1 /*
   2  * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.
   8  *
   9  * This code is distributed in the hope that it will be useful, but WITHOUT
  10  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12  * version 2 for more details (a copy is included in the LICENSE file that
  13  * accompanied this code).
  14  *
  15  * You should have received a copy of the GNU General Public License version
  16  * 2 along with this work; if not, write to the Free Software Foundation,
  17  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18  *
  19  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20  * or visit www.oracle.com if you need additional information or have any
  21  * questions.
  22  */
  23 
  24 /**
  25  * Try to access sensitive class like Unsafe.
  26  *
  27  * @test
  28  * @security
  29  * @run
  30  */
  31 
  32 function check(e) {
  33    if (! (e instanceof java.lang.SecurityException)) {
  34        fail("expected SecurityException, got " + e);
  35    }
  36 }
  37 
  38 try {
  39     var unsafe = java.lang.Class.forName("sun.misc.Unsafe");
  40     fail("No SecurityException for Class.forName sun.misc.Unsafe");
  41 } catch (e) {
  42     check(e);
  43 }
  44 
  45 try {
  46     var unsafe = Java.type("sun.misc.Unsafe");
  47     fail("No SecurityException for Java.type sun.misc.Unsafe");
  48 } catch (e) {
  49     check(e);
  50 }
  51 
  52 try {
  53     var unsafe = Packages.sun.misc.Unsafe;
  54     fail("No SecurityException for Packages.sun.misc.Unsafe");
  55 } catch (e) {
  56     check(e);
  57 }
  58 
  59 try {
  60     var cl = Packages.jdk.nashorn.internal.runtime.Context.class;
  61     var unsafe = cl.getClassLoader().loadClass("sun.misc.Unsafe");
  62 } catch (e) {
  63     check(e);
  64 }