23 * questions.
24 */
25
26 package sun.applet;
27
28 import java.io.File;
29 import java.io.FilePermission;
30 import java.io.IOException;
31 import java.io.FileDescriptor;
32 import java.net.URL;
33 import java.net.URLClassLoader;
34 import java.net.InetAddress;
35 import java.net.UnknownHostException;
36 import java.net.SocketPermission;
37 import java.util.Enumeration;
38 import java.util.Iterator;
39 import java.util.HashSet;
40 import java.util.StringTokenizer;
41 import java.security.*;
42 import java.lang.reflect.*;
43 import sun.awt.AWTSecurityManager;
44 import sun.awt.AppContext;
45 import sun.awt.AWTPermissions;
46 import sun.security.util.SecurityConstants;
47
48
49 /**
50 * This class defines an applet security policy
51 *
52 */
53 public
54 class AppletSecurity extends AWTSecurityManager {
55
56 //URLClassLoader.acc
57 private static Field facc = null;
58
59 //AccessControlContext.context;
60 private static Field fcontext = null;
61
62 static {
63 try {
64 facc = URLClassLoader.class.getDeclaredField("acc");
65 facc.setAccessible(true);
66 fcontext = AccessControlContext.class.getDeclaredField("context");
67 fcontext.setAccessible(true);
68 } catch (NoSuchFieldException e) {
69 throw new UnsupportedOperationException(e);
70 }
71 }
72
73
74 /**
75 * Construct and initialize.
76 */
77 public AppletSecurity() {
78 reset();
79 }
80
81 // Cache to store known restricted packages
82 private HashSet<String> restrictedPackages = new HashSet<>();
83
84 /**
85 * Reset from Properties
86 */
87 public void reset()
88 {
89 // Clear cache
90 restrictedPackages.clear();
91
92 AccessController.doPrivileged(new PrivilegedAction<Object>() {
131
132 // if that fails, get all the classes on the stack and check them.
133 Class<?>[] context = getClassContext();
134 for (int i = 0; i < context.length; i++) {
135 loader = context[i].getClassLoader();
136 if (loader instanceof AppletClassLoader)
137 return (AppletClassLoader)loader;
138 }
139
140 /*
141 * fix bug # 6433620 the logic here is : try to find URLClassLoader from
142 * class context, check its AccessControlContext to see if
143 * AppletClassLoader is in stack when it's created. for this kind of
144 * URLClassLoader, return the AppContext associated with the
145 * AppletClassLoader.
146 */
147 for (int i = 0; i < context.length; i++) {
148 final ClassLoader currentLoader = context[i].getClassLoader();
149
150 if (currentLoader instanceof URLClassLoader) {
151 loader = AccessController.doPrivileged(
152 new PrivilegedAction<ClassLoader>() {
153 public ClassLoader run() {
154
155 AccessControlContext acc = null;
156 ProtectionDomain[] pds = null;
157
158 try {
159 acc = (AccessControlContext) facc.get(currentLoader);
160 if (acc == null) {
161 return null;
162 }
163
164 pds = (ProtectionDomain[]) fcontext.get(acc);
165 if (pds == null) {
166 return null;
167 }
168 } catch (Exception e) {
169 throw new UnsupportedOperationException(e);
170 }
171
172 for (int i=0; i<pds.length; i++) {
173 ClassLoader cl = pds[i].getClassLoader();
174
175 if (cl instanceof AppletClassLoader) {
176 return cl;
177 }
178 }
179
180 return null;
181 }
182 });
183
184 if (loader != null) {
|
23 * questions.
24 */
25
26 package sun.applet;
27
28 import java.io.File;
29 import java.io.FilePermission;
30 import java.io.IOException;
31 import java.io.FileDescriptor;
32 import java.net.URL;
33 import java.net.URLClassLoader;
34 import java.net.InetAddress;
35 import java.net.UnknownHostException;
36 import java.net.SocketPermission;
37 import java.util.Enumeration;
38 import java.util.Iterator;
39 import java.util.HashSet;
40 import java.util.StringTokenizer;
41 import java.security.*;
42 import java.lang.reflect.*;
43 import jdk.internal.misc.JavaNetAccess;
44 import jdk.internal.misc.JavaSecurityAccess;
45 import jdk.internal.misc.SharedSecrets;
46 import sun.awt.AWTSecurityManager;
47 import sun.awt.AppContext;
48 import sun.awt.AWTPermissions;
49 import sun.security.util.SecurityConstants;
50
51
52
53 /**
54 * This class defines an applet security policy
55 *
56 */
57 public
58 class AppletSecurity extends AWTSecurityManager {
59 private static final JavaNetAccess JNA = SharedSecrets.getJavaNetAccess();
60 private static final JavaSecurityAccess JSA = SharedSecrets.getJavaSecurityAccess();
61
62 /**
63 * Construct and initialize.
64 */
65 public AppletSecurity() {
66 reset();
67 }
68
69 // Cache to store known restricted packages
70 private HashSet<String> restrictedPackages = new HashSet<>();
71
72 /**
73 * Reset from Properties
74 */
75 public void reset()
76 {
77 // Clear cache
78 restrictedPackages.clear();
79
80 AccessController.doPrivileged(new PrivilegedAction<Object>() {
119
120 // if that fails, get all the classes on the stack and check them.
121 Class<?>[] context = getClassContext();
122 for (int i = 0; i < context.length; i++) {
123 loader = context[i].getClassLoader();
124 if (loader instanceof AppletClassLoader)
125 return (AppletClassLoader)loader;
126 }
127
128 /*
129 * fix bug # 6433620 the logic here is : try to find URLClassLoader from
130 * class context, check its AccessControlContext to see if
131 * AppletClassLoader is in stack when it's created. for this kind of
132 * URLClassLoader, return the AppContext associated with the
133 * AppletClassLoader.
134 */
135 for (int i = 0; i < context.length; i++) {
136 final ClassLoader currentLoader = context[i].getClassLoader();
137
138 if (currentLoader instanceof URLClassLoader) {
139 URLClassLoader ld = (URLClassLoader)currentLoader;
140 loader = AccessController.doPrivileged(
141 new PrivilegedAction<ClassLoader>() {
142 public ClassLoader run() {
143
144 AccessControlContext acc = null;
145 ProtectionDomain[] pds = null;
146
147 try {
148 acc = JNA.getAccessControlContext(ld);
149 if (acc == null) {
150 return null;
151 }
152
153 pds = JSA.getProtectDomains(acc);
154 if (pds == null) {
155 return null;
156 }
157 } catch (Exception e) {
158 throw new UnsupportedOperationException(e);
159 }
160
161 for (int i=0; i<pds.length; i++) {
162 ClassLoader cl = pds[i].getClassLoader();
163
164 if (cl instanceof AppletClassLoader) {
165 return cl;
166 }
167 }
168
169 return null;
170 }
171 });
172
173 if (loader != null) {
|