 * which discloses which permissions would be granted to a given CodeSource.
81 * While revealing the policy does not compromise the security of
82 * the system, it does provide malicious code with additional information
83 * which it may use to better aim an attack. It is wise
84 * not to divulge more information than necessary.</td>
85 * </tr>
86 *
87 * <tr>
88 * <td>setPolicy</td>
89 * <td>Setting of the system-wide security policy (specifically,
90 * the Policy object)</td>
91 * <td>Granting this permission is extremely dangerous, as malicious
92 * code may grant itself all the necessary permissions it needs
93 * to successfully mount an attack on the system.</td>
94 * </tr>
95 *
96 * <tr>
97 * <td>createPolicy.{policy type}</td>
98 * <td>Getting an instance of a Policy implementation from a provider</td>
99 * <td>Granting this permission enables code to obtain a Policy object.
286 * @see java.security.PermissionCollection
287 * @see java.lang.SecurityManager
288 *
289 *
290 * @author Marianne Mueller
291 * @author Roland Schemers
292 */
293
294 public final class SecurityPermission extends BasicPermission {
295
296 private static final long serialVersionUID = 5236109936224050470L;
297
298 /**
299 * Creates a new SecurityPermission with the specified name.
300 * The name is the symbolic name of the SecurityPermission. An asterisk
301 * may appear at the end of the name, following a ".", or by itself, to
302 * signify a wildcard match.
303 *
304 * @param name the name of the SecurityPermission
305 *
306 * @throws NullPointerException if <code>name</code> is <code>null</code>.
307 * @throws IllegalArgumentException if <code>name</code> is empty.
308 */
309
310 public SecurityPermission(String name)
311 {
312 super(name);
313 }
314
315 /**
316 * Creates a new SecurityPermission object with the specified name.
317 * The name is the symbolic name of the SecurityPermission, and the
318 * actions String is currently unused and should be null.
319 *
320 * @param name the name of the SecurityPermission
321 * @param actions should be null.
322 *
323 * @throws NullPointerException if <code>name</code> is <code>null</code>.
324 * @throws IllegalArgumentException if <code>name</code> is empty.
325 */
326
327 public SecurityPermission(String name, String actions)
328 {
329 super(name, actions);
330 }
331 }
|
1 /*
2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
40 * Currently the SecurityPermission object is used to guard access
41 * to the Policy, Security, Provider, Signer, and Identity
42 * objects.
43 * <P>
44 * The following table lists all the possible SecurityPermission target names,
45 * and for each provides a description of what the permission allows
46 * and a discussion of the risks of granting code the permission.
47 * <P>
48 *
49 * <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
50 * <tr>
51 * <th>Permission Target Name</th>
52 * <th>What the Permission Allows</th>
53 * <th>Risks of Allowing this Permission</th>
54 * </tr>
55 *
56 * <tr>
57 * <td>createAccessControlContext</td>
58 * <td>Creation of an AccessControlContext</td>
59 * <td>This allows someone to instantiate an AccessControlContext
60 * with a {@code DomainCombiner}. Extreme care must be taken when
61 * granting this permission. Malicious code could create a DomainCombiner
62 * that augments the set of permissions granted to code, and even grant the
63 * code {@link java.security.AllPermission}.</td>
64 * </tr>
65 *
66 * <tr>
67 * <td>getDomainCombiner</td>
68 * <td>Retrieval of an AccessControlContext's DomainCombiner</td>
69 * <td>This allows someone to retrieve an AccessControlContext's
70 * {@code DomainCombiner}. Since DomainCombiners may contain
71 * sensitive information, this could potentially lead to a privacy leak.</td>
72 * </tr>
73 *
74 * <tr>
75 * <td>getPolicy</td>
76 * <td>Retrieval of the system-wide security policy (specifically, of the
77 * currently-installed Policy object)</td>
78 * <td>This allows someone to query the policy via the
79 * {@code getPermissions} call,
80 * which discloses which permissions would be granted to a given CodeSource.
81 * While revealing the policy does not compromise the security of
82 * the system, it does provide malicious code with additional information
83 * which it may use to better aim an attack. It is wise
84 * not to divulge more information than necessary.</td>
85 * </tr>
86 *
87 * <tr>
88 * <td>setPolicy</td>
89 * <td>Setting of the system-wide security policy (specifically,
90 * the Policy object)</td>
91 * <td>Granting this permission is extremely dangerous, as malicious
92 * code may grant itself all the necessary permissions it needs
93 * to successfully mount an attack on the system.</td>
94 * </tr>
95 *
96 * <tr>
97 * <td>createPolicy.{policy type}</td>
98 * <td>Getting an instance of a Policy implementation from a provider</td>
99 * <td>Granting this permission enables code to obtain a Policy object.
286 * @see java.security.PermissionCollection
287 * @see java.lang.SecurityManager
288 *
289 *
290 * @author Marianne Mueller
291 * @author Roland Schemers
292 */
293
294 public final class SecurityPermission extends BasicPermission {
295
296 private static final long serialVersionUID = 5236109936224050470L;
297
298 /**
299 * Creates a new SecurityPermission with the specified name.
300 * The name is the symbolic name of the SecurityPermission. An asterisk
301 * may appear at the end of the name, following a ".", or by itself, to
302 * signify a wildcard match.
303 *
304 * @param name the name of the SecurityPermission
305 *
306 * @throws NullPointerException if {@code name} is {@code null}.
307 * @throws IllegalArgumentException if {@code name} is empty.
308 */
309
310 public SecurityPermission(String name)
311 {
312 super(name);
313 }
314
315 /**
316 * Creates a new SecurityPermission object with the specified name.
317 * The name is the symbolic name of the SecurityPermission, and the
318 * actions String is currently unused and should be null.
319 *
320 * @param name the name of the SecurityPermission
321 * @param actions should be null.
322 *
323 * @throws NullPointerException if {@code name} is {@code null}.
324 * @throws IllegalArgumentException if {@code name} is empty.
325 */
326
327 public SecurityPermission(String name, String actions)
328 {
329 super(name, actions);
330 }
331 }
|