212 * @see java.util.PropertyPermission
213 * @see java.lang.RuntimePermission
214 * @see java.awt.AWTPermission
215 * @see java.security.Policy Policy
216 * @see java.security.SecurityPermission SecurityPermission
217 * @see java.security.ProtectionDomain
218 *
219 * @since 1.0
220 */
221 public
222 class SecurityManager {
223
224 /**
225 * This field is <code>true</code> if there is a security check in
226 * progress; <code>false</code> otherwise.
227 *
228 * @deprecated This type of security checking is not recommended.
229 * It is recommended that the <code>checkPermission</code>
230 * call be used instead.
231 */
232 @Deprecated
233 protected boolean inCheck;
234
235 /*
236 * Have we been initialized. Effective against finalizer attacks.
237 */
238 private boolean initialized = false;
239
240
241 /**
242 * returns true if the current context has been granted AllPermission
243 */
244 private boolean hasAllPermission() {
245 try {
246 checkPermission(SecurityConstants.ALL_PERMISSION);
247 return true;
248 } catch (SecurityException se) {
249 return false;
250 }
251 }
252
253 /**
254 * Tests if there is a security check in progress.
255 *
256 * @return the value of the <code>inCheck</code> field. This field
257 * should contain <code>true</code> if a security check is
258 * in progress,
259 * <code>false</code> otherwise.
260 * @see java.lang.SecurityManager#inCheck
261 * @deprecated This type of security checking is not recommended.
262 * It is recommended that the <code>checkPermission</code>
263 * call be used instead.
264 */
265 @Deprecated
266 public boolean getInCheck() {
267 return inCheck;
268 }
269
270 /**
271 * Constructs a new <code>SecurityManager</code>.
272 *
273 * <p> If there is a security manager already installed, this method first
274 * calls the security manager's <code>checkPermission</code> method
275 * with the <code>RuntimePermission("createSecurityManager")</code>
276 * permission to ensure the calling thread has permission to create a new
277 * security manager.
278 * This may result in throwing a <code>SecurityException</code>.
279 *
280 * @exception java.lang.SecurityException if a security manager already
281 * exists and its <code>checkPermission</code> method
282 * doesn't allow creation of a new security manager.
283 * @see java.lang.System#getSecurityManager()
284 * @see #checkPermission(java.security.Permission) checkPermission
285 * @see java.lang.RuntimePermission
328 * are from classes
329 * defined using the system class loader or one of its ancestors.
330 *
331 * <li> A call to <code>checkPermission</code> with
332 * <code>java.security.AllPermission</code> does not
333 * result in a SecurityException.
334 *
335 * </ol>
336 *
337 * @return the class loader of the most recent occurrence on the stack
338 * of a method from a class defined using a non-system class
339 * loader.
340 *
341 * @deprecated This type of security checking is not recommended.
342 * It is recommended that the <code>checkPermission</code>
343 * call be used instead.
344 *
345 * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
346 * @see #checkPermission(java.security.Permission) checkPermission
347 */
348 @Deprecated
349 protected ClassLoader currentClassLoader() {
350 ClassLoader cl = currentClassLoader0();
351 if ((cl != null) && hasAllPermission())
352 cl = null;
353 return cl;
354 }
355
356 private native ClassLoader currentClassLoader0();
357
358 /**
359 * Returns the class of the most recently executing method from
360 * a class defined using a non-system class loader. A non-system
361 * class loader is defined as being a class loader that is not equal to
362 * the system class loader (as returned
363 * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
364 * <p>
365 * This method will return
366 * <code>null</code> in the following three cases:
367 * <ol>
368 * <li>All methods on the execution stack are from classes
374 * are from classes
375 * defined using the system class loader or one of its ancestors.
376 *
377 * <li> A call to <code>checkPermission</code> with
378 * <code>java.security.AllPermission</code> does not
379 * result in a SecurityException.
380 *
381 * </ol>
382 *
383 * @return the class of the most recent occurrence on the stack
384 * of a method from a class defined using a non-system class
385 * loader.
386 *
387 * @deprecated This type of security checking is not recommended.
