8186535: Remove deprecated pre-1.2 SecurityManager methods and fields
Reviewed-by: alanb, coleenp, hseigel, mchung
This commit is contained in:
parent
5102cb9120
commit
4da03ba907
@ -1,5 +1,5 @@
|
|||||||
#
|
#
|
||||||
# Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
|
# Copyright (c) 2016, 2017, Oracle and/or its affiliates. All rights reserved.
|
||||||
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
#
|
#
|
||||||
# This code is free software; you can redistribute it and/or modify it
|
# This code is free software; you can redistribute it and/or modify it
|
||||||
@ -25,8 +25,6 @@ JVM_ActiveProcessorCount
|
|||||||
JVM_ArrayCopy
|
JVM_ArrayCopy
|
||||||
JVM_AssertionStatusDirectives
|
JVM_AssertionStatusDirectives
|
||||||
JVM_CallStackWalk
|
JVM_CallStackWalk
|
||||||
JVM_ClassDepth
|
|
||||||
JVM_ClassLoaderDepth
|
|
||||||
JVM_Clone
|
JVM_Clone
|
||||||
JVM_ConstantPoolGetClassAt
|
JVM_ConstantPoolGetClassAt
|
||||||
JVM_ConstantPoolGetClassAtIfLoaded
|
JVM_ConstantPoolGetClassAtIfLoaded
|
||||||
@ -47,8 +45,6 @@ JVM_ConstantPoolGetStringAt
|
|||||||
JVM_ConstantPoolGetTagAt
|
JVM_ConstantPoolGetTagAt
|
||||||
JVM_ConstantPoolGetUTF8At
|
JVM_ConstantPoolGetUTF8At
|
||||||
JVM_CountStackFrames
|
JVM_CountStackFrames
|
||||||
JVM_CurrentClassLoader
|
|
||||||
JVM_CurrentLoadedClass
|
|
||||||
JVM_CurrentThread
|
JVM_CurrentThread
|
||||||
JVM_CurrentTimeMillis
|
JVM_CurrentTimeMillis
|
||||||
JVM_DefineClass
|
JVM_DefineClass
|
||||||
|
@ -205,10 +205,6 @@ SUNWprivate_1.1 {
|
|||||||
Java_java_lang_Runtime_runFinalization0;
|
Java_java_lang_Runtime_runFinalization0;
|
||||||
Java_java_lang_Runtime_totalMemory;
|
Java_java_lang_Runtime_totalMemory;
|
||||||
Java_java_lang_Runtime_availableProcessors;
|
Java_java_lang_Runtime_availableProcessors;
|
||||||
Java_java_lang_SecurityManager_classDepth;
|
|
||||||
Java_java_lang_SecurityManager_classLoaderDepth0;
|
|
||||||
Java_java_lang_SecurityManager_currentClassLoader0;
|
|
||||||
Java_java_lang_SecurityManager_currentLoadedClass0;
|
|
||||||
Java_java_lang_SecurityManager_getClassContext;
|
Java_java_lang_SecurityManager_getClassContext;
|
||||||
Java_java_lang_Shutdown_halt0;
|
Java_java_lang_Shutdown_halt0;
|
||||||
Java_java_lang_StackTraceElement_initStackTraceElement;
|
Java_java_lang_StackTraceElement_initStackTraceElement;
|
||||||
|
@ -3137,64 +3137,6 @@ JVM_END
|
|||||||
|
|
||||||
// java.lang.SecurityManager ///////////////////////////////////////////////////////////////////////
|
// java.lang.SecurityManager ///////////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
static bool is_trusted_frame(JavaThread* jthread, vframeStream* vfst) {
|
|
||||||
assert(jthread->is_Java_thread(), "must be a Java thread");
|
|
||||||
if (jthread->privileged_stack_top() == NULL) return false;
|
|
||||||
if (jthread->privileged_stack_top()->frame_id() == vfst->frame_id()) {
|
|
||||||
oop loader = jthread->privileged_stack_top()->class_loader();
|
|
||||||
if (loader == NULL) return true;
|
|
||||||
bool trusted = java_lang_ClassLoader::is_trusted_loader(loader);
|
|
||||||
if (trusted) return true;
|
|
||||||
}
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
