/**
   * Obtain an ObjectInputStream that allows de-serialization of a graph of objects.
   *
   * @throws IOException when the de-serialziation fails
   * @return an ObjectInputStream that can be used to deserialize objects
   */
  public ObjectInputStream createObjectInputStream(
      final InputStream is, final boolean resolveObject, final ClassLoader loader)
      throws Exception {
    ObjectInputStream ois = null;
    if (loader != null) {
      // Need privileged block here because EJBObjectInputStream
      // does enableResolveObject
      if (System.getSecurityManager() == null) {
        ois = new EJBObjectInputStream(is, loader, resolveObject);
      } else {
        try {
          ois =
              (ObjectInputStream)
                  AccessController.doPrivileged(
                      new PrivilegedExceptionAction() {
                        public java.lang.Object run() throws Exception {
                          return new EJBObjectInputStream(is, loader, resolveObject);
                        }
                      });
        } catch (PrivilegedActionException ex) {
          throw (IOException) ex.getException();
        }
      }
    } else {
      ois = new ObjectInputStream(is);
    }

    return ois;
  }
 /**
  * Obtain an ObjectOutputStream that allows serialization of a graph of objects. The objects can
  * be plain Serializable objects or can be converted into Serializable objects using the handler
  *
  * @throws IOException when the serialziation fails
  * @return an ObjectOutputStream that can be used to serialize objects
  */
 public ObjectOutputStream createObjectOutputStream(
     final OutputStream os,
     final boolean replaceObject,
     final NonSerializableObjectHandler handler)
     throws IOException {
   // Need privileged block here because EJBObjectOutputStream
   // does enableReplaceObject
   ObjectOutputStream oos = null;
   if (System.getSecurityManager() == null) {
     oos = new EJBObjectOutputStream(os, replaceObject, handler);
   } else {
     try {
       oos =
           (ObjectOutputStream)
               AccessController.doPrivileged(
                   new PrivilegedExceptionAction() {
                     public java.lang.Object run() throws Exception {
                       return new EJBObjectOutputStream(os, replaceObject, handler);
                     }
                   });
     } catch (PrivilegedActionException ex) {
       throw (IOException) ex.getException();
     }
   }
   return oos;
 }
 @Override
 public boolean hasPermission(Object permission) {
   Generation current = (Generation) module.getCurrentRevision().getRevisionInfo();
   ProtectionDomain domain = current.getDomain();
   if (domain != null) {
     if (permission instanceof Permission) {
       SecurityManager sm = System.getSecurityManager();
       if (sm instanceof EquinoxSecurityManager) {
         /*
          * If the FrameworkSecurityManager is active, we need to do checks the "right" way.
          * We can exploit our knowledge that the security context of FrameworkSecurityManager
          * is an AccessControlContext to invoke it properly with the ProtectionDomain.
          */
         AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] {domain});
         try {
           sm.checkPermission((Permission) permission, acc);
           return true;
         } catch (Exception e) {
           return false;
         }
       }
       return domain.implies((Permission) permission);
     }
     return false;
   }
   return true;
 }
 /** Check for permission to get a service. */
 private <A> void checkAdaptPermission(Class<A> adapterType) {
   SecurityManager sm = System.getSecurityManager();
   if (sm == null) {
     return;
   }
