1 /*
   2  * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 package java.io;
  27 
  28 import java.security.*;
  29 import java.util.Enumeration;
  30 import java.util.List;
  31 import java.util.ArrayList;
  32 import java.util.Vector;
  33 import java.util.Collections;
  34 import java.io.ObjectStreamField;
  35 import java.io.ObjectOutputStream;
  36 import java.io.ObjectInputStream;
  37 import java.io.IOException;
  38 import sun.security.util.SecurityConstants;
  39 
  40 /**
  41  * This class represents access to a file or directory.  A FilePermission consists
  42  * of a pathname and a set of actions valid for that pathname.
  43  * <P>
  44  * Pathname is the pathname of the file or directory granted the specified
  45  * actions. A pathname that ends in "/*" (where "/" is
  46  * the file separator character, <code>File.separatorChar</code>) indicates
  47  * all the files and directories contained in that directory. A pathname
  48  * that ends with "/-" indicates (recursively) all files
  49  * and subdirectories contained in that directory. A pathname consisting of
  50  * the special token "&lt;&lt;ALL FILES&gt;&gt;" matches <b>any</b> file.
  51  * <P>
  52  * Note: A pathname consisting of a single "*" indicates all the files
  53  * in the current directory, while a pathname consisting of a single "-"
  54  * indicates all the files in the current directory and
  55  * (recursively) all files and subdirectories contained in the current
  56  * directory.
  57  * <P>
  58  * The actions to be granted are passed to the constructor in a string containing
  59  * a list of one or more comma-separated keywords. The possible keywords are
  60  * "read", "write", "execute", "delete", and "readlink". Their meaning is
  61  * defined as follows:
  62  * <P>
  63  * <DL>
  64  *    <DT> read <DD> read permission
  65  *    <DT> write <DD> write permission
  66  *    <DT> execute
  67  *    <DD> execute permission. Allows <code>Runtime.exec</code> to
  68  *         be called. Corresponds to <code>SecurityManager.checkExec</code>.
  69  *    <DT> delete
  70  *    <DD> delete permission. Allows <code>File.delete</code> to
  71  *         be called. Corresponds to <code>SecurityManager.checkDelete</code>.
  72  *    <DT> readlink
  73  *    <DD> read link permission. Allows the target of a
  74  *         <a href="../nio/file/package-summary.html#links">symbolic link</a>
  75  *         to be read by invoking the {@link java.nio.file.Files#readSymbolicLink
  76  *         readSymbolicLink } method.
  77  * </DL>
  78  * <P>
  79  * The actions string is converted to lowercase before processing.
  80  * <P>
  81  * Be careful when granting FilePermissions. Think about the implications
  82  * of granting read and especially write access to various files and
  83  * directories. The "&lt;&lt;ALL FILES>>" permission with write action is
  84  * especially dangerous. This grants permission to write to the entire
  85  * file system. One thing this effectively allows is replacement of the
  86  * system binary, including the JVM runtime environment.
  87  *
  88  * <p>Please note: Code can always read a file from the same
  89  * directory it's in (or a subdirectory of that directory); it does not
  90  * need explicit permission to do so.
  91  *
  92  * @see java.security.Permission
  93  * @see java.security.Permissions
  94  * @see java.security.PermissionCollection
  95  *
  96  *
  97  * @author Marianne Mueller
  98  * @author Roland Schemers
  99  * @since 1.2
 100  *
 101  * @serial exclude
 102  */
 103 
 104 public final class FilePermission extends Permission implements Serializable {
 105 
 106     /**
 107      * Execute action.
 108      */
 109     private final static int EXECUTE = 0x1;
 110     /**
 111      * Write action.
 112      */
 113     private final static int WRITE   = 0x2;
 114     /**
 115      * Read action.
 116      */
 117     private final static int READ    = 0x4;
 118     /**
 119      * Delete action.
 120      */
 121     private final static int DELETE  = 0x8;
 122     /**
 123      * Read link action.
 124      */
 125     private final static int READLINK    = 0x10;
 126 
 127     /**
 128      * All actions (read,write,execute,delete,readlink)
 129      */
 130     private final static int ALL     = READ|WRITE|EXECUTE|DELETE|READLINK;
 131     /**
 132      * No actions.
