static {
// doPrivileged here because there are multiple
// things in initialize that might require privs.
// (the FileInputStream call and the File.exists call,
// the securityPropFile call, etc)
AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
initialize();
return null;
}
});
}
static {
try {
AccessController.doPrivileged(
new PrivilegedExceptionAction<Object>() {
public Object run() throws Exception {
setupJurisdictionPolicies();
return null;
}
});
isRestricted = defaultPolicy.implies(CryptoAllPermission.INSTANCE) ? false : true;
} catch (Exception e) {
throw new SecurityException("Can not initialize cryptographic mechanism", e);
}
}
/*
* Implementation detail: If the property we just set in
* setProperty() was either "package.access" or
* "package.definition", we need to signal to the SecurityManager
* class that the value has just changed, and that it should
* invalidate it's local cache values.
*
* Rather than create a new API entry for this function,
* we use reflection to set a private variable.
*/
private static void invalidateSMCache(String key) {
final boolean pa = key.equals("package.access");
final boolean pd = key.equals("package.definition");
if (pa || pd) {
AccessController.doPrivileged(
new PrivilegedAction() {
public Object run() {
try {
/* Get the class via the bootstrap class loader. */
Class cl = Class.forName("java.lang.SecurityManager", false, null);
Field f = null;
boolean accessible = false;
if (pa) {
f = cl.getDeclaredField("packageAccessValid");
accessible = f.isAccessible();
f.setAccessible(true);
} else {
f = cl.getDeclaredField("packageDefinitionValid");
accessible = f.isAccessible();
f.setAccessible(true);
}
f.setBoolean(f, false);
f.setAccessible(accessible);
} catch (Exception e1) {
/* If we couldn't get the class, it hasn't
* been loaded yet. If there is no such
* field, we shouldn't try to set it. There
* shouldn't be a security execption, as we
* are loaded by boot class loader, and we
* are inside a doPrivileged() here.
*
* NOOP: don't do anything...
*/
}
return null;
} /* run */
}); /* PrivilegedAction */
} /* if */
}
/*
* Retuns the CodeBase for the given class.
*/
static URL getCodeBase(final Class<?> clazz) {
URL url = codeBaseCacheRef.get(clazz);
if (url == null) {
url =
AccessController.doPrivileged(
new PrivilegedAction<URL>() {
public URL run() {
ProtectionDomain pd = clazz.getProtectionDomain();
if (pd != null) {
CodeSource cs = pd.getCodeSource();
if (cs != null) {
return cs.getLocation();
}
}
return NULL_URL;
}
});
codeBaseCacheRef.put(clazz, url);
}
return (url == NULL_URL) ? null : url;
}