   sm.checkPermission(new AdaptPermission(adapterType.getName(), this, AdaptPermission.ADAPT));
 }
Beispiel #5
0
 /** @param args */
 public static void main(String[] args) {
   if (args.length < 1) {
     System.out.println("Uso echo <host>");
     System.exit(1);
   }
   if (System.getSecurityManager() == null) {
     System.setSecurityManager(new SecurityManager());
   }
   BufferedReader stdIn = new BufferedReader(new InputStreamReader(System.in));
   PrintWriter stdOut = new PrintWriter(System.out);
   String input, output;
   try {
     EchoInt eo = (EchoInt) Naming.lookup("//" + args[0] + "/miEcho");
     stdOut.print("> ");
     stdOut.flush();
     while ((input = stdIn.readLine()) != null) {
       output = eo.echo(input);
       stdOut.println(output);
       stdOut.print("> ");
       stdOut.flush();
     }
   } catch (Exception e) {
     System.err.println("RMI Echo Client error: " + e.getLocalizedMessage());
   }
 }
    /**
     * Check that the current context is trusted to modify the logging
     * configuration.  This requires LoggingPermission("control").
     * <p>
     * If the check fails we throw a SecurityException, otherwise
     * we return normally.
     *
     * @exception  SecurityException  if a security manager exists and if
     *             the caller does not have LoggingPermission("control").
     */
    public void checkAccess() throws SecurityException {
	SecurityManager sm = System.getSecurityManager();
	if (sm == null) {
	    return;
	}
        sm.checkPermission(ourPermission);
    }
Beispiel #7
0
 /**
  * Used to indicate whether of not we are running in an environment where GUI interaction is
  * available.
  *
  * <p>Note that this method is security checked and is not available to (for example) untrusted
  * applets. More specifically, if there is a security manager, its <code>checkPropertiesAccess
  * </code> method is called. This could result in a SecurityException.
  *
  * @param isGuiAvailable True if GUI interaction is available.
  * @exception SecurityException if a security manager exists and its <code>checkPropertiesAccess
  *     </code> method doesn't allow setting of system properties.
  * @see SecurityManager#checkPropertiesAccess
  */
 public static void setGuiAvailable(boolean isGuiAvailable) throws SecurityException {
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) {
     sm.checkPropertiesAccess();
   }
   guiAvailable = isGuiAvailable;
 }
Beispiel #8
0
  /**
   * Sets the default locale for this instance of the Java Virtual Machine. This does not affect the
   * host locale.
   *
   * <p>If there is a security manager, its <code>checkPermission</code> method is called with a
   * <code>PropertyPermission("user.language", "write")</code> permission before the default locale
   * is changed.
   *
   * <p>The Java Virtual Machine sets the default locale during startup based on the host
   * environment. It is used by many locale-sensitive methods if no locale is explicitly specified.
   *
   * <p>Since changing the default locale may affect many different areas of functionality, this
   * method should only be used if the caller is prepared to reinitialize locale-sensitive code
   * running within the same Java Virtual Machine, such as the user interface.
   *
   * @throws SecurityException if a security manager exists and its <code>checkPermission</code>
   *     method doesn't allow the operation.
   * @throws NullPointerException if <code>newLocale</code> is null
   * @param newLocale the new default locale
   * @see SecurityManager#checkPermission
   * @see java.util.PropertyPermission
   */
  public static synchronized void setDefault(Locale newLocale) {
    if (newLocale == null) throw new NullPointerException("Can't set default locale to NULL");