 133      */
 134     private final static int NONE    = 0x0;
 135 
 136     // the actions mask
 137     private transient int mask;
 138 
 139     // does path indicate a directory? (wildcard or recursive)
 140     private transient boolean directory;
 141 
 142     // is it a recursive directory specification?
 143     private transient boolean recursive;
 144 
 145     /**
 146      * the actions string.
 147      *
 148      * @serial
 149      */
 150     private String actions; // Left null as long as possible, then
 151                             // created and re-used in the getAction function.
 152 
 153     // canonicalized dir path. In the case of
 154     // directories, it is the name "/blah/*" or "/blah/-" without
 155     // the last character (the "*" or "-").
 156 
 157     private transient String cpath;
 158 
 159     // static Strings used by init(int mask)
 160     private static final char RECURSIVE_CHAR = '-';
 161     private static final char WILD_CHAR = '*';
 162 
 163 /*
 164     public String toString()
 165     {
 166         StringBuffer sb = new StringBuffer();
 167         sb.append("***\n");
 168         sb.append("cpath = "+cpath+"\n");
 169         sb.append("mask = "+mask+"\n");
 170         sb.append("actions = "+getActions()+"\n");
 171         sb.append("directory = "+directory+"\n");
 172         sb.append("recursive = "+recursive+"\n");
 173         sb.append("***\n");
 174         return sb.toString();
 175     }
 176 */
 177 
 178     private static final long serialVersionUID = 7930732926638008763L;
 179 
 180     /**
 181      * initialize a FilePermission object. Common to all constructors.
 182      * Also called during de-serialization.
 183      *
 184      * @param mask the actions mask to use.
 185      *
 186      */
 187     private void init(int mask)
 188     {
 189 
 190         if ((mask & ALL) != mask)
 191                 throw new IllegalArgumentException("invalid actions mask");
 192 
 193         if (mask == NONE)
 194                 throw new IllegalArgumentException("invalid actions mask");
 195 
 196         if ((cpath = getName()) == null)
 197                 throw new NullPointerException("name can't be null");
 198 
 199         this.mask = mask;
 200 
 201         if (cpath.equals("<<ALL FILES>>")) {
 202             directory = true;
 203             recursive = true;
 204             cpath = "";
 205             return;
 206         }
 207 
 208         // store only the canonical cpath if possible
 209         cpath = AccessController.doPrivileged(new PrivilegedAction<String>() {
 210             public String run() {
 211                 try {
 212                     String path = cpath;
 213                     if (cpath.endsWith("*")) {
 214                         // call getCanonicalPath with a path with wildcard character
 215                         // replaced to avoid calling it with paths that are
 216                         // intended to match all entries in a directory
 217                         path = path.substring(0, path.length()-1) + "-";
 218                         path = new File(path).getCanonicalPath();
 219                         return path.substring(0, path.length()-1) + "*";
 220                     } else {
 221                         return new File(path).getCanonicalPath();
 222                     }
 223                 } catch (IOException ioe) {
 224                     return cpath;
 225                 }
 226             }
 227         });
 228 
 229         int len = cpath.length();
 230         char last = ((len > 0) ? cpath.charAt(len - 1) : 0);
 231 
 232         if (last == RECURSIVE_CHAR &&
 233             cpath.charAt(len - 2) == File.separatorChar) {
 234             directory = true;
 235             recursive = true;
 236             cpath = cpath.substring(0, --len);
 237         } else if (last == WILD_CHAR &&
 238             cpath.charAt(len - 2) == File.separatorChar) {
 239             directory = true;
 240             //recursive = false;
 241             cpath = cpath.substring(0, --len);
 242         } else {
 243             // overkill since they are initialized to false, but
 244             // commented out here to remind us...
 245             //directory = false;
 246             //recursive = false;
 247         }
 248 
 249         // XXX: at this point the path should be absolute. die if it isn't?
 250     }
 251 
 252     /**
 253      * Creates a new FilePermission object with the specified actions.
 254      * <i>path</i> is the pathname of a file or directory, and <i>actions</i>
 255      * contains a comma-separated list of the desired actions granted on the
 256      * file or directory. Possible actions are
 257      * "read", "write", "execute", "delete", and "readlink".