388 * It is recommended that the <code>checkPermission</code>
389 * call be used instead.
390 *
391 * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
392 * @see #checkPermission(java.security.Permission) checkPermission
393 */
394 @Deprecated
395 protected Class<?> currentLoadedClass() {
396 Class<?> c = currentLoadedClass0();
397 if ((c != null) && hasAllPermission())
398 c = null;
399 return c;
400 }
401
402 /**
403 * Returns the stack depth of the specified class.
404 *
405 * @param name the fully qualified name of the class to search for.
406 * @return the depth on the stack frame of the first occurrence of a
407 * method from a class with the specified name;
408 * <code>-1</code> if such a frame cannot be found.
409 * @deprecated This type of security checking is not recommended.
410 * It is recommended that the <code>checkPermission</code>
411 * call be used instead.
412 *
413 */
414 @Deprecated
415 protected native int classDepth(String name);
416
417 /**
418 * Returns the stack depth of the most recently executing method
419 * from a class defined using a non-system class loader. A non-system
420 * class loader is defined as being a class loader that is not equal to
421 * the system class loader (as returned
422 * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
423 * <p>
424 * This method will return
425 * -1 in the following three cases:
426 * <ol>
427 * <li>All methods on the execution stack are from classes
428 * defined using the system class loader or one of its ancestors.
429 *
430 * <li>All methods on the execution stack up to the first
431 * "privileged" caller
432 * (see {@link java.security.AccessController#doPrivileged})
433 * are from classes
434 * defined using the system class loader or one of its ancestors.
435 *
436 * <li> A call to <code>checkPermission</code> with
437 * <code>java.security.AllPermission</code> does not
438 * result in a SecurityException.
439 *
440 * </ol>
441 *
442 * @return the depth on the stack frame of the most recent occurrence of
443 * a method from a class defined using a non-system class loader.
444 *
445 * @deprecated This type of security checking is not recommended.
446 * It is recommended that the <code>checkPermission</code>
447 * call be used instead.
448 *
449 * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
450 * @see #checkPermission(java.security.Permission) checkPermission
451 */
452 @Deprecated
453 protected int classLoaderDepth() {
454 int depth = classLoaderDepth0();
455 if (depth != -1) {
456 if (hasAllPermission())
457 depth = -1;
458 else
459 depth--; // make sure we don't include ourself
460 }
461 return depth;
462 }
463
464 private native int classLoaderDepth0();
465
466 /**
467 * Tests if a method from a class with the specified
468 * name is on the execution stack.
469 *
470 * @param name the fully qualified name of the class.
471 * @return <code>true</code> if a method from a class with the specified
472 * name is on the execution stack; <code>false</code> otherwise.
473 * @deprecated This type of security checking is not recommended.
474 * It is recommended that the <code>checkPermission</code>
475 * call be used instead.
476 */
477 @Deprecated
478 protected boolean inClass(String name) {
479 return classDepth(name) >= 0;
480 }
481
482 /**
483 * Basically, tests if a method from a class defined using a
484 * class loader is on the execution stack.
485 *
486 * @return <code>true</code> if a call to <code>currentClassLoader</code>
487 * has a non-null return value.
488 *
489 * @deprecated This type of security checking is not recommended.
490 * It is recommended that the <code>checkPermission</code>
491 * call be used instead.
492 * @see #currentClassLoader() currentClassLoader
493 */
494 @Deprecated
495 protected boolean inClassLoader() {
496 return currentClassLoader() != null;
497 }
498
499 /**
500 * Creates an object that encapsulates the current execution
501 * environment. The result of this method is used, for example, by the
502 * three-argument <code>checkConnect</code> method and by the
503 * two-argument <code>checkRead</code> method.
504 * These methods are needed because a trusted method may be called
505 * on to read a file or open a socket on behalf of another method.
506 * The trusted method needs to determine if the other (possibly
507 * untrusted) method would be allowed to perform the operation on its
508 * own.
509 * <p> The default implementation of this method is to return
510 * an <code>AccessControlContext</code> object.
511 *
512 * @return an implementation-dependent object that encapsulates
513 * sufficient information about the current execution environment
514 * to perform some security checks later.