JVM_ENTRY(jclass, JVM_CurrentLoadedClass(JNIEnv *env))
|
|
||||||
JVMWrapper("JVM_CurrentLoadedClass");
|
|
||||||
ResourceMark rm(THREAD);
|
|
||||||
|
|
||||||
for (vframeStream vfst(thread); !vfst.at_end(); vfst.next()) {
|
|
||||||
// if a method in a class in a trusted loader is in a doPrivileged, return NULL
|
|
||||||
bool trusted = is_trusted_frame(thread, &vfst);
|
|
||||||
if (trusted) return NULL;
|
|
||||||
|
|
||||||
Method* m = vfst.method();
|
|
||||||
if (!m->is_native()) {
|
|
||||||
InstanceKlass* holder = m->method_holder();
|
|
||||||
oop loader = holder->class_loader();
|
|
||||||
if (loader != NULL && !java_lang_ClassLoader::is_trusted_loader(loader)) {
|
|
||||||
return (jclass) JNIHandles::make_local(env, holder->java_mirror());
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return NULL;
|
|
||||||
JVM_END
|
|
||||||
|
|
||||||
|
|
||||||
JVM_ENTRY(jobject, JVM_CurrentClassLoader(JNIEnv *env))
|
|
||||||
JVMWrapper("JVM_CurrentClassLoader");
|
|
||||||
ResourceMark rm(THREAD);
|
|
||||||
|
|
||||||
for (vframeStream vfst(thread); !vfst.at_end(); vfst.next()) {
|
|
||||||
|
|
||||||
// if a method in a class in a trusted loader is in a doPrivileged, return NULL
|
|
||||||
bool trusted = is_trusted_frame(thread, &vfst);
|
|
||||||
if (trusted) return NULL;
|
|
||||||
|
|
||||||
Method* m = vfst.method();
|
|
||||||
if (!m->is_native()) {
|
|
||||||
InstanceKlass* holder = m->method_holder();
|
|
||||||
assert(holder->is_klass(), "just checking");
|
|
||||||
oop loader = holder->class_loader();
|
|
||||||
if (loader != NULL && !java_lang_ClassLoader::is_trusted_loader(loader)) {
|
|
||||||
return JNIHandles::make_local(env, loader);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return NULL;
|
|
||||||
JVM_END
|
|
||||||
|
|
||||||
|
|
||||||
JVM_ENTRY(jobjectArray, JVM_GetClassContext(JNIEnv *env))
|
JVM_ENTRY(jobjectArray, JVM_GetClassContext(JNIEnv *env))
|
||||||
JVMWrapper("JVM_GetClassContext");
|
JVMWrapper("JVM_GetClassContext");
|
||||||
ResourceMark rm(THREAD);
|
ResourceMark rm(THREAD);
|
||||||
@ -3234,58 +3176,6 @@ JVM_ENTRY(jobjectArray, JVM_GetClassContext(JNIEnv *env))
|
|||||||
JVM_END
|
JVM_END
|
||||||
|
|
||||||
|
|
||||||
JVM_ENTRY(jint, JVM_ClassDepth(JNIEnv *env, jstring name))
|
|
||||||
JVMWrapper("JVM_ClassDepth");
|
|
||||||
ResourceMark rm(THREAD);
|
|
||||||
Handle h_name (THREAD, JNIHandles::resolve_non_null(name));
|
|
||||||
Handle class_name_str = java_lang_String::internalize_classname(h_name, CHECK_0);
|
|
||||||
|
|
||||||
const char* str = java_lang_String::as_utf8_string(class_name_str());
|
|
||||||
TempNewSymbol class_name_sym = SymbolTable::probe(str, (int)strlen(str));
|
|
||||||
if (class_name_sym == NULL) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int depth = 0;
|
|
||||||
|
|
||||||
for(vframeStream vfst(thread); !vfst.at_end(); vfst.next()) {
|
|
||||||
if (!vfst.method()->is_native()) {
|
|
||||||
InstanceKlass* holder = vfst.method()->method_holder();
|
|
||||||
assert(holder->is_klass(), "just checking");
|
|
||||||
if (holder->name() == class_name_sym) {
|
|
||||||
return depth;
|
|
||||||
}
|
|
||||||