 258      *
 259      * <p>A pathname that ends in "/*" (where "/" is
 260      * the file separator character, <code>File.separatorChar</code>)
 261      * indicates all the files and directories contained in that directory.
 262      * A pathname that ends with "/-" indicates (recursively) all files and
 263      * subdirectories contained in that directory. The special pathname
 264      * "&lt;&lt;ALL FILES&gt;&gt;" matches any file.
 265      *
 266      * <p>A pathname consisting of a single "*" indicates all the files
 267      * in the current directory, while a pathname consisting of a single "-"
 268      * indicates all the files in the current directory and
 269      * (recursively) all files and subdirectories contained in the current
 270      * directory.
 271      *
 272      * <p>A pathname containing an empty string represents an empty path.
 273      *
 274      * @param path the pathname of the file/directory.
 275      * @param actions the action string.
 276      *
 277      * @throws IllegalArgumentException
 278      *          If actions is <code>null</code>, empty or contains an action
 279      *          other than the specified possible actions.
 280      */
 281 
 282     public FilePermission(String path, String actions)
 283     {
 284         super(path);
 285         init(getMask(actions));
 286     }
 287 
 288     /**
 289      * Creates a new FilePermission object using an action mask.
 290      * More efficient than the FilePermission(String, String) constructor.
 291      * Can be used from within
 292      * code that needs to create a FilePermission object to pass into the
 293      * <code>implies</code> method.
 294      *
 295      * @param path the pathname of the file/directory.
 296      * @param mask the action mask to use.
 297      */
 298 
 299     // package private for use by the FilePermissionCollection add method
 300     FilePermission(String path, int mask)
 301     {
 302         super(path);
 303         init(mask);
 304     }
 305 
 306     /**
 307      * Checks if this FilePermission object "implies" the specified permission.
 308      * <P>
 309      * More specifically, this method returns true if:<p>
 310      * <ul>
 311      * <li> <i>p</i> is an instanceof FilePermission,<p>
 312      * <li> <i>p</i>'s actions are a proper subset of this
 313      * object's actions, and <p>
 314      * <li> <i>p</i>'s pathname is implied by this object's
 315      *      pathname. For example, "/tmp/*" implies "/tmp/foo", since
 316      *      "/tmp/*" encompasses all files in the "/tmp" directory,
 317      *      including the one named "foo".
 318      * </ul>
 319      *
 320      * @param p the permission to check against.
 321      *
 322      * @return <code>true</code> if the specified permission is not
 323      *                  <code>null</code> and is implied by this object,
 324      *                  <code>false</code> otherwise.
 325      */
 326     public boolean implies(Permission p) {
 327         if (!(p instanceof FilePermission))
 328             return false;
 329 
 330         FilePermission that = (FilePermission) p;
 331 
 332         // we get the effective mask. i.e., the "and" of this and that.
 333         // They must be equal to that.mask for implies to return true.
 334 
 335         return ((this.mask & that.mask) == that.mask) && impliesIgnoreMask(that);
 336     }
 337 
 338     /**
 339      * Checks if the Permission's actions are a proper subset of the
 340      * this object's actions. Returns the effective mask iff the
 341      * this FilePermission's path also implies that FilePermission's path.
 342      *
 343      * @param that the FilePermission to check against.
 344      * @param exact return immediately if the masks are not equal
 345      * @return the effective mask
 346      */
 347     boolean impliesIgnoreMask(FilePermission that) {
 348         if (this.directory) {
 349             if (this.recursive) {
 350                 // make sure that.path is longer then path so
 351                 // something like /foo/- does not imply /foo
 352                 if (that.directory) {
 353                     return (that.cpath.length() >= this.cpath.length()) &&
 354                             that.cpath.startsWith(this.cpath);
 355                 }  else {
 356                     return ((that.cpath.length() > this.cpath.length()) &&
 357                         that.cpath.startsWith(this.cpath));
 358                 }
 359             } else {
 360                 if (that.directory) {
 361                     // if the permission passed in is a directory
 362                     // specification, make sure that a non-recursive
 363                     // permission (i.e., this object) can't imply a recursive
 364                     // permission.
