private static void permissionCheck() { SecurityManager sec = System.getSecurityManager(); if (sec != null) { sec.checkPermission(new RuntimePermission("useKeychainStore")); } }
private static synchronized void setSecurityManager0(final SecurityManager s) { SecurityManager sm = getSecurityManager(); if (sm != null) { // ask the currently installed security manager if we // can replace it. sm.checkPermission(new RuntimePermission("setSecurityManager")); } if ((s != null) && (s.getClass().getClassLoader() != null)) { // New security manager class is not on bootstrap classpath. // Cause policy to get initialized before we install the new // security manager, in order to prevent infinite loops when // trying to initialize the policy (which usually involves // accessing some security and/or system properties, which in turn // calls the installed security manager's checkPermission method // which will loop infinitely if there is a non-system class // (in this case: the new security manager class) on the stack). AccessController.doPrivileged( new PrivilegedAction<Object>() { public Object run() { s.getClass().getProtectionDomain().implies(SecurityConstants.ALL_PERMISSION); return null; } }); } security = s; }
/** * Check that the current context is trusted to modify the logging * configuration. This requires LoggingPermission("control"). * <p> * If the check fails we throw a SecurityException, otherwise * we return normally. * * @exception SecurityException if a security manager exists and if * the caller does not have LoggingPermission("control"). */ public void checkAccess() throws SecurityException { SecurityManager sm = System.getSecurityManager(); if (sm == null) { return; } sm.checkPermission(ourPermission); }
/** * Sets the default locale for this instance of the Java Virtual Machine. This does not affect the * host locale. * * <p>If there is a security manager, its <code>checkPermission</code> method is called with a * <code>PropertyPermission("user.language", "write")</code> permission before the default locale * is changed. * * <p>The Java Virtual Machine sets the default locale during startup based on the host * environment. It is used by many locale-sensitive methods if no locale is explicitly specified. * * <p>Since changing the default locale may affect many different areas of functionality, this * method should only be used if the caller is prepared to reinitialize locale-sensitive code * running within the same Java Virtual Machine, such as the user interface. * * @throws SecurityException if a security manager exists and its <code>checkPermission</code> * method doesn't allow the operation. * @throws NullPointerException if <code>newLocale</code> is null * @param newLocale the new default locale * @see SecurityManager#checkPermission * @see java.util.PropertyPermission */ public static synchronized void setDefault(Locale newLocale) { if (newLocale == null) throw new NullPointerException("Can't set default locale to NULL"); SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(new PropertyPermission("user.language", "write")); defaultLocale = newLocale; }
@Override public boolean hasPermission(Object permission) { Generation current = (Generation) module.getCurrentRevision().getRevisionInfo(); ProtectionDomain domain = current.getDomain(); if (domain != null) { if (permission instanceof Permission) { SecurityManager sm = System.getSecurityManager(); if (sm instanceof EquinoxSecurityManager) { /* * If the FrameworkSecurityManager is active, we need to do checks the "right" way. * We can exploit our knowledge that the security context of FrameworkSecurityManager * is an AccessControlContext to invoke it properly with the ProtectionDomain. */ AccessControlContext acc = new AccessControlContext(new ProtectionDomain[] {domain}); try { sm.checkPermission((Permission) permission, acc); return true; } catch (Exception e) { return false; } } return domain.implies((Permission) permission); } return false; } return true; }
/** Check for permission to get a service. */ private <A> void checkAdaptPermission(Class<A> adapterType) { SecurityManager sm = System.getSecurityManager(); if (sm == null) { return; } sm.checkPermission(new AdaptPermission(adapterType.getName(), this, AdaptPermission.ADAPT)); }
private JarFile getCachedJarFile(URL url) { JarFile result = (JarFile) fileCache.get(url); /* if the JAR file is cached, the permission will always be there */ if (result != null) { Permission perm = getPermission(result); if (perm != null) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { try { sm.checkPermission(perm); } catch (SecurityException se) { // fallback to checkRead/checkConnect for pre 1.2 // security managers if ((perm instanceof java.io.FilePermission) && perm.getActions().indexOf("read") != -1) { sm.checkRead(perm.getName()); } else if ((perm instanceof java.net.SocketPermission) && perm.getActions().indexOf("connect") != -1) { sm.checkConnect(url.getHost(), url.getPort()); } else { throw se; } } } } } return result; }
