1 /*
2 * Copyright (c) 1995, 2014, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.applet;
27
28 import java.io.File;
29 import java.io.FilePermission;
30 import java.io.IOException;
31 import java.io.FileDescriptor;
32 import java.net.URL;
33 import java.net.URLClassLoader;
34 import java.net.InetAddress;
35 import java.net.UnknownHostException;
36 import java.net.SocketPermission;
37 import java.util.Enumeration;
38 import java.util.Iterator;
39 import java.util.HashSet;
40 import java.util.StringTokenizer;
41 import java.security.*;
42 import java.lang.reflect.*;
43 import sun.awt.AWTSecurityManager;
44 import sun.awt.AppContext;
45 import sun.awt.AWTPermissions;
46 import sun.security.util.SecurityConstants;
47
48
49 /**
50 * This class defines an applet security policy
51 *
52 */
53 public
54 class AppletSecurity extends AWTSecurityManager {
55
56 //URLClassLoader.acc
57 private static Field facc = null;
58
59 //AccessControlContext.context;
60 private static Field fcontext = null;
61
62 static {
63 try {
64 facc = URLClassLoader.class.getDeclaredField("acc");
65 facc.setAccessible(true);
66 fcontext = AccessControlContext.class.getDeclaredField("context");
67 fcontext.setAccessible(true);
68 } catch (NoSuchFieldException e) {
69 throw new UnsupportedOperationException(e);
70 }
71 }
72
73
74 /**
75 * Construct and initialize.
76 */
77 public AppletSecurity() {
78 reset();
79 }
80
81 // Cache to store known restricted packages
82 private HashSet<String> restrictedPackages = new HashSet<>();
83
84 /**
85 * Reset from Properties
86 */
87 public void reset()
88 {
89 // Clear cache
90 restrictedPackages.clear();
91
92 AccessController.doPrivileged(new PrivilegedAction<Object>() {
131
132 // if that fails, get all the classes on the stack and check them.
133 Class<?>[] context = getClassContext();
134 for (int i = 0; i < context.length; i++) {
135 loader = context[i].getClassLoader();
136 if (loader instanceof AppletClassLoader)
137 return (AppletClassLoader)loader;
138 }
139
140 /*
141 * fix bug # 6433620 the logic here is : try to find URLClassLoader from
142 * class context, check its AccessControlContext to see if
143 * AppletClassLoader is in stack when it's created. for this kind of
144 * URLClassLoader, return the AppContext associated with the
145 * AppletClassLoader.
146 */
147 for (int i = 0; i < context.length; i++) {
148 final ClassLoader currentLoader = context[i].getClassLoader();
149
150 if (currentLoader instanceof URLClassLoader) {
151 loader = AccessController.doPrivileged(
152 new PrivilegedAction<ClassLoader>() {
153 public ClassLoader run() {
154
155 AccessControlContext acc = null;
156 ProtectionDomain[] pds = null;
157
158 try {
159 acc = (AccessControlContext) facc.get(currentLoader);
160 if (acc == null) {
161 return null;
162 }
163
164 pds = (ProtectionDomain[]) fcontext.get(acc);
165 if (pds == null) {
166 return null;
167 }
168 } catch (Exception e) {
169 throw new UnsupportedOperationException(e);
170 }
171
172 for (int i=0; i<pds.length; i++) {
173 ClassLoader cl = pds[i].getClassLoader();
174
175 if (cl instanceof AppletClassLoader) {
176 return cl;
177 }
178 }
179
180 return null;
181 }
182 });
183
184 if (loader != null) {
|
1 /*
2 * Copyright (c) 1995, 2016, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26 package sun.applet;
27
28 import java.io.File;
29 import java.io.FilePermission;
30 import java.io.IOException;
31 import java.io.FileDescriptor;
32 import java.net.URL;
33 import java.net.URLClassLoader;
34 import java.net.InetAddress;
35 import java.net.UnknownHostException;
36 import java.net.SocketPermission;
37 import java.util.Enumeration;
38 import java.util.Iterator;
39 import java.util.HashSet;
40 import java.util.StringTokenizer;
41 import java.security.*;
42 import java.lang.reflect.*;
43 import jdk.internal.misc.JavaNetUrlClassLoaderAccess;
44 import jdk.internal.misc.JavaSecurityAccess;
45 import jdk.internal.misc.SharedSecrets;
46 import sun.awt.AWTSecurityManager;
47 import sun.awt.AppContext;
48 import sun.awt.AWTPermissions;
49 import sun.security.util.SecurityConstants;
50
51
52
53 /**
54 * This class defines an applet security policy
55 *
56 */
57 public
58 class AppletSecurity extends AWTSecurityManager {
59 private static final JavaNetUrlClassLoaderAccess JNUCLA
60 = SharedSecrets.getJavaNetUrlClassLoaderAccess();
61 private static final JavaSecurityAccess JSA = SharedSecrets.getJavaSecurityAccess();
62
63 /**
64 * Construct and initialize.
65 */
66 public AppletSecurity() {
67 reset();
68 }
69
70 // Cache to store known restricted packages
71 private HashSet<String> restrictedPackages = new HashSet<>();
72
73 /**
74 * Reset from Properties
75 */
76 public void reset()
77 {
78 // Clear cache
79 restrictedPackages.clear();
80
81 AccessController.doPrivileged(new PrivilegedAction<Object>() {
120
121 // if that fails, get all the classes on the stack and check them.
122 Class<?>[] context = getClassContext();
123 for (int i = 0; i < context.length; i++) {
124 loader = context[i].getClassLoader();
125 if (loader instanceof AppletClassLoader)
126 return (AppletClassLoader)loader;
127 }
128
129 /*
130 * fix bug # 6433620 the logic here is : try to find URLClassLoader from
131 * class context, check its AccessControlContext to see if
132 * AppletClassLoader is in stack when it's created. for this kind of
133 * URLClassLoader, return the AppContext associated with the
134 * AppletClassLoader.
135 */
136 for (int i = 0; i < context.length; i++) {
137 final ClassLoader currentLoader = context[i].getClassLoader();
138
139 if (currentLoader instanceof URLClassLoader) {
140 URLClassLoader ld = (URLClassLoader)currentLoader;
141 loader = AccessController.doPrivileged(
142 new PrivilegedAction<ClassLoader>() {
143 public ClassLoader run() {
144
145 AccessControlContext acc = null;
146 ProtectionDomain[] pds = null;
147
148 try {
149 acc = JNUCLA.getAccessControlContext(ld);
150 if (acc == null) {
151 return null;
152 }
153
154 pds = JSA.getProtectDomains(acc);
155 if (pds == null) {
156 return null;
157 }
158 } catch (Exception e) {
159 throw new UnsupportedOperationException(e);
160 }
161
162 for (int i=0; i<pds.length; i++) {
163 ClassLoader cl = pds[i].getClassLoader();
164
165 if (cl instanceof AppletClassLoader) {
166 return cl;
167 }
168 }
169
170 return null;
171 }
172 });
173
174 if (loader != null) {
|