1 /*
   2  * $Id$
   3  *
   4  * Copyright (c) 1996, 2012, Oracle and/or its affiliates. All rights reserved.
   5  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   6  *
   7  * This code is free software; you can redistribute it and/or modify it
   8  * under the terms of the GNU General Public License version 2 only, as
   9  * published by the Free Software Foundation.  Oracle designates this
  10  * particular file as subject to the "Classpath" exception as provided
  11  * by Oracle in the LICENSE file that accompanied this code.
  12  *
  13  * This code is distributed in the hope that it will be useful, but WITHOUT
  14  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  15  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  16  * version 2 for more details (a copy is included in the LICENSE file that
  17  * accompanied this code).
  18  *
  19  * You should have received a copy of the GNU General Public License version
  20  * 2 along with this work; if not, write to the Free Software Foundation,
  21  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  22  *
  23  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  24  * or visit www.oracle.com if you need additional information or have any
  25  * questions.
  26  */
  27 package com.sun.javatest;
  28 
  29 import java.io.FileDescriptor;
  30 import java.net.InetAddress;
  31 
  32 import java.lang.RuntimePermission;
  33 import java.security.Permission;
  34 import java.util.PropertyPermission;
  35 
  36 /**
  37  * This class is set for JT Harness running as an application.  Currently, it imposes
  38  * almost no security restrictions at all: its existence prevents anyone else
  39  * (e.g. a test running in this JVM) from setting a more restrictive security manager.
  40  *
  41  * Although not required for running under JDK1.0.2, extra definitions for forward
  42  * compatibility with JDK1.1 are also provided. They will effectively be ignored
  43  * by JDK1.0.2.
  44  */
  45 
  46 public class JavaTestSecurityManager extends SecurityManager
  47 {
  48     {
  49         // use user specified value if given
  50         String s = System.getProperty("javatest.security.allowPropertiesAccess");
  51         if (s != null) {
  52             allowPropertiesAccess = Boolean.valueOf(s).booleanValue();
  53         }
  54     }
  55     /**
  56      * Try to install a copy of this security manager. If another security manager is
  57      * already installed, the install will fail;  a warning message wil, be written to
  58      * the console if the previously installed security manager is not a subtype of
  59      * com.sun.javatest.JavaTestSecurityManager.
  60      * The install can be suppressed by setting the system property
  61      *  "javatest.security.noSecurityManager" to true.
  62      */
  63     public static void install() {
  64         try {
  65             // install our own permissive security manager, to prevent anyone else
  66             // installing a less permissive one.
  67             final String noSecurityMgr = "javatest.security.noSecurityManager";
  68             if (Boolean.getBoolean(noSecurityMgr)) {
  69                 System.err.println();
  70                 System.err.println("     ---- WARNING -----");
  71                 System.err.println();
  72                 System.err.println("JT Harness did not install its own Security Manager");
  73                 System.err.println("because the property " + noSecurityMgr + " was set.");
  74                 System.err.println("This is not a fatal error, but it may affect the");
  75                 System.err.println("execution of sameJVM tests");
  76                 System.err.println();
  77             }
  78             else {
  79                 try {
  80                     // test to see if permission API available:
  81                     // if it's not, we'll get an exception and load
  82                     // an old-style security manager
  83                     Class.forName("java.security.Permission");
  84                     System.setSecurityManager(new NewJavaTestSecurityManager());
  85                 }
  86                 catch (ClassNotFoundException e) {
  87                     System.setSecurityManager(new JavaTestSecurityManager());
  88                 }
  89             }
  90         }
  91         catch (SecurityException e) {
  92             SecurityManager sm = System.getSecurityManager();
  93             if (!(sm instanceof JavaTestSecurityManager)) {
  94                 System.err.println();
  95                 System.err.println("     ---- WARNING -----");
  96                 System.err.println();
  97                 System.err.println("JT Harness could not install its own Security Manager");
  98                 System.err.println("because of the following exception:");
  99                 System.err.println("     " + e);
 100                 System.err.println("This is not a fatal error, but it may affect the");
 101                 System.err.println("execution of sameJVM tests");
 102                 System.err.println();
 103             }
 104         }
 105     }
 106 
 107     // These are the JDK1.0.2 security methods
 108     public void checkAccept(String host, int port) { }
 109     public void checkAccess(Thread g) { }
 110     public void checkAccess(ThreadGroup g) { }
 111     public void checkConnect(String host, int port) { }
 112     public void checkConnect(String host, int port, Object context) { }
 113     public void checkCreateClassLoader() { }
 114     public void checkDelete(String file) { }
 115     public void checkExec(String cmd) { }
 116 
 117     // tests which call System.exit() should not cause JT Harness to exit
 118     public void checkExit(int status) {
 119         if (allowExit == false) {
 120             if (verbose) {
 121                 System.err.println(getClass().getName() + ": System.exit() forbidden");
 122                 new Throwable().printStackTrace();
 123             }
 124             throw new SecurityException("System.exit() forbidden by JT Harness");
 125         }
 126     }
 127 
 128     public void checkLink(String lib) { }
 129     public void checkListen(int port) { }
 130     public void checkPackageAccess(String pkg) { }
 131     public void checkPackageDefinition(String pkg) { }
 132 
 133     // allowing tests to get at and manipulate the system properties
 134     // is too dangerous to permit when multiple tests are running,
 135     // possibly simultaneously, in the same JVM.