1200 * <code>java.net.SocketPermission(maddr.getHostAddress(),
1201 * "accept,connect")</code> permission.
1202 * <p>
1203 * If you override this method, then you should make a call to
1204 * <code>super.checkMulticast</code>
1205 * at the point the overridden method would normally throw an
1206 * exception.
1207 *
1208 * @param maddr Internet group address to be used.
1209 * @param ttl value in use, if it is multicast send.
1210 * Note: this particular implementation does not use the ttl
1211 * parameter.
1212 * @exception SecurityException if the calling thread is not allowed to
1213 * use (join/leave/send/receive) IP multicast.
1214 * @exception NullPointerException if the address argument is
1215 * <code>null</code>.
1216 * @since 1.1
1217 * @deprecated Use #checkPermission(java.security.Permission) instead
1218 * @see #checkPermission(java.security.Permission) checkPermission
1219 */
1220 @Deprecated
1221 public void checkMulticast(InetAddress maddr, byte ttl) {
1222 String host = maddr.getHostAddress();
1223 if (!host.startsWith("[") && host.indexOf(':') != -1) {
1224 host = "[" + host + "]";
1225 }
1226 checkPermission(new SocketPermission(host,
1227 SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION));
1228 }
1229
1230 /**
1231 * Throws a <code>SecurityException</code> if the
1232 * calling thread is not allowed to access or modify the system
1233 * properties.
1234 * <p>
1235 * This method is used by the <code>getProperties</code> and
1236 * <code>setProperties</code> methods of class <code>System</code>.
1237 * <p>
1238 * This method calls <code>checkPermission</code> with the
1239 * <code>PropertyPermission("*", "read,write")</code> permission.
1240 * <p>
1280 *
1281 * @see java.lang.System#getProperty(java.lang.String)
1282 * @see #checkPermission(java.security.Permission) checkPermission
1283 */
1284 public void checkPropertyAccess(String key) {
1285 checkPermission(new PropertyPermission(key,
1286 SecurityConstants.PROPERTY_READ_ACTION));
1287 }
1288
1289 /**
1290 * Returns {@code true} if the calling thread has {@code AllPermission}.
1291 *
1292 * @param window not used except to check if it is {@code null}.
1293 * @return {@code true} if the calling thread has {@code AllPermission}.
1294 * @exception NullPointerException if the {@code window} argument is
1295 * {@code null}.
1296 * @deprecated This method was originally used to check if the calling thread
1297 * was trusted to bring up a top-level window. The method has been
1298 * obsoleted and code should instead use {@link #checkPermission}
1299 * to check {@code AWTPermission("showWindowWithoutWarningBanner")}.
1300 * @see #checkPermission(java.security.Permission) checkPermission
1301 */
1302 @Deprecated
1303 public boolean checkTopLevelWindow(Object window) {
1304 if (window == null) {
1305 throw new NullPointerException("window can't be null");
1306 }
1307 return hasAllPermission();
1308 }
1309
1310 /**
1311 * Throws a <code>SecurityException</code> if the
1312 * calling thread is not allowed to initiate a print job request.
1313 * <p>
1314 * This method calls
1315 * <code>checkPermission</code> with the
1316 * <code>RuntimePermission("queuePrintJob")</code> permission.
1317 * <p>
1318 * If you override this method, then you should make a call to
1319 * <code>super.checkPrintJobAccess</code>
1320 * at the point the overridden method would normally throw an
1321 * exception.
1322 *
1323 * @exception SecurityException if the calling thread does not have
1324 * permission to initiate a print job request.
1325 * @since 1.1
1326 * @see #checkPermission(java.security.Permission) checkPermission
1327 */
1328 public void checkPrintJobAccess() {
1329 checkPermission(new RuntimePermission("queuePrintJob"));
1330 }
1331
1332 /**
1333 * Throws {@code SecurityException} if the calling thread does
1334 * not have {@code AllPermission}.