depth++;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return -1;
|
|
||||||
JVM_END
|
|
||||||
|
|
||||||
|
|
||||||
JVM_ENTRY(jint, JVM_ClassLoaderDepth(JNIEnv *env))
|
|
||||||
JVMWrapper("JVM_ClassLoaderDepth");
|
|
||||||
ResourceMark rm(THREAD);
|
|
||||||
int depth = 0;
|
|
||||||
for (vframeStream vfst(thread); !vfst.at_end(); vfst.next()) {
|
|
||||||
// if a method in a class in a trusted loader is in a doPrivileged, return -1
|
|
||||||
bool trusted = is_trusted_frame(thread, &vfst);
|
|
||||||
if (trusted) return -1;
|
|
||||||
|
|
||||||
Method* m = vfst.method();
|
|
||||||
if (!m->is_native()) {
|
|
||||||
InstanceKlass* holder = m->method_holder();
|
|
||||||
assert(holder->is_klass(), "just checking");
|
|
||||||
oop loader = holder->class_loader();
|
|
||||||
if (loader != NULL && !java_lang_ClassLoader::is_trusted_loader(loader)) {
|
|
||||||
return depth;
|
|
||||||
}
|
|
||||||
depth++;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return -1;
|
|
||||||
JVM_END
|
|
||||||
|
|
||||||
|
|
||||||
// java.lang.Package ////////////////////////////////////////////////////////////////
|
// java.lang.Package ////////////////////////////////////////////////////////////////
|
||||||
|
|
||||||
|
|
||||||
|
@ -101,7 +101,7 @@ import sun.security.util.SecurityConstants;
|
|||||||
* <code>checkPermission</code> returns quietly. If denied, a
|
* <code>checkPermission</code> returns quietly. If denied, a
|
||||||
* <code>SecurityException</code> is thrown.
|
* <code>SecurityException</code> is thrown.
|
||||||
* <p>
|
* <p>
|
||||||
* As of Java 2 SDK v1.2, the default implementation of each of the other
|
* The default implementation of each of the other
|
||||||
* <code>check</code> methods in <code>SecurityManager</code> is to
|
* <code>check</code> methods in <code>SecurityManager</code> is to
|
||||||
* call the <code>SecurityManager checkPermission</code> method
|
* call the <code>SecurityManager checkPermission</code> method
|
||||||
* to determine if the calling thread has permission to perform the requested
|
* to determine if the calling thread has permission to perform the requested
|
||||||
@ -197,10 +197,10 @@ import sun.security.util.SecurityConstants;
|
|||||||
* See {@extLink security_guide_permissions
|
* See {@extLink security_guide_permissions
|
||||||
* Permissions in the Java Development Kit (JDK)}
|
* Permissions in the Java Development Kit (JDK)}
|
||||||
* for permission-related information.
|
* for permission-related information.
|
||||||
* This document includes, for example, a table listing the various SecurityManager
|
* This document includes a table listing the various SecurityManager
|
||||||
* <code>check</code> methods and the permission(s) the default
|
* <code>check</code> methods and the permission(s) the default
|
||||||
* implementation of each such method requires.
|
* implementation of each such method requires.
|
||||||
* It also contains a table of all the version 1.2 methods
|
* It also contains a table of the methods
|
||||||
* that require permissions, and for each such method tells
|
* that require permissions, and for each such method tells
|
||||||
* which permission it requires.