 365                     if (that.recursive)
 366                         return false;
 367                     else
 368                         return (this.cpath.equals(that.cpath));
 369                 } else {
 370                     int last = that.cpath.lastIndexOf(File.separatorChar);
 371                     if (last == -1)
 372                         return false;
 373                     else {
 374                         // this.cpath.equals(that.cpath.substring(0, last+1));
 375                         // Use regionMatches to avoid creating new string
 376                         return (this.cpath.length() == (last + 1)) &&
 377                             this.cpath.regionMatches(0, that.cpath, 0, last+1);
 378                     }
 379                 }
 380             }
 381         } else if (that.directory) {
 382             // if this is NOT recursive/wildcarded,
 383             // do not let it imply a recursive/wildcarded permission
 384             return false;
 385         } else {
 386             return (this.cpath.equals(that.cpath));
 387         }
 388     }
 389 
 390     /**
 391      * Checks two FilePermission objects for equality. Checks that <i>obj</i> is
 392      * a FilePermission, and has the same pathname and actions as this object.
 393      * <P>
 394      * @param obj the object we are testing for equality with this object.
 395      * @return <code>true</code> if obj is a FilePermission, and has the same
 396      *          pathname and actions as this FilePermission object,
 397      *          <code>false</code> otherwise.
 398      */
 399     public boolean equals(Object obj) {
 400         if (obj == this)
 401             return true;
 402 
 403         if (! (obj instanceof FilePermission))
 404             return false;
 405 
 406         FilePermission that = (FilePermission) obj;
 407 
 408         return (this.mask == that.mask) &&
 409             this.cpath.equals(that.cpath) &&
 410             (this.directory == that.directory) &&
 411             (this.recursive == that.recursive);
 412     }
 413 
 414     /**
 415      * Returns the hash code value for this object.
 416      *
 417      * @return a hash code value for this object.
 418      */
 419 
 420     public int hashCode() {
 421         return this.cpath.hashCode();
 422     }
 423 
 424     /**
 425      * Converts an actions String to an actions mask.
 426      *
 427      * @param action the action string.
 428      * @return the actions mask.
 429      */
 430     private static int getMask(String actions) {
 431 
 432         int mask = NONE;
 433 
 434         // Null action valid?
 435         if (actions == null) {
 436             return mask;
 437         }
 438         // Check against use of constants (used heavily within the JDK)
 439         if (actions == SecurityConstants.FILE_READ_ACTION) {
 440             return READ;
 441         } else if (actions == SecurityConstants.FILE_WRITE_ACTION) {
 442             return WRITE;
 443         } else if (actions == SecurityConstants.FILE_EXECUTE_ACTION) {
 444             return EXECUTE;
 445         } else if (actions == SecurityConstants.FILE_DELETE_ACTION) {
 446             return DELETE;
 447         } else if (actions == SecurityConstants.FILE_READLINK_ACTION) {
 448             return READLINK;
 449         }
 450 
 451         char[] a = actions.toCharArray();
 452 
 453         int i = a.length - 1;
 454         if (i < 0)
 455             return mask;
 456 
 457         while (i != -1) {
 458             char c;
 459 
 460             // skip whitespace
 461             while ((i!=-1) && ((c = a[i]) == ' ' ||
 462                                c == '\r' ||
 463                                c == '\n' ||
 464                                c == '\f' ||
 465                                c == '\t'))
 466                 i--;
 467 
 468             // check for the known strings
 469             int matchlen;
 470 
 471             if (i >= 3 && (a[i-3] == 'r' || a[i-3] == 'R') &&
 472                           (a[i-2] == 'e' || a[i-2] == 'E') &&
 473                           (a[i-1] == 'a' || a[i-1] == 'A') &&
 474                           (a[i] == 'd' || a[i] == 'D'))
 475             {
 476                 matchlen = 4;
 477                 mask |= READ;
 478 
 479             } else if (i >= 4 && (a[i-4] == 'w' || a[i-4] == 'W') &&
 480                                  (a[i-3] == 'r' || a[i-3] == 'R') &&
 481                                  (a[i-2] == 'i' || a[i-2] == 'I') &&
 482                                  (a[i-1] == 't' || a[i-1] == 'T') &&
 483                                  (a[i] == 'e' || a[i] == 'E'))
 484             {