1335 *
1336 * @since 1.1
1337 * @exception SecurityException if the calling thread does not have
1338 * {@code AllPermission}
1339 * @deprecated This method was originally used to check if the calling
1340 * thread could access the system clipboard. The method has been
1341 * obsoleted and code should instead use {@link #checkPermission}
1342 * to check {@code AWTPermission("accessClipboard")}.
1343 * @see #checkPermission(java.security.Permission) checkPermission
1344 */
1345 @Deprecated
1346 public void checkSystemClipboardAccess() {
1347 checkPermission(SecurityConstants.ALL_PERMISSION);
1348 }
1349
1350 /**
1351 * Throws {@code SecurityException} if the calling thread does
1352 * not have {@code AllPermission}.
1353 *
1354 * @since 1.1
1355 * @exception SecurityException if the calling thread does not have
1356 * {@code AllPermission}
1357 * @deprecated This method was originally used to check if the calling
1358 * thread could access the AWT event queue. The method has been
1359 * obsoleted and code should instead use {@link #checkPermission}
1360 * to check {@code AWTPermission("accessEventQueue")}.
1361 * @see #checkPermission(java.security.Permission) checkPermission
1362 */
1363 @Deprecated
1364 public void checkAwtEventQueueAccess() {
1365 checkPermission(SecurityConstants.ALL_PERMISSION);
1366 }
1367
1368 /*
1369 * We have an initial invalid bit (initially false) for the class
1370 * variables which tell if the cache is valid. If the underlying
1371 * java.security.Security property changes via setProperty(), the
1372 * Security class uses reflection to change the variable and thus
1373 * invalidate the cache.
1374 *
1375 * Locking is handled by synchronization to the
1376 * packageAccessLock/packageDefinitionLock objects. They are only
1377 * used in this class.
1378 *
1379 * Note that cache invalidation as a result of the property change
1380 * happens without using these locks, so there may be a delay between
1381 * when a thread updates the property and when other threads updates
1382 * the cache.
1383 */
1609 * If this method is overridden, then a call to
1610 * <code>super.checkMemberAccess</code> cannot be made,
1611 * as the default implementation of <code>checkMemberAccess</code>
1612 * relies on the code being checked being at a stack depth of
1613 * 4.
1614 *
1615 * @param clazz the class that reflection is to be performed on.
1616 *
1617 * @param which type of access, PUBLIC or DECLARED.
1618 *
1619 * @exception SecurityException if the caller does not have
1620 * permission to access members.
1621 * @exception NullPointerException if the <code>clazz</code> argument is
1622 * <code>null</code>.
1623 *
1624 * @deprecated This method relies on the caller being at a stack depth
1625 * of 4 which is error-prone and cannot be enforced by the runtime.
1626 * Users of this method should instead invoke {@link #checkPermission}
1627 * directly. This method will be changed in a future release
1628 * to check the permission {@code java.security.AllPermission}.
1629 *
1630 * @see java.lang.reflect.Member
1631 * @since 1.1
1632 * @see #checkPermission(java.security.Permission) checkPermission
1633 */
1634 @Deprecated
1635 @CallerSensitive
1636 public void checkMemberAccess(Class<?> clazz, int which) {
1637 if (clazz == null) {
1638 throw new NullPointerException("class can't be null");
1639 }
1640 if (which != Member.PUBLIC) {
1641 Class<?> stack[] = getClassContext();
1642 /*
1643 * stack depth of 4 should be the caller of one of the
1644 * methods in java.lang.Class that invoke checkMember
1645 * access. The stack should look like:
1646 *
1647 * someCaller [3]
1648 * java.lang.Class.someReflectionAPI [2]
1649 * java.lang.Class.checkMemberAccess [1]
1650 * SecurityManager.checkMemberAccess [0]
1651 *
1652 */
1653 if ((stack.length<4) ||
1654 (stack[3].getClassLoader() != clazz.getClassLoader())) {
|
212 * @see java.util.PropertyPermission
213 * @see java.lang.RuntimePermission
214 * @see java.awt.AWTPermission
215 * @see java.security.Policy Policy
216 * @see java.security.SecurityPermission SecurityPermission
217 * @see java.security.ProtectionDomain
218 *
219 * @since 1.0
220 */
221 public
222 class SecurityManager {
223
224 /**
225 * This field is <code>true</code> if there is a security check in
226 * progress; <code>false</code> otherwise.
