1 /*
2 * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
27
28 import java.security.BasicPermission;
29
30 /**
31 * This class is for AWT permissions.
32 * An {@code AWTPermission} contains a target name but
33 * no actions list; you either have the named permission
34 * or you don't.
35 *
36 * <P>
37 * The target name is the name of the AWT permission (see below). The naming
38 * convention follows the hierarchical property naming convention.
39 * Also, an asterisk could be used to represent all AWT permissions.
40 *
41 * <P>
42 * The following table lists all the possible {@code AWTPermission}
43 * target names, and for each provides a description of what the
44 * permission allows and a discussion of the risks of granting code
45 * the permission.
46 *
47 * <table border=1 cellpadding=5 summary="AWTPermission target names, descriptions, and associated risks.">
48 * <tr>
49 * <th>Permission Target Name</th>
50 * <th>What the Permission Allows</th>
51 * <th>Risks of Allowing this Permission</th>
52 * </tr>
53 *
54 * <tr>
55 * <td>accessClipboard</td>
56 * <td>Posting and retrieval of information to and from the AWT clipboard</td>
57 * <td>This would allow malfeasant code to share
58 * potentially sensitive or confidential information.</td>
59 * </tr>
60 *
61 * <tr>
62 * <td>accessEventQueue</td>
63 * <td>Access to the AWT event queue</td>
64 * <td>After retrieving the AWT event queue,
65 * malicious code may peek at and even remove existing events
66 * from its event queue, as well as post bogus events which may purposefully
67 * cause the application or applet to misbehave in an insecure manner.</td>
68 * </tr>
69 *
70 * <tr>
71 * <td>accessSystemTray</td>
72 * <td>Access to the AWT SystemTray instance</td>
73 * <td>This would allow malicious code to add tray icons to the system tray.
165 * <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
166 * and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
167 * TOOLKIT_EXCLUDE} window property.</td>
168 * <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
169 * applets in the browser. When launching applications from Java Web Start,
170 * its windows (such as the security dialog) may also be blocked by toolkit-modal
171 * dialogs, shown from these applications.</td>
172 * </tr>
173 *
174 * <tr>
175 * <td>watchMousePointer</td>
176 * <td>Getting the information about the mouse pointer position at any
177 * time</td>
178 * <td>Constantly watching the mouse pointer,
179 * an applet can make guesses about what the user is doing, i.e. moving
180 * the mouse to the lower left corner of the screen most likely means that
181 * the user is about to launch an application. If a virtual keypad is used
182 * so that keyboard is emulated using the mouse, an applet may guess what
183 * is being typed.</td>
184 * </tr>
185 * </table>
186 *
187 * @see java.security.BasicPermission
188 * @see java.security.Permission
189 * @see java.security.Permissions
190 * @see java.security.PermissionCollection
191 * @see java.lang.SecurityManager
192 *
193 *
194 * @author Marianne Mueller
195 * @author Roland Schemers
196 */
197
198 public final class AWTPermission extends BasicPermission {
199
200 /** use serialVersionUID from the Java 2 platform for interoperability */
201 private static final long serialVersionUID = 8890392402588814465L;
202
203 /**
204 * Creates a new {@code AWTPermission} with the specified name.
|
1 /*
2 * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
27
28 import java.security.BasicPermission;
29
30 /**
31 * This class is for AWT permissions.
32 * An {@code AWTPermission} contains a target name but
33 * no actions list; you either have the named permission
34 * or you don't.
35 *
36 * <P>
37 * The target name is the name of the AWT permission (see below). The naming
38 * convention follows the hierarchical property naming convention.
39 * Also, an asterisk could be used to represent all AWT permissions.
40 *
41 * <P>
42 * The following table lists all the possible {@code AWTPermission}
43 * target names, and for each provides a description of what the
44 * permission allows and a discussion of the risks of granting code
45 * the permission.
46 *
47 * <table class="striped">
48 * <caption style="display:none">AWTPermission target names, descriptions, and
49 * associated risks</caption>
50 * <thead>
51 * <tr>
52 * <th>Permission Target Name</th>
53 * <th>What the Permission Allows</th>
54 * <th>Risks of Allowing this Permission</th>
55 * </tr>
56 * </thead>
57 * <tbody>
58 * <tr>
59 * <td>accessClipboard</td>
60 * <td>Posting and retrieval of information to and from the AWT clipboard</td>
61 * <td>This would allow malfeasant code to share
62 * potentially sensitive or confidential information.</td>
63 * </tr>
64 *
65 * <tr>
66 * <td>accessEventQueue</td>
67 * <td>Access to the AWT event queue</td>
68 * <td>After retrieving the AWT event queue,
69 * malicious code may peek at and even remove existing events
70 * from its event queue, as well as post bogus events which may purposefully
71 * cause the application or applet to misbehave in an insecure manner.</td>
72 * </tr>
73 *
74 * <tr>
75 * <td>accessSystemTray</td>
76 * <td>Access to the AWT SystemTray instance</td>
77 * <td>This would allow malicious code to add tray icons to the system tray.
169 * <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
170 * and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
171 * TOOLKIT_EXCLUDE} window property.</td>
172 * <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
173 * applets in the browser. When launching applications from Java Web Start,
174 * its windows (such as the security dialog) may also be blocked by toolkit-modal
175 * dialogs, shown from these applications.</td>
176 * </tr>
177 *
178 * <tr>
179 * <td>watchMousePointer</td>
180 * <td>Getting the information about the mouse pointer position at any
181 * time</td>
182 * <td>Constantly watching the mouse pointer,
183 * an applet can make guesses about what the user is doing, i.e. moving
184 * the mouse to the lower left corner of the screen most likely means that
185 * the user is about to launch an application. If a virtual keypad is used
186 * so that keyboard is emulated using the mouse, an applet may guess what
187 * is being typed.</td>
188 * </tr>
189 * </tbody>
190 * </table>
191 *
192 * @see java.security.BasicPermission
193 * @see java.security.Permission
194 * @see java.security.Permissions
195 * @see java.security.PermissionCollection
196 * @see java.lang.SecurityManager
197 *
198 *
199 * @author Marianne Mueller
200 * @author Roland Schemers
201 */
202
203 public final class AWTPermission extends BasicPermission {
204
205 /** use serialVersionUID from the Java 2 platform for interoperability */
206 private static final long serialVersionUID = 8890392402588814465L;
207
208 /**
209 * Creates a new {@code AWTPermission} with the specified name.
|