    SecurityManager sm = System.getSecurityManager();
    if (sm != null) sm.checkPermission(new PropertyPermission("user.language", "write"));
    defaultLocale = newLocale;
  }
Beispiel #9
0
 /**
  * Used to indicate whether of not we are running in an application builder environment.
  *
  * <p>Note that this method is security checked and is not available to (for example) untrusted
  * applets. More specifically, if there is a security manager, its <code>checkPropertiesAccess
  * </code> method is called. This could result in a SecurityException.
  *
  * @param isDesignTime True if we're in an application builder tool.
  * @exception SecurityException if a security manager exists and its <code>checkPropertiesAccess
  *     </code> method doesn't allow setting of system properties.
  * @see SecurityManager#checkPropertiesAccess
  */
 public static void setDesignTime(boolean isDesignTime) throws SecurityException {
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) {
     sm.checkPropertiesAccess();
   }
   designTime = isDesignTime;
 }
Beispiel #10
0
  private static void permissionCheck() {
    SecurityManager sec = System.getSecurityManager();

    if (sec != null) {
      sec.checkPermission(new RuntimePermission("useKeychainStore"));
    }
  }
  private JarFile getCachedJarFile(URL url) {
    JarFile result = (JarFile) fileCache.get(url);

    /* if the JAR file is cached, the permission will always be there */
    if (result != null) {
      Permission perm = getPermission(result);
      if (perm != null) {
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
          try {
            sm.checkPermission(perm);
          } catch (SecurityException se) {
            // fallback to checkRead/checkConnect for pre 1.2
            // security managers
            if ((perm instanceof java.io.FilePermission)
                && perm.getActions().indexOf("read") != -1) {
              sm.checkRead(perm.getName());
            } else if ((perm instanceof java.net.SocketPermission)
                && perm.getActions().indexOf("connect") != -1) {
              sm.checkConnect(url.getHost(), url.getPort());
            } else {
              throw se;
            }
          }
        }
      }
    }
    return result;
  }
Beispiel #12
0
 private static EquinoxSecurityManager getSupportedSystemSecurityManager() {
   try {
     EquinoxSecurityManager equinoxManager = (EquinoxSecurityManager) System.getSecurityManager();
     return equinoxManager != null && equinoxManager.inCheckPermission() ? equinoxManager : null;
   } catch (ClassCastException e) {
     return null;
   }
 }
 /**
  * Gets a security property value.
  *
  * <p>First, if there is a security manager, its <code>checkPermission</code> method is called
  * with a <code>java.security.SecurityPermission("getProperty."+key)</code> permission to see if
  * it's ok to retrieve the specified security property value..
  *
  * @param key the key of the property being retrieved.
  * @return the value of the security property corresponding to key.
  * @throws SecurityException if a security manager exists and its <code>{@link
  *          java.lang.SecurityManager#checkPermission}</code> method denies access to retrieve the
  *     specified security property value
  * @throws NullPointerException is key is null
  * @see #setProperty
  * @see java.security.SecurityPermission
  */
 public static String getProperty(String key) {
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) {
     sm.checkPermission(new SecurityPermission("getProperty." + key));
   }
   String name = props.getProperty(key);
   if (name != null) name = name.trim(); // could be a class name with trailing ws
   return name;
 }
Beispiel #14
0
  private Descrittore contatta_server(String nome) {

    // variabili per l'RMI
    RMIServerInt serv = null; // server
    Descrittore descr_rit = null; // descrittore ritornato

    if (nome == null) {
      System.out.println("## contatta_server di Download ha ricevuto parametro null ! ");
      return null;
    }

    System.out.println("@ provo a contattare il server RMI ");
    // ################  RMI ################
    if (System.getSecurityManager() == null) {
      System.setSecurityManager(new SecurityManager());
    }

    Object o = null;
    try {
      // o = Naming.lookup("rmi://192.168.0.10:1099/srmi");
      Registry registry = LocateRegistry.getRegistry(server.getHostAddress());
      o = registry.lookup("srmi");

    } catch (RemoteException e) {
      System.out.println("## Problemi nell'RMI di Download - contatta_server di " + nome);
      e.printStackTrace();
    } catch (NotBoundException e) {
      System.out.println("## Problemi nell'RMI di Download - contatta_server di " + nome);
      e.printStackTrace();
    }

    if (o == null) {
      System.out.println(
          "## l'RMI di Download - contatta_server di " + nome + " ha ritornato l'oggetto o null");
      return null;
    }

    serv = (RMIServerInt) o;

    try {
      descr_rit = serv.lookup(nome, InetAddress.getLocalHost());
    } catch (RemoteException e) {
      e.printStackTrace();
      System.out.println("## Problemi con Lookup di " + nome);
      return null;

    } catch (UnknownHostException e) {
      e.printStackTrace();
      System.out.println("## Problemi con Lookup di " + nome);
      return null;
    }

    return descr_rit;
  }
Beispiel #15
0
  /**
   * Sets the <code>SocketImplFactory</code>. This may be done only once per virtual machine.
   * Subsequent attempts will generate a <code>SocketException</code>. Note that a <code>
   * SecurityManager</code> check is made prior to setting the factory. If insufficient privileges
   * exist to set the factory, then an <code>IOException</code> will be thrown.
   *
   * @exception SecurityException If the <code>SecurityManager</code> does not allow this operation.
   * @exception SocketException If the SocketImplFactory is already defined
   * @exception IOException If any other error occurs
   */
  public static synchronized void setSocketImplFactory(SocketImplFactory fac) throws IOException {
    // See if already set
    if (factory != null) throw new SocketException("SocketImplFactory already defined");