227 *
228 * @deprecated This type of security checking is not recommended.
229 * It is recommended that the <code>checkPermission</code>
230 * call be used instead.
231 */
232 @Deprecated(since="1.2")
233 protected boolean inCheck;
234
235 /*
236 * Have we been initialized. Effective against finalizer attacks.
237 */
238 private boolean initialized = false;
239
240
241 /**
242 * returns true if the current context has been granted AllPermission
243 */
244 private boolean hasAllPermission() {
245 try {
246 checkPermission(SecurityConstants.ALL_PERMISSION);
247 return true;
248 } catch (SecurityException se) {
249 return false;
250 }
251 }
252
253 /**
254 * Tests if there is a security check in progress.
255 *
256 * @return the value of the <code>inCheck</code> field. This field
257 * should contain <code>true</code> if a security check is
258 * in progress,
259 * <code>false</code> otherwise.
260 * @see java.lang.SecurityManager#inCheck
261 * @deprecated This type of security checking is not recommended.
262 * It is recommended that the <code>checkPermission</code>
263 * call be used instead.
264 */
265 @Deprecated(since="1.2")
266 public boolean getInCheck() {
267 return inCheck;
268 }
269
270 /**
271 * Constructs a new <code>SecurityManager</code>.
272 *
273 * <p> If there is a security manager already installed, this method first
274 * calls the security manager's <code>checkPermission</code> method
275 * with the <code>RuntimePermission("createSecurityManager")</code>
276 * permission to ensure the calling thread has permission to create a new
277 * security manager.
278 * This may result in throwing a <code>SecurityException</code>.
279 *
280 * @exception java.lang.SecurityException if a security manager already
281 * exists and its <code>checkPermission</code> method
282 * doesn't allow creation of a new security manager.
283 * @see java.lang.System#getSecurityManager()
284 * @see #checkPermission(java.security.Permission) checkPermission
285 * @see java.lang.RuntimePermission
328 * are from classes
329 * defined using the system class loader or one of its ancestors.
330 *
331 * <li> A call to <code>checkPermission</code> with
332 * <code>java.security.AllPermission</code> does not
333 * result in a SecurityException.
334 *
335 * </ol>
336 *
337 * @return the class loader of the most recent occurrence on the stack
338 * of a method from a class defined using a non-system class
339 * loader.
340 *
341 * @deprecated This type of security checking is not recommended.
342 * It is recommended that the <code>checkPermission</code>
343 * call be used instead.
344 *
345 * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
346 * @see #checkPermission(java.security.Permission) checkPermission
347 */
348 @Deprecated(since="1.2")
349 protected ClassLoader currentClassLoader() {
350 ClassLoader cl = currentClassLoader0();
351 if ((cl != null) && hasAllPermission())
352 cl = null;
353 return cl;
354 }
355
356 private native ClassLoader currentClassLoader0();
357
358 /**
359 * Returns the class of the most recently executing method from
360 * a class defined using a non-system class loader. A non-system
361 * class loader is defined as being a class loader that is not equal to
362 * the system class loader (as returned
363 * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
364 * <p>
365 * This method will return
366 * <code>null</code> in the following three cases:
367 * <ol>
368 * <li>All methods on the execution stack are from classes
374 * are from classes
375 * defined using the system class loader or one of its ancestors.
376 *
377 * <li> A call to <code>checkPermission</code> with
378 * <code>java.security.AllPermission</code> does not
379 * result in a SecurityException.
380 *
381 * </ol>
382 *
383 * @return the class of the most recent occurrence on the stack
384 * of a method from a class defined using a non-system class
385 * loader.
386 *
387 * @deprecated This type of security checking is not recommended.
388 * It is recommended that the <code>checkPermission</code>
389 * call be used instead.