/** * Returns an unmodifiable string map view of the current system environment. The environment is a * system-dependent mapping from names to values which is passed from parent to child processes. * * <p>If the system does not support environment variables, an empty map is returned. * * <p>The returned map will never contain null keys or values. Attempting to query the presence of * a null key or value will throw a {@link NullPointerException}. Attempting to query the presence * of a key or value which is not of type {@link String} will throw a {@link ClassCastException}. * * <p>The returned map and its collection views may not obey the general contract of the {@link * Object#equals} and {@link Object#hashCode} methods. * * <p>The returned map is typically case-sensitive on all platforms. * * <p>If a security manager exists, its {@link SecurityManager#checkPermission checkPermission} * method is called with a <code>{@link RuntimePermission}("getenv.*")</code> permission. This may * result in a {@link SecurityException} being thrown. * * <p>When passing information to a Java subprocess, <a href=#EnvironmentVSSystemProperties>system * properties</a> are generally preferred over environment variables. * * @return the environment as a map of variable names to values * @throws SecurityException if a security manager exists and its {@link * SecurityManager#checkPermission checkPermission} method doesn't allow access to the process * environment * @see #getenv(String) * @see ProcessBuilder#environment() * @since 1.5 */ public static java.util.Map<String, String> getenv() { SecurityManager sm = getSecurityManager(); if (sm != null) { sm.checkPermission(new RuntimePermission("getenv.*")); } return ProcessEnvironment.getenv(); }
/** * Gets the value of the specified environment variable. An environment variable is a * system-dependent external named value. * * <p>If a security manager exists, its {@link SecurityManager#checkPermission checkPermission} * method is called with a <code>{@link RuntimePermission}("getenv."+name)</code> permission. This * may result in a {@link SecurityException} being thrown. If no exception is thrown the value of * the variable <code>name</code> is returned. * * <p><a name="EnvironmentVSSystemProperties"><i>System properties</i> and <i>environment * variables</i></a> are both conceptually mappings between names and values. Both mechanisms can * be used to pass user-defined information to a Java process. Environment variables have a more * global effect, because they are visible to all descendants of the process which defines them, * not just the immediate Java subprocess. They can have subtly different semantics, such as case * insensitivity, on different operating systems. For these reasons, environment variables are * more likely to have unintended side effects. It is best to use system properties where * possible. Environment variables should be used when a global effect is desired, or when an * external system interface requires an environment variable (such as <code>PATH</code>). * * <p>On UNIX systems the alphabetic case of <code>name</code> is typically significant, while on * Microsoft Windows systems it is typically not. For example, the expression <code> * System.getenv("FOO").equals(System.getenv("foo"))</code> is likely to be true on Microsoft * Windows. * * @param name the name of the environment variable * @return the string value of the variable, or <code>null</code> if the variable is not defined * in the system environment * @throws NullPointerException if <code>name</code> is <code>null</code> * @throws SecurityException if a security manager exists and its {@link * SecurityManager#checkPermission checkPermission} method doesn't allow access to the * environment variable <code>name</code> * @see #getenv() * @see ProcessBuilder#environment() */ public static String getenv(String name) { SecurityManager sm = getSecurityManager(); if (sm != null) { sm.checkPermission(new RuntimePermission("getenv." + name)); } return ProcessEnvironment.getenv(name); }