 485                 matchlen = 5;
 486                 mask |= WRITE;
 487 
 488             } else if (i >= 6 && (a[i-6] == 'e' || a[i-6] == 'E') &&
 489                                  (a[i-5] == 'x' || a[i-5] == 'X') &&
 490                                  (a[i-4] == 'e' || a[i-4] == 'E') &&
 491                                  (a[i-3] == 'c' || a[i-3] == 'C') &&
 492                                  (a[i-2] == 'u' || a[i-2] == 'U') &&
 493                                  (a[i-1] == 't' || a[i-1] == 'T') &&
 494                                  (a[i] == 'e' || a[i] == 'E'))
 495             {
 496                 matchlen = 7;
 497                 mask |= EXECUTE;
 498 
 499             } else if (i >= 5 && (a[i-5] == 'd' || a[i-5] == 'D') &&
 500                                  (a[i-4] == 'e' || a[i-4] == 'E') &&
 501                                  (a[i-3] == 'l' || a[i-3] == 'L') &&
 502                                  (a[i-2] == 'e' || a[i-2] == 'E') &&
 503                                  (a[i-1] == 't' || a[i-1] == 'T') &&
 504                                  (a[i] == 'e' || a[i] == 'E'))
 505             {
 506                 matchlen = 6;
 507                 mask |= DELETE;
 508 
 509             } else if (i >= 7 && (a[i-7] == 'r' || a[i-7] == 'R') &&
 510                                  (a[i-6] == 'e' || a[i-6] == 'E') &&
 511                                  (a[i-5] == 'a' || a[i-5] == 'A') &&
 512                                  (a[i-4] == 'd' || a[i-4] == 'D') &&
 513                                  (a[i-3] == 'l' || a[i-3] == 'L') &&
 514                                  (a[i-2] == 'i' || a[i-2] == 'I') &&
 515                                  (a[i-1] == 'n' || a[i-1] == 'N') &&
 516                                  (a[i] == 'k' || a[i] == 'K'))
 517             {
 518                 matchlen = 8;
 519                 mask |= READLINK;
 520 
 521             } else {
 522                 // parse error
 523                 throw new IllegalArgumentException(
 524                         "invalid permission: " + actions);
 525             }
 526 
 527             // make sure we didn't just match the tail of a word
 528             // like "ackbarfaccept".  Also, skip to the comma.
 529             boolean seencomma = false;
 530             while (i >= matchlen && !seencomma) {
 531                 switch(a[i-matchlen]) {
 532                 case ',':
 533                     seencomma = true;
 534                     /*FALLTHROUGH*/
 535                 case ' ': case '\r': case '\n':
 536                 case '\f': case '\t':
 537                     break;
 538                 default:
 539                     throw new IllegalArgumentException(
 540                             "invalid permission: " + actions);
 541                 }
 542                 i--;
 543             }
 544 
 545             // point i at the location of the comma minus one (or -1).
 546             i -= matchlen;
 547         }
 548 
 549         return mask;
 550     }
 551 
 552     /**
 553      * Return the current action mask. Used by the FilePermissionCollection.
 554      *
 555      * @return the actions mask.
 556      */
 557 
 558     int getMask() {
 559         return mask;
 560     }
 561 
 562     /**
 563      * Return the canonical string representation of the actions.
 564      * Always returns present actions in the following order:
 565      * read, write, execute, delete, readlink.
 566      *
 567      * @return the canonical string representation of the actions.
 568      */
 569     private static String getActions(int mask)
 570     {
 571         StringBuilder sb = new StringBuilder();
 572         boolean comma = false;
 573 
 574         if ((mask & READ) == READ) {
 575             comma = true;
 576             sb.append("read");
 577         }
 578 
 579         if ((mask & WRITE) == WRITE) {
 580             if (comma) sb.append(',');
 581             else comma = true;
 582             sb.append("write");
 583         }
 584 
 585         if ((mask & EXECUTE) == EXECUTE) {
 586             if (comma) sb.append(',');
 587             else comma = true;
 588             sb.append("execute");
 589         }
 590 
 591         if ((mask & DELETE) == DELETE) {
 592             if (comma) sb.append(',');
 593             else comma = true;
 594             sb.append("delete");
 595         }
 596 
 597         if ((mask & READLINK) == READLINK) {
 598             if (comma) sb.append(',');
 599             else comma = true;
 600             sb.append("readlink");
 601         }
 602 
 603         return sb.toString();
 604     }
 605 
 606     /**
 607      * Returns the "canonical string representation" of the actions.
