< prev index next >

src/java.desktop/share/classes/java/awt/AWTPermission.java

Print this page 





   1 /*
   2  * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  27 
  28 import java.security.BasicPermission;
  29 
  30 /**
  31  * This class is for AWT permissions.
  32  * An {@code AWTPermission} contains a target name but
  33  * no actions list; you either have the named permission
  34  * or you don't.
  35  *
  36  * <P>
  37  * The target name is the name of the AWT permission (see below). The naming
  38  * convention follows the hierarchical property naming convention.
  39  * Also, an asterisk could be used to represent all AWT permissions.
  40  *
  41  * <P>
  42  * The following table lists all the possible {@code AWTPermission}
  43  * target names, and for each provides a description of what the
  44  * permission allows and a discussion of the risks of granting code
  45  * the permission.
  46  *
  47  * <table border=1 cellpadding=5 summary="AWTPermission target names, descriptions, and associated risks.">



  48  * <tr>
  49  * <th>Permission Target Name</th>
  50  * <th>What the Permission Allows</th>
  51  * <th>Risks of Allowing this Permission</th>
  52  * </tr>
  53  *

  54  * <tr>
  55  *   <td>accessClipboard</td>
  56  *   <td>Posting and retrieval of information to and from the AWT clipboard</td>
  57  *   <td>This would allow malfeasant code to share
  58  * potentially sensitive or confidential information.</td>
  59  * </tr>
  60  *
  61  * <tr>
  62  *   <td>accessEventQueue</td>
  63  *   <td>Access to the AWT event queue</td>
  64  *   <td>After retrieving the AWT event queue,
  65  * malicious code may peek at and even remove existing events
  66  * from its event queue, as well as post bogus events which may purposefully
  67  * cause the application or applet to misbehave in an insecure manner.</td>
  68  * </tr>
  69  *
  70  * <tr>
  71  *   <td>accessSystemTray</td>
  72  *   <td>Access to the AWT SystemTray instance</td>
  73  *   <td>This would allow malicious code to add tray icons to the system tray.


 165  *   <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
 166  *       and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
 167  *       TOOLKIT_EXCLUDE} window property.</td>
 168  *   <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
 169  * applets in the browser. When launching applications from Java Web Start,
 170  * its windows (such as the security dialog) may also be blocked by toolkit-modal
 171  * dialogs, shown from these applications.</td>
 172  * </tr>
 173  *
 174  * <tr>
 175  *   <td>watchMousePointer</td>
 176  *   <td>Getting the information about the mouse pointer position at any
 177  * time</td>
 178  *   <td>Constantly watching the mouse pointer,
 179  * an applet can make guesses about what the user is doing, i.e. moving
 180  * the mouse to the lower left corner of the screen most likely means that
 181  * the user is about to launch an application. If a virtual keypad is used
 182  * so that keyboard is emulated using the mouse, an applet may guess what
 183  * is being typed.</td>
 184  * </tr>

 185  * </table>
 186  *
 187  * @see java.security.BasicPermission
 188  * @see java.security.Permission
 189  * @see java.security.Permissions
 190  * @see java.security.PermissionCollection
 191  * @see java.lang.SecurityManager
 192  *
 193  *
 194  * @author Marianne Mueller
 195  * @author Roland Schemers
 196  */
 197 
 198 public final class AWTPermission extends BasicPermission {
 199 
 200     /** use serialVersionUID from the Java 2 platform for interoperability */
 201     private static final long serialVersionUID = 8890392402588814465L;
 202 
 203     /**
 204      * Creates a new {@code AWTPermission} with the specified name.




   1 /*
   2  * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any


  27 
  28 import java.security.BasicPermission;
  29 
  30 /**
  31  * This class is for AWT permissions.
  32  * An {@code AWTPermission} contains a target name but
  33  * no actions list; you either have the named permission
  34  * or you don't.
  35  *
  36  * <P>
  37  * The target name is the name of the AWT permission (see below). The naming
  38  * convention follows the hierarchical property naming convention.
  39  * Also, an asterisk could be used to represent all AWT permissions.
  40  *
  41  * <P>
  42  * The following table lists all the possible {@code AWTPermission}
  43  * target names, and for each provides a description of what the
  44  * permission allows and a discussion of the risks of granting code
  45  * the permission.
  46  *
  47  * <table class="striped">
  48  * <caption style="display:none">AWTPermission target names, descriptions, and
  49  * associated risks</caption>
  50  * <thead>
  51  * <tr>
  52  * <th>Permission Target Name</th>
  53  * <th>What the Permission Allows</th>
  54  * <th>Risks of Allowing this Permission</th>
  55  * </tr>
  56  * </thead>
  57  * <tbody>
  58  * <tr>
  59  *   <td>accessClipboard</td>
  60  *   <td>Posting and retrieval of information to and from the AWT clipboard</td>
  61  *   <td>This would allow malfeasant code to share
  62  * potentially sensitive or confidential information.</td>
  63  * </tr>
  64  *
  65  * <tr>
  66  *   <td>accessEventQueue</td>
  67  *   <td>Access to the AWT event queue</td>
  68  *   <td>After retrieving the AWT event queue,
  69  * malicious code may peek at and even remove existing events
  70  * from its event queue, as well as post bogus events which may purposefully
  71  * cause the application or applet to misbehave in an insecure manner.</td>
  72  * </tr>
  73  *
  74  * <tr>
  75  *   <td>accessSystemTray</td>
  76  *   <td>Access to the AWT SystemTray instance</td>
  77  *   <td>This would allow malicious code to add tray icons to the system tray.


 169  *   <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
 170  *       and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
 171  *       TOOLKIT_EXCLUDE} window property.</td>
 172  *   <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
 173  * applets in the browser. When launching applications from Java Web Start,
 174  * its windows (such as the security dialog) may also be blocked by toolkit-modal
 175  * dialogs, shown from these applications.</td>
 176  * </tr>
 177  *
 178  * <tr>
 179  *   <td>watchMousePointer</td>
 180  *   <td>Getting the information about the mouse pointer position at any
 181  * time</td>
 182  *   <td>Constantly watching the mouse pointer,
 183  * an applet can make guesses about what the user is doing, i.e. moving
 184  * the mouse to the lower left corner of the screen most likely means that
 185  * the user is about to launch an application. If a virtual keypad is used
 186  * so that keyboard is emulated using the mouse, an applet may guess what
 187  * is being typed.</td>
 188  * </tr>
 189  * </tbody>
 190  * </table>
 191  *
 192  * @see java.security.BasicPermission
 193  * @see java.security.Permission
 194  * @see java.security.Permissions
 195  * @see java.security.PermissionCollection
 196  * @see java.lang.SecurityManager
 197  *
 198  *
 199  * @author Marianne Mueller
 200  * @author Roland Schemers
 201  */
 202 
 203 public final class AWTPermission extends BasicPermission {
 204 
 205     /** use serialVersionUID from the Java 2 platform for interoperability */
 206     private static final long serialVersionUID = 8890392402588814465L;
 207 
 208     /**
 209      * Creates a new {@code AWTPermission} with the specified name.







< prev index next >