390 *
391 * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
392 * @see #checkPermission(java.security.Permission) checkPermission
393 */
394 @Deprecated(since="1.2")
395 protected Class<?> currentLoadedClass() {
396 Class<?> c = currentLoadedClass0();
397 if ((c != null) && hasAllPermission())
398 c = null;
399 return c;
400 }
401
402 /**
403 * Returns the stack depth of the specified class.
404 *
405 * @param name the fully qualified name of the class to search for.
406 * @return the depth on the stack frame of the first occurrence of a
407 * method from a class with the specified name;
408 * <code>-1</code> if such a frame cannot be found.
409 * @deprecated This type of security checking is not recommended.
410 * It is recommended that the <code>checkPermission</code>
411 * call be used instead.
412 *
413 */
414 @Deprecated(since="1.2")
415 protected native int classDepth(String name);
416
417 /**
418 * Returns the stack depth of the most recently executing method
419 * from a class defined using a non-system class loader. A non-system
420 * class loader is defined as being a class loader that is not equal to
421 * the system class loader (as returned
422 * by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
423 * <p>
424 * This method will return
425 * -1 in the following three cases:
426 * <ol>
427 * <li>All methods on the execution stack are from classes
428 * defined using the system class loader or one of its ancestors.
429 *
430 * <li>All methods on the execution stack up to the first
431 * "privileged" caller
432 * (see {@link java.security.AccessController#doPrivileged})
433 * are from classes
434 * defined using the system class loader or one of its ancestors.
435 *
436 * <li> A call to <code>checkPermission</code> with
437 * <code>java.security.AllPermission</code> does not
438 * result in a SecurityException.
439 *
440 * </ol>
441 *
442 * @return the depth on the stack frame of the most recent occurrence of
443 * a method from a class defined using a non-system class loader.
444 *
445 * @deprecated This type of security checking is not recommended.
446 * It is recommended that the <code>checkPermission</code>
447 * call be used instead.
448 *
449 * @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
450 * @see #checkPermission(java.security.Permission) checkPermission
451 */
452 @Deprecated(since="1.2")
453 protected int classLoaderDepth() {
454 int depth = classLoaderDepth0();
455 if (depth != -1) {
456 if (hasAllPermission())
457 depth = -1;
458 else
459 depth--; // make sure we don't include ourself
460 }
461 return depth;
462 }
463
464 private native int classLoaderDepth0();
465
466 /**
467 * Tests if a method from a class with the specified
468 * name is on the execution stack.
469 *
470 * @param name the fully qualified name of the class.
471 * @return <code>true</code> if a method from a class with the specified
472 * name is on the execution stack; <code>false</code> otherwise.
473 * @deprecated This type of security checking is not recommended.
474 * It is recommended that the <code>checkPermission</code>
475 * call be used instead.
476 */
477 @Deprecated(since="1.2")
478 protected boolean inClass(String name) {
479 return classDepth(name) >= 0;
480 }
481
482 /**
483 * Basically, tests if a method from a class defined using a
484 * class loader is on the execution stack.
485 *
486 * @return <code>true</code> if a call to <code>currentClassLoader</code>
487 * has a non-null return value.
488 *
489 * @deprecated This type of security checking is not recommended.
490 * It is recommended that the <code>checkPermission</code>
491 * call be used instead.
492 * @see #currentClassLoader() currentClassLoader
493 */
494 @Deprecated(since="1.2")
495 protected boolean inClassLoader() {
496 return currentClassLoader() != null;
497 }
498
499 /**
500 * Creates an object that encapsulates the current execution
501 * environment. The result of this method is used, for example, by the
502 * three-argument <code>checkConnect</code> method and by the
503 * two-argument <code>checkRead</code> method.
504 * These methods are needed because a trusted method may be called
505 * on to read a file or open a socket on behalf of another method.
506 * The trusted method needs to determine if the other (possibly
507 * untrusted) method would be allowed to perform the operation on its
508 * own.
509 * <p> The default implementation of this method is to return
510 * an <code>AccessControlContext</code> object.
511 *
512 * @return an implementation-dependent object that encapsulates
513 * sufficient information about the current execution environment
514 * to perform some security checks later.
1200 * <code>java.net.SocketPermission(maddr.getHostAddress(),
1201 * "accept,connect")</code> permission.