    // Check permissions
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) sm.checkSetFactory();

    if (fac == null) throw new SocketException("SocketImplFactory cannot be null");

    factory = fac;
  }
Beispiel #16
0
 public static boolean checkSecurity() {
   SecurityManager security = System.getSecurityManager();
   if (security != null) {
     try {
       security.checkPropertyAccess("user.dir");
       security.checkPropertyAccess("file.separator");
     } catch (SecurityException e) {
       System.out.println("SecurityManager restricts session recording.");
       return false;
     }
   }
   return true;
 }
    // Private method to set a parent on a logger.
    // If necessary, we raise privilege before doing the setParent call.
    private static void doSetParent(final Logger logger, final Logger parent) {
	SecurityManager sm = System.getSecurityManager();
	if (sm == null) {
	    // There is no security manager, so things are easy.
	    logger.setParent(parent);
	    return;
	} 
	// There is a security manager.  Raise privilege before
	// calling setParent.
	AccessController.doPrivileged(new PrivilegedAction() {
	    public Object run() {
		logger.setParent(parent);
		return null;
	    }});
    }
Beispiel #18
0
  /**
   * Constructor. The properties specifies how the connector should be configured. The properties to
   * include are;
   *
   * <p>'network_password' -> (String) the network password 'output_net_interface' ->
   * (NetworkInterface) the output network interface to use for IPv6 scope.
   */
  TCPNetworkConnector(TCPConnectorValues properties) {

    // Security check,
    SecurityManager security = System.getSecurityManager();
    if (security != null) security.checkPermission(MckoiNetworkPermission.CREATE_TCP_CONNECTOR);

    connection_pool = new HashMap<>();
    this.password = properties.getNetworkPassword();
    this.network_interface = properties.getOutputNetworkInterface();

    // This thread kills connections that have timed out.
    background_thread = new ConnectionDestroyThread(log, connection_pool);
    background_thread.setDaemon(true);
    background_thread.start();
  }
Beispiel #19
0
 // security check to see whether the caller can perform attach
 private void checkProcessAttach(int pid) {
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) {
     String os = System.getProperty("os.name");
     try {
       // Whether the caller can perform link against SA native library?
       checkNativeLink(sm, os);
       if (os.equals("SunOS") || os.equals("Linux")) {
         // Whether the caller can read /proc/<pid> file?
         sm.checkRead("/proc/" + pid);
       }
     } catch (SecurityException se) {
       throw new SecurityException("permission denied to attach to " + pid);
     }
   }
 }
Beispiel #20
0
  /**
   * This constructor is where the real work takes place. Connect to the specified address and port.
   * Use default local values if not specified, otherwise use the local host and port passed in.
   * Create as stream or datagram based on "stream" argument.
   *
   * <p>
   *
   * @param raddr The remote address to connect to
   * @param rport The remote port to connect to
   * @param laddr The local address to connect to
   * @param lport The local port to connect to
   * @param stream true for a stream socket, false for a datagram socket
   * @exception IOException If an error occurs
   * @exception SecurityException If a security manager exists and its checkConnect method doesn't
   *     allow the operation
   */
  private Socket(InetAddress raddr, int rport, InetAddress laddr, int lport, boolean stream)
      throws IOException {
    this();
    this.inputShutdown = false;
    this.outputShutdown = false;

    if (impl == null) throw new IOException("Cannot initialize Socket implementation");

    SecurityManager sm = System.getSecurityManager();
    if (sm != null) sm.checkConnect(raddr.getHostName(), rport);

    impl.create(stream);

    // FIXME: JCL p. 1586 says if localPort is unspecified, bind to any port,
    // i.e. '0' and if localAddr is unspecified, use getLocalAddress() as
    // that default.  JDK 1.2 doc infers not to do a bind.
    if (laddr != null) impl.bind(laddr, lport);

    if (raddr != null) impl.connect(raddr, rport);
  }
Beispiel #21
0
  /**
   * Returns the local address to which this socket is bound. If this socket is not connected, then
   * <code>null</code> is returned.
   *
   * @return The local address
   * @since 1.1
   */
  public InetAddress getLocalAddress() {
    if (impl == null) return null;

    InetAddress addr = null;
    try {
      addr = (InetAddress) impl.getOption(SocketOptions.SO_BINDADDR);
    } catch (SocketException e) {
      // (hopefully) shouldn't happen
      // throw new java.lang.InternalError
      //      ("Error in PlainSocketImpl.getOption");
      return null;
    }