/** * Removes the system property indicated by the specified key. * * <p>First, if a security manager exists, its <code>SecurityManager.checkPermission</code> method * is called with a <code>PropertyPermission(key, "write")</code> permission. This may result in a * SecurityException being thrown. If no exception is thrown, the specified property is removed. * * <p> * * @param key the name of the system property to be removed. * @return the previous string value of the system property, or <code>null</code> if there was no * property with that key. * @exception SecurityException if a security manager exists and its <code>checkPropertyAccess * </code> method doesn't allow access to the specified system property. * @exception NullPointerException if <code>key</code> is <code>null</code>. * @exception IllegalArgumentException if <code>key</code> is empty. * @see #getProperty * @see #setProperty * @see java.util.Properties * @see java.lang.SecurityException * @see java.lang.SecurityManager#checkPropertiesAccess() * @since 1.5 */ public static String clearProperty(String key) { checkKey(key); SecurityManager sm = getSecurityManager(); if (sm != null) { sm.checkPermission(new PropertyPermission(key, "write")); } return (String) props.remove(key); }
/** * Sets the system property indicated by the specified key. * * <p>First, if a security manager exists, its <code>SecurityManager.checkPermission</code> method * is called with a <code>PropertyPermission(key, "write")</code> permission. This may result in a * SecurityException being thrown. If no exception is thrown, the specified property is set to the * given value. * * <p> * * @param key the name of the system property. * @param value the value of the system property. * @return the previous value of the system property, or <code>null</code> if it did not have one. * @exception SecurityException if a security manager exists and its <code>checkPermission</code> * method doesn't allow setting of the specified property. * @exception NullPointerException if <code>key</code> or <code>value</code> is <code>null</code>. * @exception IllegalArgumentException if <code>key</code> is empty. * @see #getProperty * @see java.lang.System#getProperty(java.lang.String) * @see java.lang.System#getProperty(java.lang.String, java.lang.String) * @see java.util.PropertyPermission * @see SecurityManager#checkPermission * @since 1.2 */ public static String setProperty(String key, String value) { checkKey(key); SecurityManager sm = getSecurityManager(); if (sm != null) { sm.checkPermission(new PropertyPermission(key, SecurityConstants.PROPERTY_WRITE_ACTION)); } return (String) props.setProperty(key, value); }
/** * Gets a security property value. * * <p>First, if there is a security manager, its <code>checkPermission</code> method is called * with a <code>java.security.SecurityPermission("getProperty."+key)</code> permission to see if * it's ok to retrieve the specified security property value.. * * @param key the key of the property being retrieved. * @return the value of the security property corresponding to key. * @throws SecurityException if a security manager exists and its <code>{@link * java.lang.SecurityManager#checkPermission}</code> method denies access to retrieve the * specified security property value * @throws NullPointerException is key is null * @see #setProperty * @see java.security.SecurityPermission */ public static String getProperty(String key) { SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(new SecurityPermission("getProperty." + key)); } String name = props.getProperty(key); if (name != null) name = name.trim(); // could be a class name with trailing ws return name; }
/** * Constructor. The properties specifies how the connector should be configured. The properties to * include are; * * <p>'network_password' -> (String) the network password 'output_net_interface' -> * (NetworkInterface) the output network interface to use for IPv6 scope. */ TCPNetworkConnector(TCPConnectorValues properties) { // Security check, SecurityManager security = System.getSecurityManager(); if (security != null) security.checkPermission(MckoiNetworkPermission.CREATE_TCP_CONNECTOR); connection_pool = new HashMap<>(); this.password = properties.getNetworkPassword(); this.network_interface = properties.getOutputNetworkInterface(); // This thread kills connections that have timed out. background_thread = new ConnectionDestroyThread(log, connection_pool); background_thread.setDaemon(true); background_thread.start(); }
public void checkPermission(Permission p) { // liveconnect SocketPermission resolve takes // FOREVER (like 6 seconds) in Safari // Java does like 50 of these on the first JS call // 6*50=300 seconds! // Opera freaks out though if we deny resolve if (isActive && !isOpera && java.net.SocketPermission.class.isInstance(p) && p.getActions().matches(".*resolve.*")) { throw new SecurityException( "DOH: liveconnect resolve locks up Safari. Denying resolve request."); } else { oldsecurity.checkPermission(p); } }
private static void checkIO() { SecurityManager sm = getSecurityManager(); if (sm != null) { sm.checkPermission(new RuntimePermission("setIO")); } }
void checkPermission() { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(controlPermission); }
private static void checkAllPermission() { SecurityManager sm = System.getSecurityManager(); if (sm != null) sm.checkPermission(new AllPermission()); }