 608      * That is, this method always returns present actions in the following order:
 609      * read, write, execute, delete, readlink. For example, if this FilePermission
 610      * object allows both write and read actions, a call to <code>getActions</code>
 611      * will return the string "read,write".
 612      *
 613      * @return the canonical string representation of the actions.
 614      */
 615     public String getActions()
 616     {
 617         if (actions == null)
 618             actions = getActions(this.mask);
 619 
 620         return actions;
 621     }
 622 
 623 
 624     /**
 625      * Returns a new PermissionCollection object for storing FilePermission
 626      * objects.
 627      * <p>
 628      * FilePermission objects must be stored in a manner that allows them
 629      * to be inserted into the collection in any order, but that also enables the
 630      * PermissionCollection <code>implies</code>
 631      * method to be implemented in an efficient (and consistent) manner.
 632      *
 633      * <p>For example, if you have two FilePermissions:
 634      * <OL>
 635      * <LI>  <code>"/tmp/-", "read"</code>
 636      * <LI>  <code>"/tmp/scratch/foo", "write"</code>
 637      * </OL>
 638      *
 639      * <p>and you are calling the <code>implies</code> method with the FilePermission:
 640      *
 641      * <pre>
 642      *   "/tmp/scratch/foo", "read,write",
 643      * </pre>
 644      *
 645      * then the <code>implies</code> function must
 646      * take into account both the "/tmp/-" and "/tmp/scratch/foo"
 647      * permissions, so the effective permission is "read,write",
 648      * and <code>implies</code> returns true. The "implies" semantics for
 649      * FilePermissions are handled properly by the PermissionCollection object
 650      * returned by this <code>newPermissionCollection</code> method.
 651      *
 652      * @return a new PermissionCollection object suitable for storing
 653      * FilePermissions.
 654      */
 655 
 656     public PermissionCollection newPermissionCollection() {
 657         return new FilePermissionCollection();
 658     }
 659 
 660     /**
 661      * WriteObject is called to save the state of the FilePermission
 662      * to a stream. The actions are serialized, and the superclass
 663      * takes care of the name.
 664      */
 665     private void writeObject(ObjectOutputStream s)
 666         throws IOException
 667     {
 668         // Write out the actions. The superclass takes care of the name
 669         // call getActions to make sure actions field is initialized
 670         if (actions == null)
 671             getActions();
 672         s.defaultWriteObject();
 673     }
 674 
 675     /**
 676      * readObject is called to restore the state of the FilePermission from
 677      * a stream.
 678      */
 679     private void readObject(ObjectInputStream s)
 680          throws IOException, ClassNotFoundException
 681     {
 682         // Read in the actions, then restore everything else by calling init.
 683         s.defaultReadObject();
 684         init(getMask(actions));
 685     }
 686 }
 687 
 688 /**
 689  * A FilePermissionCollection stores a set of FilePermission permissions.
 690  * FilePermission objects
 691  * must be stored in a manner that allows them to be inserted in any
 692  * order, but enable the implies function to evaluate the implies
 693  * method.
 694  * For example, if you have two FilePermissions:
 695  * <OL>
 696  * <LI> "/tmp/-", "read"
 697  * <LI> "/tmp/scratch/foo", "write"
 698  * </OL>
 699  * And you are calling the implies function with the FilePermission:
 700  * "/tmp/scratch/foo", "read,write", then the implies function must
 701  * take into account both the /tmp/- and /tmp/scratch/foo
 702  * permissions, so the effective permission is "read,write".
 703  *
 704  * @see java.security.Permission
 705  * @see java.security.Permissions
 706  * @see java.security.PermissionCollection
 707  *
 708  *
 709  * @author Marianne Mueller
 710  * @author Roland Schemers
 711  *
 712  * @serial include
 713  *
 714  */
 715 
 716 final class FilePermissionCollection extends PermissionCollection
 717 implements Serializable {
 718 
 719     // Not serialized; see serialization section at end of class
 720     private transient List<Permission> perms;
 721 
 722     /**
 723      * Create an empty FilePermissions object.