    // FIXME: According to libgcj, checkConnect() is supposed to be called
    // before performing this operation.  Problems: 1) We don't have the
    // addr until after we do it, so we do a post check.  2). The docs I
    // see don't require this in the Socket case, only DatagramSocket, but
    // we'll assume they mean both.
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) sm.checkConnect(addr.getHostName(), getLocalPort());

    return addr;
  }
Beispiel #22
0
  /** Utility routine for setting the context class loader. Returns previous class loader. */
  public static ClassLoader setContextClassLoader(ClassLoader newClassLoader) {

    // Can only reference final local variables from dopriveleged block
    final ClassLoader classLoaderToSet = newClassLoader;

    final Thread currentThread = Thread.currentThread();
    ClassLoader originalClassLoader = currentThread.getContextClassLoader();

    if (classLoaderToSet != originalClassLoader) {
      if (System.getSecurityManager() == null) {
        currentThread.setContextClassLoader(classLoaderToSet);
      } else {
        java.security.AccessController.doPrivileged(
            new java.security.PrivilegedAction() {
              public java.lang.Object run() {
                currentThread.setContextClassLoader(classLoaderToSet);
                return null;
              }
            });
      }
    }
    return originalClassLoader;
  }
  /**
   * loads a class from a file or a parent classloader.
   *
   * @param name of the class to be loaded
   * @param lookupScriptFiles if false no lookup at files is done at all
   * @param preferClassOverScript if true the file lookup is only done if there is no class
   * @param resolve see {@link java.lang.ClassLoader#loadClass(java.lang.String, boolean)}
   * @return the class found or the class created from a file lookup
   * @throws ClassNotFoundException if the class could not be found
   * @throws CompilationFailedException if the source file could not be compiled
   */
  public Class loadClass(
      final String name, boolean lookupScriptFiles, boolean preferClassOverScript, boolean resolve)
      throws ClassNotFoundException, CompilationFailedException {
    // look into cache
    Class cls = getClassCacheEntry(name);

    // enable recompilation?
    boolean recompile = isRecompilable(cls);
    if (!recompile) return cls;

    // try parent loader
    ClassNotFoundException last = null;
    try {
      Class parentClassLoaderClass = super.loadClass(name, resolve);
      // always return if the parent loader was successful
      if (cls != parentClassLoaderClass) return parentClassLoaderClass;
    } catch (ClassNotFoundException cnfe) {
      last = cnfe;
    } catch (NoClassDefFoundError ncdfe) {
      if (ncdfe.getMessage().indexOf("wrong name") > 0) {
        last = new ClassNotFoundException(name);
      } else {
        throw ncdfe;
      }
    }

    // check security manager
    SecurityManager sm = System.getSecurityManager();
    if (sm != null) {
      String className = name.replace('/', '.');
      int i = className.lastIndexOf('.');
      // no checks on the sun.reflect classes for reflection speed-up
      // in particular ConstructorAccessorImpl, MethodAccessorImpl, FieldAccessorImpl and
      // SerializationConstructorAccessorImpl
      // which are generated at runtime by the JDK
      if (i != -1 && !className.startsWith("sun.reflect.")) {
        sm.checkPackageAccess(className.substring(0, i));
      }
    }

    // prefer class if no recompilation
    if (cls != null && preferClassOverScript) return cls;

    // at this point the loading from a parent loader failed
    // and we want to recompile if needed.
    if (lookupScriptFiles) {
      // try groovy file
      try {
        // check if recompilation already happened.
        final Class classCacheEntry = getClassCacheEntry(name);
        if (classCacheEntry != cls) return classCacheEntry;
        URL source = resourceLoader.loadGroovySource(name);
        // if recompilation fails, we want cls==null
        Class oldClass = cls;
        cls = null;
        cls = recompile(source, name, oldClass);
      } catch (IOException ioe) {
        last = new ClassNotFoundException("IOException while opening groovy source: " + name, ioe);
      } finally {
        if (cls == null) {
          removeClassCacheEntry(name);
        } else {
          setClassCacheEntry(cls);
        }
      }
    }

    if (cls == null) {
      // no class found, there should have been an exception before now
      if (last == null) throw new AssertionError(true);
      throw last;
    }
    return cls;
  }
Beispiel #24
0
  public static void main(String args[]) {

    sameGroup = true;

