1 /* 2 * Copyright (c) 2000, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26 package com.sun.rmi.rmid; 27 28 import java.security.*; 29 import java.io.*; 30 import java.util.*; 31 32 /** 33 * The ExecPermission class represents permission for rmid to execute 34 * a specific command to launch an activation group. An ExecPermission 35 * consists of a pathname of a command to launch an activation group. 36 * <P> 37 * Pathname is the pathname of the file or directory to grant rmid 38 * execute permission. A pathname that ends in "/*" (where "/" is 39 * the file separator character, <code>File.separatorChar</code>) indicates 40 * all the files and directories contained in that directory. A pathname 41 * that ends with "/-" indicates (recursively) all files 42 * and subdirectories contained in that directory. A pathname consisting of 43 * the special token "<<ALL FILES>>" matches <bold>any</bold> file. 44 * <P> 45 * Note: A pathname consisting of a single "*" indicates all the files 46 * in the current directory, while a pathname consisting of a single "-" 47 * indicates all the files in the current directory and 48 * (recursively) all files and subdirectories contained in the current 49 * directory. 50 * <P> 51 * 52 * 53 * @author Ann Wollrath 54 * 55 * @serial exclude 56 */ 57 public final class ExecPermission extends Permission 58 { 59 /** 60 * UID for serialization 61 */ 62 private static final long serialVersionUID = -6208470287358147919L; 63 64 private transient FilePermission fp; 65 66 /** 67 * Creates a new ExecPermission object with the specified path. 68 * <i>path</i> is the pathname of a file or directory. 69 * 70 * <p>A pathname that ends in "/*" (where "/" is 71 * the file separator character, <code>File.separatorChar</code>) indicates 72 * a directory and all the files contained in that directory. A pathname 73 * that ends with "/-" indicates a directory and (recursively) all files 74 * and subdirectories contained in that directory. The special pathname 75 * "<<ALL FILES>>" matches all files. 76 * 77 * <p>A pathname consisting of a single "*" indicates all the files 78 * in the current directory, while a pathname consisting of a single "-" 79 * indicates all the files in the current directory and 80 * (recursively) all files and subdirectories contained in the current 81 * directory. 82 * 83 * @param path the pathname of the file/directory. 84 */ 85 public ExecPermission(String path) { 86 super(path); 87 init(path); 88 } 89 90 /** 91 * Creates a new ExecPermission object with the specified path. 92 * <i>path</i> is the pathname of a file or directory. 93 * 94 * <p>A pathname that ends in "/*" (where "/" is 95 * the file separator character, <code>File.separatorChar</code>) indicates 96 * a directory and all the files contained in that directory. A pathname 97 * that ends with "/-" indicates a directory and (recursively) all files 98 * and subdirectories contained in that directory. The special pathname 99 * "<<ALL FILES>>" matches all files. 100 * 101 * <p>A pathname consisting of a single "*" indicates all the files 102 * in the current directory, while a pathname consisting of a single "-" 103 * indicates all the files in the current directory and 104 * (recursively) all files and subdirectories contained in the current 105 * directory. 106 * 107 * @param path the pathname of the file/directory. 108 * @param actions the action string (unused) 109 */ 110 public ExecPermission(String path, String actions) { 111 this(path); 112 } 113 114 /** 115 * Checks if this ExecPermission object "implies" the specified permission. 116 * <P> 117 * More specifically, this method returns true if:<p> 118 * <ul> 119 * <li> <i>p</i> is an instanceof ExecPermission,<p> and 120 * <li> <i>p</i>'s pathname is implied by this object's 121 * pathname. For example, "/tmp/*" implies "/tmp/foo", since 122 * "/tmp/*" encompasses the "/tmp" directory and all files in that 123 * directory, including the one named "foo". 124 * </ul> 125 * @param p the permission to check against. 126 * 127 * @return true if the specified permission is implied by this object, 128 * false if not. 129 */ 130 public boolean implies(Permission p) { 131 if (!(p instanceof ExecPermission)) 132 return false; 133 134 ExecPermission that = (ExecPermission) p; 135 136 return fp.implies(that.fp); 137 } 138 139 /** 140 * Checks two ExecPermission objects for equality. 141 * Checks that <i>obj</i>'s class is the same as this object's class 142 * and has the same name as this object. 