 724      *
 725      */
 726 
 727     public FilePermissionCollection() {
 728         perms = new ArrayList<>();
 729     }
 730 
 731     /**
 732      * Adds a permission to the FilePermissions. The key for the hash is
 733      * permission.path.
 734      *
 735      * @param permission the Permission object to add.
 736      *
 737      * @exception IllegalArgumentException - if the permission is not a
 738      *                                       FilePermission
 739      *
 740      * @exception SecurityException - if this FilePermissionCollection object
 741      *                                has been marked readonly
 742      */
 743 
 744     public void add(Permission permission)
 745     {
 746         if (! (permission instanceof FilePermission))
 747             throw new IllegalArgumentException("invalid permission: "+
 748                                                permission);
 749         if (isReadOnly())
 750             throw new SecurityException(
 751                 "attempt to add a Permission to a readonly PermissionCollection");
 752 
 753         synchronized (this) {
 754             perms.add(permission);
 755         }
 756     }
 757 
 758     /**
 759      * Check and see if this set of permissions implies the permissions
 760      * expressed in "permission".
 761      *
 762      * @param p the Permission object to compare
 763      *
 764      * @return true if "permission" is a proper subset of a permission in
 765      * the set, false if not.
 766      */
 767 
 768     public boolean implies(Permission permission)
 769     {
 770         if (! (permission instanceof FilePermission))
 771                 return false;
 772 
 773         FilePermission fp = (FilePermission) permission;
 774 
 775         int desired = fp.getMask();
 776         int effective = 0;
 777         int needed = desired;
 778 
 779         synchronized (this) {
 780             int len = perms.size();
 781             for (int i = 0; i < len; i++) {
 782                 FilePermission x = (FilePermission) perms.get(i);
 783                 if (((needed & x.getMask()) != 0) && x.impliesIgnoreMask(fp)) {
 784                     effective |=  x.getMask();
 785                     if ((effective & desired) == desired)
 786                         return true;
 787                     needed = (desired ^ effective);
 788                 }
 789             }
 790         }
 791         return false;
 792     }
 793 
 794     /**
 795      * Returns an enumeration of all the FilePermission objects in the
 796      * container.
 797      *
 798      * @return an enumeration of all the FilePermission objects.
 799      */
 800 
 801     public Enumeration elements() {
 802         // Convert Iterator into Enumeration
 803         synchronized (this) {
 804             return Collections.enumeration(perms);
 805         }
 806     }
 807 
 808     private static final long serialVersionUID = 2202956749081564585L;
 809 
 810     // Need to maintain serialization interoperability with earlier releases,
 811     // which had the serializable field:
 812     //    private Vector permissions;
 813 
 814     /**
 815      * @serialField permissions java.util.Vector
 816      *     A list of FilePermission objects.
 817      */
 818     private static final ObjectStreamField[] serialPersistentFields = {
 819         new ObjectStreamField("permissions", Vector.class),
 820     };
 821 
 822     /**
 823      * @serialData "permissions" field (a Vector containing the FilePermissions).
 824      */
 825     /*
 826      * Writes the contents of the perms field out as a Vector for
 827      * serialization compatibility with earlier releases.
 828      */
 829     private void writeObject(ObjectOutputStream out) throws IOException {
 830         // Don't call out.defaultWriteObject()
 831 
 832         // Write out Vector
 833         Vector<Permission> permissions = new Vector<>(perms.size());
 834         synchronized (this) {
 835             permissions.addAll(perms);
 836         }
 837 
 838         ObjectOutputStream.PutField pfields = out.putFields();
 839         pfields.put("permissions", permissions);
 840         out.writeFields();
 841     }
 842 
 843     /*
 844      * Reads in a Vector of FilePermissions and saves them in the perms field.
 845      */
 846     @SuppressWarnings("unchecked")
 847     private void readObject(ObjectInputStream in) throws IOException,
 848     ClassNotFoundException {
 849         // Don't call defaultReadObject()
 850 
 851         // Read in serialized fields
 852         ObjectInputStream.GetField gfields = in.readFields();
 853 
 854         // Get the one we want
 855         Vector<Permission> permissions = (Vector<Permission>)gfields.get("permissions", null);
 856         perms = new ArrayList<>(permissions.size());
 857         perms.addAll(permissions);
 858     }
 859 }