1202 * <p>
1203 * If you override this method, then you should make a call to
1204 * <code>super.checkMulticast</code>
1205 * at the point the overridden method would normally throw an
1206 * exception.
1207 *
1208 * @param maddr Internet group address to be used.
1209 * @param ttl value in use, if it is multicast send.
1210 * Note: this particular implementation does not use the ttl
1211 * parameter.
1212 * @exception SecurityException if the calling thread is not allowed to
1213 * use (join/leave/send/receive) IP multicast.
1214 * @exception NullPointerException if the address argument is
1215 * <code>null</code>.
1216 * @since 1.1
1217 * @deprecated Use #checkPermission(java.security.Permission) instead
1218 * @see #checkPermission(java.security.Permission) checkPermission
1219 */
1220 @Deprecated(since="1.4")
1221 public void checkMulticast(InetAddress maddr, byte ttl) {
1222 String host = maddr.getHostAddress();
1223 if (!host.startsWith("[") && host.indexOf(':') != -1) {
1224 host = "[" + host + "]";
1225 }
1226 checkPermission(new SocketPermission(host,
1227 SecurityConstants.SOCKET_CONNECT_ACCEPT_ACTION));
1228 }
1229
1230 /**
1231 * Throws a <code>SecurityException</code> if the
1232 * calling thread is not allowed to access or modify the system
1233 * properties.
1234 * <p>
1235 * This method is used by the <code>getProperties</code> and
1236 * <code>setProperties</code> methods of class <code>System</code>.
1237 * <p>
1238 * This method calls <code>checkPermission</code> with the
1239 * <code>PropertyPermission("*", "read,write")</code> permission.
1240 * <p>
1280 *
1281 * @see java.lang.System#getProperty(java.lang.String)
1282 * @see #checkPermission(java.security.Permission) checkPermission
1283 */
1284 public void checkPropertyAccess(String key) {
1285 checkPermission(new PropertyPermission(key,
1286 SecurityConstants.PROPERTY_READ_ACTION));
1287 }
1288
1289 /**
1290 * Returns {@code true} if the calling thread has {@code AllPermission}.
1291 *
1292 * @param window not used except to check if it is {@code null}.
1293 * @return {@code true} if the calling thread has {@code AllPermission}.
1294 * @exception NullPointerException if the {@code window} argument is
1295 * {@code null}.
1296 * @deprecated This method was originally used to check if the calling thread
1297 * was trusted to bring up a top-level window. The method has been
1298 * obsoleted and code should instead use {@link #checkPermission}
1299 * to check {@code AWTPermission("showWindowWithoutWarningBanner")}.
1300 * This method is subject to removal in a future version of Java SE.
1301 * @see #checkPermission(java.security.Permission) checkPermission
1302 */
1303 @Deprecated(since="1.8", forRemoval=true)
1304 public boolean checkTopLevelWindow(Object window) {
1305 if (window == null) {
1306 throw new NullPointerException("window can't be null");
1307 }
1308 return hasAllPermission();
1309 }
1310
1311 /**
1312 * Throws a <code>SecurityException</code> if the
1313 * calling thread is not allowed to initiate a print job request.
1314 * <p>
1315 * This method calls
1316 * <code>checkPermission</code> with the
1317 * <code>RuntimePermission("queuePrintJob")</code> permission.
1318 * <p>
1319 * If you override this method, then you should make a call to
1320 * <code>super.checkPrintJobAccess</code>
1321 * at the point the overridden method would normally throw an
1322 * exception.
1323 *
1324 * @exception SecurityException if the calling thread does not have
1325 * permission to initiate a print job request.
1326 * @since 1.1
1327 * @see #checkPermission(java.security.Permission) checkPermission
1328 */
1329 public void checkPrintJobAccess() {
1330 checkPermission(new RuntimePermission("queuePrintJob"));
1331 }
1332
1333 /**
1334 * Throws {@code SecurityException} if the calling thread does
1335 * not have {@code AllPermission}.
