GNU Classpath (0.18) | ||
Frames | No Frames |
1: /* RuntimePermission.java -- permission for a secure runtime action 2: Copyright (C) 1998, 2000, 2002, 2005 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: 39: package java.lang; 40: 41: import java.security.BasicPermission; 42: 43: /** 44: * A <code>RuntimePermission</code> contains a permission name, but no 45: * actions list. This means you either have the permission or you don't. 46: * 47: * Permission names have the follow the hierarchial property naming 48: * convention. In addition, an asterisk may appear at the end of a 49: * name if following a period or by itself. 50: * 51: * <table border=1> 52: * <tr><th>Valid names</th><th>Invalid names</th></tr> 53: * <tr><td>"accessClassInPackage.*","*"</td> 54: * <td>"**", "*x", "*.a"</td></tr> 55: * </table> 56: * <br> 57: * 58: * The following table provides a list of all the possible RuntimePermission 59: * permission names with a description of what that permission allows.<br> 60: * <table border=1> 61: * <tr><th>Permission Name</th><th>Permission Allows</th><th>Risks</th</tr> 62: * <tr> 63: * <td><code>createClassLoader</code></td> 64: * <td>creation of a class loader</td> 65: * <td>a class loader can load rogue classes which bypass all security 66: * permissions</td></tr> 67: * <tr> 68: * <td><code>getClassLoader</code></td> 69: * <td>retrieval of the class loader for the calling class</td> 70: * <td>rogue code could load classes not otherwise available</td></tr> 71: * <tr> 72: * <td><code>setContextClassLoader</code></td> 73: * <td>allows the setting of the context class loader used by a thread</td> 74: * <td>rogue code could change the context class loader needed by system 75: * threads</td></tr> 76: * <tr> 77: * <td><code>setSecurityManager</code></td> 78: * <td>allows the application to replace the security manager</td> 79: * <td>the new manager may be less restrictive, so that rogue code can 80: * bypass existing security checks</td></tr> 81: * <tr> 82: * <td><code>createSecurityManager</code></td> 83: * <td>allows the application to create a new security manager</td> 84: * <td>rogue code can use the new security manager to discover information 85: * about the execution stack</td></tr> 86: * <tr> 87: * <td><code>exitVM</code></td> 88: * <td>allows the application to halt the virtual machine</td> 89: * <td>rogue code can mount a denial-of-service attack by killing the 90: * virtual machine</td></tr> 91: * <tr> 92: * <td><code>shutdownHooks</code></td> 93: * <td>allows registration and modification of shutdown hooks</td> 94: * <td>rogue code can add a hook that interferes with clean 95: * virtual machine shutdown</td></tr> 96: * <tr> 97: * <td><code>setFactory</code></td> 98: * <td>allows the application to set the socket factory for socket, 99: * server socket, stream handler, or RMI socket factory.</td> 100: * <td>rogue code can create a rogue network object which mangles or 101: * intercepts data</td></tr> 102: * <tr> 103: * <td><code>setIO</code></td> 104: * <td>allows the application to set System.out, System.in, and 105: * System.err</td> 106: * <td>rogue code could sniff user input and intercept or mangle 107: * output</td></tr> 108: * <tr> 109: * <td><code>modifyThread</code></td> 110: * <td>allows the application to modify any thread in the virtual machine 111: * using any of the methods <code>stop</code>, <code>resume</code>, 112: * <code>suspend</code>, <code>setPriority</code>, and 113: * <code>setName</code> of classs <code>Thread</code></td> 114: * <td>rogue code could adversely modify system or user threads</td></tr> 115: * <tr> 116: * <td><code>stopThread</code></td> 117: * <td>allows the application to <code>stop</code> any thread it has 118: * access to in the system</td> 119: * <td>rogue code can stop arbitrary threads</td></tr> 120: * <tr> 121: * <td><code>modifyThreadGroup</code></td> 122: * <td>allows the application to modify thread groups using any of the 123: * methods <code>destroy</code>, <code>resume</code>, 124: * <code>setDaemon</code>, <code>setMaxPriority</code>, 125: * <code>stop</code>, and <code>suspend</code> of the class 126: * <code>ThreadGroup</code></td> 127: * <td>rogue code can mount a denial-of-service attack by changing run 128: * priorities</td></tr> 129: * <tr> 130: * <td><code>getProtectionDomain</code></td> 131: * <td>retrieve a class's ProtectionDomain</td> 132: * <td>rogue code can gain information about the security policy, to 133: * prepare a better attack</td></tr> 134: * <tr> 135: * <td><code>readFileDescriptor</code></td> 136: * <td>read a file descriptor</td> 137: * <td>rogue code can read sensitive information</td></tr> 138: * <tr> 139: * <td><code>writeFileDescriptor</code></td> 140: * <td>write a file descriptor</td> 141: * <td>rogue code can write files, including viruses, and can modify the 142: * virtual machine binary; if not just fill up the disk</td></tr> 143: * <tr> 144: * <td><code>loadLibrary.</code><em>library name</em></td> 145: * <td>dynamic linking of the named library</td> 146: * <td>native code can bypass many security checks of pure Java</td></tr> 147: * <tr> 148: * <td><code>accessClassInPackage.</code><em>package name</em></td> 149: * <td>access to a package via a ClassLoader</td> 150: * <td>rogue code can access classes not normally available</td></tr> 151: * <tr> 152: * <td><code>defineClassInPackage.</code><em>package name</em></td> 153: * <td>define a class inside a given package</td> 154: * <td>rogue code can install rogue classes, including in trusted packages 155: * like java.security or java.lang</td></tr> 156: * <tr> 157: * <td><code>accessDeclaredMembers</code></td> 158: * <td>access declared class members via reflection</td> 159: * <td>rogue code can discover information, invoke methods, or modify fields 160: * that are not otherwise available</td></tr> 161: * <tr> 162: * <td><code>queuePrintJob</code></td> 163: * <td>initiate a print job</td> 164: * <td>rogue code could make a hard copy of sensitive information, or 165: * simply waste paper</td></tr> 166: * </table> 167: * 168: * @author Brian Jones 169: * @author Eric Blake (ebb9@email.byu.edu) 170: * @see BasicPermission 171: * @see Permission 172: * @see SecurityManager 173: * @since 1.2 174: * @status updated to 1.4 175: */ 176: public final class RuntimePermission extends BasicPermission 177: { 178: /** 179: * Compatible with JDK 1.2+. 180: */ 181: private static final long serialVersionUID = 7399184964622342223L; 182: 183: /** 184: * Create a new permission with the specified name. 185: * 186: * @param permissionName the name of the granted permission 187: * @throws NullPointerException if name is null 188: * @throws IllegalArgumentException thrown if name is empty or invalid 189: */ 190: public RuntimePermission(String permissionName) 191: { 192: super(permissionName); 193: } 194: 195: /** 196: * Create a new permission with the specified name. The actions argument 197: * is ignored, as runtime permissions have no actions. 198: * 199: * @param permissionName the name of the granted permission 200: * @param actions ignored 201: * @throws NullPointerException if name is null 202: * @throws IllegalArgumentException thrown if name is empty or invalid 203: */ 204: public RuntimePermission(String permissionName, String actions) 205: { 206: super(permissionName); 207: } 208: }
GNU Classpath (0.18) |