1 /*
2 * Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package java.nio.file;
27
28 import java.security.BasicPermission;
29
30 /**
31 * The {@code Permission} class for link creation operations.
32 *
33 * <p> The following table provides a summary description of what the permission
34 * allows, and discusses the risks of granting code the permission.
35 *
36 * <table class="striped">
37 * <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption>
38 * <thead>
39 * <tr>
40 * <th scope="col">Permission Target Name</th>
41 * <th scope="col">What the Permission Allows</th>
42 * <th scope="col">Risks of Allowing this Permission</th>
43 * </tr>
44 * </thead>
45 * <tbody>
46 * <tr>
47 * <th scope="row">hard</th>
48 * <td> Ability to add an existing file to a directory. This is sometimes
49 * known as creating a link, or hard link. </td>
50 * <td> Extreme care should be taken when granting this permission. It allows
51 * linking to any file or directory in the file system thus allowing the
52 * attacker access to all files. </td>
53 * </tr>
54 * <tr>
55 * <th scope="row">symbolic</th>
56 * <td> Ability to create symbolic links. </td>
57 * <td> Extreme care should be taken when granting this permission. It allows
58 * linking to any file or directory in the file system thus allowing the
59 * attacker to access to all files. </td>
60 * </tr>
61 * </tbody>
62 * </table>
63 *
64 * @since 1.7
65 *
66 * @see Files#createLink
67 * @see Files#createSymbolicLink
68 */
69 public final class LinkPermission extends BasicPermission {
70 @java.io.Serial
71 static final long serialVersionUID = -1441492453772213220L;
72
73 private void checkName(String name) {
74 if (!name.equals("hard") && !name.equals("symbolic")) {
75 throw new IllegalArgumentException("name: " + name);
76 }
77 }
78
79 /**
80 * Constructs a {@code LinkPermission} with the specified name.
81 *
82 * @param name
83 * the name of the permission. It must be "hard" or "symbolic".
84 *
85 * @throws IllegalArgumentException
86 * if name is empty or invalid
87 */
88 public LinkPermission(String name) {
89 super(name);
90 checkName(name);
91 }
92
93 /**
94 * Constructs a {@code LinkPermission} with the specified name.
95 *
96 * @param name
97 * the name of the permission; must be "hard" or "symbolic".
98 * @param actions
99 * the actions for the permission; must be the empty string or
100 * {@code null}
101 *
102 * @throws IllegalArgumentException
103 * if name is empty or invalid, or actions is a non-empty string
104 */
105 public LinkPermission(String name, String actions) {
106 super(name);
107 checkName(name);
108 if (actions != null && !actions.isEmpty()) {
109 throw new IllegalArgumentException("actions: " + actions);
110 }
111 }
112 }