 136     public synchronized void checkPropertiesAccess() {
 137         if (allowPropertiesAccess == false) {
 138             if (verbose) {
 139                 System.err.println(getClass().getName() + ": properties access forbidden");
 140                 new Throwable().printStackTrace();
 141             }
 142             throw new SecurityException("Action forbidden by JT Harness: checkPropertiesAccess");
 143         }
 144     }
 145 
 146     public void checkPropertyAccess(String key) { }
 147     public void checkRead(FileDescriptor fd) { }
 148     public void checkRead(String file) { }
 149     public void checkRead(String file, Object context) { }
 150     public void checkSetFactory() { }
 151     public boolean checkTopLevelWindow(Object window) { return true; }
 152     public void checkWrite(FileDescriptor fd) { }
 153     public void checkWrite(String file) { }
 154 
 155     // These methods are added for forward-compatibility with JDK1.1
 156     public void checkAwtEventQueueAccess() { }
 157     public void checkMemberAccess(Class<?> clazz, int which) { }
 158     public void checkMulticast(InetAddress maddr) { }
 159     public void checkMulticast(InetAddress maddr, byte ttl) { }
 160     public void checkPrintJobAccess() { }
 161     public void checkSecurityAccess(String provider) { }
 162     public void checkSystemClipboardAccess() { }
 163 
 164     /**
 165      * Set whether or not the JVM may be exited. The default value is "false".
 166      * @param bool true if the JVM may be exited, and false otherwise
 167      * @return the previous value of this setting
 168      */
 169     public boolean setAllowExit(boolean bool) {
 170         boolean prev = allowExit;
 171         allowExit = bool;
 172         return prev;
 173     }
 174 
 175     /**
 176      * Set whether or not the set of system properties may be accessed.
 177      * The default value is determined by the system property
 178      * "javatest.security.allowPropertiesAccess".
 179      * @param bool true if the system properties may be accessed, and false otherwise
 180      * @return the previous value of this setting
 181      */
 182     public boolean setAllowPropertiesAccess(boolean bool) {
 183         boolean prev = allowPropertiesAccess;
 184         allowPropertiesAccess = bool;
 185         return prev;
 186     }
 187 
 188     static private boolean allowExit = false; // no overrides on this one; API control only
 189     static private boolean allowPropertiesAccess = true;   // see initializer
 190     static private boolean verbose =
 191         Boolean.getBoolean("javatest.security.verbose");
 192 }
 193 
 194 class NewJavaTestSecurityManager extends JavaTestSecurityManager
 195 {
 196     public void checkPermission(Permission perm) {
 197         // allow most stuff, but limit as appropriate
 198         if (perm instanceof RuntimePermission) {
 199             if (perm.getName().equals("exitVM"))
 200                 checkExit(0);
 201             if (perm.getName().equals("createSecurityManager")) {
 202                 super.checkPermission(new java.lang.RuntimePermission("createSecurityManager"));
 203             }
 204         }
 205         else if (perm instanceof PropertyPermission) {
 206             if (perm.getActions().equals("read,write"))
 207                 checkPropertiesAccess();
 208         }
 209     }
 210 }