    RMID rmid = null;

    System.err.println("\nRegression test for bug/rfe 4179055\n");

    try {
      TestLibrary.suggestSecurityManager("java.lang.SecurityManager");

      registry = java.rmi.registry.LocateRegistry.createRegistry(TestLibrary.REGISTRY_PORT);

      // must run with java.lang.SecurityManager or the test
      // result will be nullified if running with a build where
      // 4180392 has not been fixed.
      String smClassName = System.getSecurityManager().getClass().getName();
      if (!smClassName.equals("java.lang.SecurityManager")) {
        TestLibrary.bomb("Test must run with java.lang.SecurityManager");
      }

      // start an rmid.
      RMID.removeLog();
      rmid = RMID.createRMID();
      rmid.start();

      // rmid.addOptions(new String[] {"-C-Djava.rmi.server.logCalls=true"});

      // Ensure that activation groups run with the correct
      // security manager.
      //
      Properties p = new Properties();
      p.put("java.security.policy", TestParams.defaultGroupPolicy);
      p.put("java.security.manager", "java.lang.SecurityManager");

      // This action causes the following classes to be created
      // in this VM (RMI must permit the creation of these classes):
      //
      // sun.rmi.server.Activation$ActivationSystemImpl_Stub
      // sun.rmi.server.Activation$ActivationMonitorImpl_Stub
      //
      System.err.println("Create activation group, in a new VM");
      ActivationGroupDesc groupDesc = new ActivationGroupDesc(p, null);
      ActivationSystem system = ActivationGroup.getSystem();
      ActivationGroupID groupID = system.registerGroup(groupDesc);

      System.err.println("register activatable");
      // Fix for: 4271615: make sure activation group runs in a new VM
      ActivationDesc desc = new ActivationDesc(groupID, "StubClassesPermitted", null, null);
      canCreateStubs = (CanCreateStubs) Activatable.register(desc);

      // ensure registry stub can be passed in a remote call
      System.err.println("getting the registry");
      registry = canCreateStubs.getRegistry();

      // make sure a client cant load just any sun.* class, just
      // as a sanity check, try to create a class we are not
      // allowed to access but which was passed in a remote call
      try {
        System.err.println("accessing forbidden class");
        Object secureRandom = canCreateStubs.getForbiddenClass();

        TestLibrary.bomb(
            "test allowed to access forbidden class," + " sun.security.provider.SecureRandom");
      } catch (java.security.AccessControlException e) {

        // Make sure we received a *local* AccessControlException
        ByteArrayOutputStream bout = new ByteArrayOutputStream();
        PrintStream ps = new PrintStream(bout);
        e.printStackTrace(ps);
        ps.flush();
        String trace = new String(bout.toByteArray());
        if ((trace.indexOf("exceptionReceivedFromServer") >= 0) || trace.equals("")) {
          throw e;
        }
        System.err.println("received expected local access control exception");
      }

      // make sure that an ActivationGroupID can be passed in a
      // remote call; this is slightly more inclusive than
      // just passing a reference to the activation system
      System.err.println("returning group desc");
      canCreateStubs.returnGroupID();

      // Clean up object
      System.err.println("Deactivate object via method call");
      canCreateStubs.shutdown();

      System.err.println("\nsuccess: StubClassesPermitted test passed ");

    } catch (Exception e) {
      TestLibrary.bomb("\nfailure: unexpected exception ", e);
    } finally {
      try {
        Thread.sleep(4000);
      } catch (InterruptedException e) {
      }

      canCreateStubs = null;
      ActivationLibrary.rmidCleanup(rmid);
      System.err.println("rmid shut down");
    }
  }
 void checkPermission() {
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) sm.checkPermission(controlPermission);
 }
 private static void check(String directive) {
   SecurityManager security = System.getSecurityManager();
   if (security != null) {
     security.checkSecurityAccess(directive);
   }
 }
Beispiel #27
0
 private static void checkAllPermission() {
   SecurityManager sm = System.getSecurityManager();
   if (sm != null) sm.checkPermission(new AllPermission());
 }