1336 *
1337 * @since 1.1
1338 * @exception SecurityException if the calling thread does not have
1339 * {@code AllPermission}
1340 * @deprecated This method was originally used to check if the calling
1341 * thread could access the system clipboard. The method has been
1342 * obsoleted and code should instead use {@link #checkPermission}
1343 * to check {@code AWTPermission("accessClipboard")}.
1344 * This method is subject to removal in a future version of Java SE.
1345 * @see #checkPermission(java.security.Permission) checkPermission
1346 */
1347 @Deprecated(since="1.8", forRemoval=true)
1348 public void checkSystemClipboardAccess() {
1349 checkPermission(SecurityConstants.ALL_PERMISSION);
1350 }
1351
1352 /**
1353 * Throws {@code SecurityException} if the calling thread does
1354 * not have {@code AllPermission}.
1355 *
1356 * @since 1.1
1357 * @exception SecurityException if the calling thread does not have
1358 * {@code AllPermission}
1359 * @deprecated This method was originally used to check if the calling
1360 * thread could access the AWT event queue. The method has been
1361 * obsoleted and code should instead use {@link #checkPermission}
1362 * to check {@code AWTPermission("accessEventQueue")}.
1363 * This method is subject to removal in a future version of Java SE.
1364 * @see #checkPermission(java.security.Permission) checkPermission
1365 */
1366 @Deprecated(since="1.8", forRemoval=true)
1367 public void checkAwtEventQueueAccess() {
1368 checkPermission(SecurityConstants.ALL_PERMISSION);
1369 }
1370
1371 /*
1372 * We have an initial invalid bit (initially false) for the class
1373 * variables which tell if the cache is valid. If the underlying
1374 * java.security.Security property changes via setProperty(), the
1375 * Security class uses reflection to change the variable and thus
1376 * invalidate the cache.
1377 *
1378 * Locking is handled by synchronization to the
1379 * packageAccessLock/packageDefinitionLock objects. They are only
1380 * used in this class.
1381 *
1382 * Note that cache invalidation as a result of the property change
1383 * happens without using these locks, so there may be a delay between
1384 * when a thread updates the property and when other threads updates
1385 * the cache.
1386 */
1612 * If this method is overridden, then a call to
1613 * <code>super.checkMemberAccess</code> cannot be made,
1614 * as the default implementation of <code>checkMemberAccess</code>
1615 * relies on the code being checked being at a stack depth of
1616 * 4.
1617 *
1618 * @param clazz the class that reflection is to be performed on.
1619 *
1620 * @param which type of access, PUBLIC or DECLARED.
1621 *
1622 * @exception SecurityException if the caller does not have
1623 * permission to access members.
1624 * @exception NullPointerException if the <code>clazz</code> argument is
1625 * <code>null</code>.
1626 *
1627 * @deprecated This method relies on the caller being at a stack depth
1628 * of 4 which is error-prone and cannot be enforced by the runtime.
1629 * Users of this method should instead invoke {@link #checkPermission}
1630 * directly. This method will be changed in a future release
1631 * to check the permission {@code java.security.AllPermission}.
1632 * This method is subject to removal in a future version of Java SE.
1633 *
1634 * @see java.lang.reflect.Member
1635 * @since 1.1
1636 * @see #checkPermission(java.security.Permission) checkPermission
1637 */
1638 @Deprecated(since="1.8", forRemoval=true)
1639 @CallerSensitive
1640 public void checkMemberAccess(Class<?> clazz, int which) {
1641 if (clazz == null) {
1642 throw new NullPointerException("class can't be null");
1643 }
1644 if (which != Member.PUBLIC) {
1645 Class<?> stack[] = getClassContext();
1646 /*
1647 * stack depth of 4 should be the caller of one of the
1648 * methods in java.lang.Class that invoke checkMember
1649 * access. The stack should look like:
1650 *
1651 * someCaller [3]
1652 * java.lang.Class.someReflectionAPI [2]
1653 * java.lang.Class.checkMemberAccess [1]
1654 * SecurityManager.checkMemberAccess [0]
1655 *
1656 */
1657 if ((stack.length<4) ||
1658 (stack[3].getClassLoader() != clazz.getClassLoader())) {
|