143 * <P> 144 * @param obj the object we are testing for equality with this object. 145 * @return true if <i>obj</i> is an ExecPermission, and has the same 146 * pathname as this ExecPermission object, false otherwise. 147 */ 148 public boolean equals(Object obj) { 149 if (obj == this) 150 return true; 151 152 if (! (obj instanceof ExecPermission)) 153 return false; 154 155 ExecPermission that = (ExecPermission) obj; 156 157 return fp.equals(that.fp); 158 } 159 160 /** 161 * Returns the hash code value for this object. 162 * 163 * @return a hash code value for this object. 164 */ 165 public int hashCode() { 166 return this.fp.hashCode(); 167 } 168 169 /** 170 * Returns the canonical string representation of the actions. 171 * 172 * @return the canonical string representation of the actions. 173 */ 174 public String getActions() { 175 return ""; 176 } 177 178 /** 179 * Returns a new PermissionCollection object for storing 180 * ExecPermission objects. 181 * <p> 182 * A ExecPermissionCollection stores a collection of 183 * ExecPermission permissions. 184 * 185 * <p>ExecPermission objects must be stored in a manner that allows 186 * them to be inserted in any order, but that also enables the 187 * PermissionCollection <code>implies</code> method 188 * to be implemented in an efficient (and consistent) manner. 189 * 190 * @return a new PermissionCollection object suitable for 191 * storing ExecPermissions. 192 */ 193 public PermissionCollection newPermissionCollection() { 194 return new ExecPermissionCollection(); 195 } 196 197 /** 198 * readObject is called to restore the state of the ExecPermission 199 * from a stream. 200 */ 201 private synchronized void readObject(java.io.ObjectInputStream s) 202 throws IOException, ClassNotFoundException 203 { 204 s.defaultReadObject(); 205 // init is called to initialize the rest of the values. 206 init(getName()); 207 } 208 209 /** 210 * Initialize a ExecPermission object. Common to all constructors. 211 * Also called during de-serialization. 212 */ 213 private void init(String path) { 214 this.fp = new FilePermission(path, "execute"); 215 } 216 217 /** 218 * A ExecPermissionCollection stores a collection 219 * of ExecPermission permissions. ExecPermission objects 220 * must be stored in a manner that allows them to be inserted in any 221 * order, but enable the implies function to evaluate the implies 222 * method in an efficient (and consistent) manner. 223 * 224 * @serial include 225 */ 226 private static class ExecPermissionCollection 227 extends PermissionCollection 228 implements java.io.Serializable 229 { 230 private Vector permissions; 231 232 private static final long serialVersionUID = -3352558508888368273L; 233 234 /** 235 * Create an empty ExecPermissionCollection. 236 */ 237 public ExecPermissionCollection() { 238 permissions = new Vector(); 239 } 240 241 /** 242 * Adds a permission to the collection. 243 * 244 * @param permission the Permission object to add. 245 * 246 * @exception IllegalArgumentException - if the permission is not a 247 * ExecPermission 248 * 249 * @exception SecurityException - if this ExecPermissionCollection 250 * object has been marked readonly 251 */ 252 public void add(Permission permission) 253 { 254 if (! (permission instanceof ExecPermission)) 255 throw new IllegalArgumentException("invalid permission: "+ 256 permission); 257 if (isReadOnly()) 258 throw new SecurityException("attempt to add a Permission to a readonly PermissionCollection"); 259 260 permissions.addElement(permission); 261 } 262 263 /** 264 * Check and see if this set of permissions implies the permissions 265 * expressed in "permission". 266 * 267 * @param p the Permission object to compare 268 * 269 * @return true if "permission" is a proper subset of a permission in 270 * the set, false if not. 271 */ 272 public boolean implies(Permission permission) 273 { 274 if (! (permission instanceof ExecPermission)) 275 return false; 276 277 Enumeration e = permissions.elements(); 278 279 while (e.hasMoreElements()) { 280 ExecPermission x = (ExecPermission) e.nextElement(); 281 if (x.implies(permission)) { 282 return true; 283 } 284 } 285 return false; 286 } 287 288 /** 289 * Returns an enumeration of all the ExecPermission objects in the 290 * container. 291 * 292 * @return an enumeration of all the ExecPermission objects. 293 */ 294 public Enumeration elements() 295 { 296 return permissions.elements(); 297 } 298 } 299 }