|
* which permission it requires.
|
||||||
*
|
*
|
||||||
@ -228,20 +228,7 @@ import sun.security.util.SecurityConstants;
|
|||||||
*
|
*
|
||||||
* @since 1.0
|
* @since 1.0
|
||||||
*/
|
*/
|
||||||
public
|
public class SecurityManager {
|
||||||
class SecurityManager {
|
|
||||||
|
|
||||||
/**
|
|
||||||
* This field is <code>true</code> if there is a security check in
|
|
||||||
* progress; <code>false</code> otherwise.
|
|
||||||
*
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This field is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected boolean inCheck;
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Have we been initialized. Effective against finalizer attacks.
|
* Have we been initialized. Effective against finalizer attacks.
|
||||||
@ -261,24 +248,6 @@ class SecurityManager {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Tests if there is a security check in progress.
|
|
||||||
*
|
|
||||||
* @return the value of the <code>inCheck</code> field. This field
|
|
||||||
* should contain <code>true</code> if a security check is
|
|
||||||
* in progress,
|
|
||||||
* <code>false</code> otherwise.
|
|
||||||
* @see java.lang.SecurityManager#inCheck
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
public boolean getInCheck() {
|
|
||||||
return inCheck;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Constructs a new <code>SecurityManager</code>.
|
* Constructs a new <code>SecurityManager</code>.
|
||||||
*
|
*
|
||||||
@ -321,198 +290,6 @@ class SecurityManager {
|
|||||||
*/
|
*/
|
||||||
protected native Class<?>[] getClassContext();
|
protected native Class<?>[] getClassContext();
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the class loader of the most recently executing method from
|
|
||||||
* a class defined using a non-system class loader. A non-system
|
|
||||||
* class loader is defined as being a class loader that is not equal to
|
|
||||||
* the system class loader (as returned
|
|
||||||
* by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
|
|
||||||
* <p>
|
|
||||||
* This method will return
|
|
||||||
* <code>null</code> in the following three cases:
|
|
||||||
* <ol>
|
|
||||||
* <li>All methods on the execution stack are from classes
|
|
||||||
* defined using the system class loader or one of its ancestors.
|
|
||||||
*
|
|
||||||
* <li>All methods on the execution stack up to the first
|
|
||||||
* "privileged" caller
|
|
||||||
* (see {@link java.security.AccessController#doPrivileged})
|
|
||||||
* are from classes
|
|
||||||
* defined using the system class loader or one of its ancestors.
|
|
||||||
*
|
|
||||||
* <li> A call to <code>checkPermission</code> with
|
|
||||||
* <code>java.security.AllPermission</code> does not
|
|
||||||
* result in a SecurityException.
|
|
||||||
*
|
|
||||||
* </ol>
|
|
||||||
*
|
|
||||||
* @return the class loader of the most recent occurrence on the stack
|
|
||||||
* of a method from a class defined using a non-system class
|
|
||||||
* loader.
|
|
||||||
*
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*
|
|
||||||
* @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
|
|
||||||
* @see #checkPermission(java.security.Permission) checkPermission
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected ClassLoader currentClassLoader() {
|
|
||||||
ClassLoader cl = currentClassLoader0();
|
|
||||||
if ((cl != null) && hasAllPermission())
|
|
||||||
cl = null;
|
|
||||||
return cl;
|
|
||||||
}
|
|
||||||
|
|
||||||
private native ClassLoader currentClassLoader0();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the class of the most recently executing method from
|
|
||||||
* a class defined using a non-system class loader. A non-system
|
|
||||||
* class loader is defined as being a class loader that is not equal to
|
|
||||||
* the system class loader (as returned
|
|
||||||
* by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
|
|
||||||
* <p>
|
|
||||||
* This method will return
|
|
||||||
* <code>null</code> in the following three cases:
|
|
||||||
* <ol>
|
|
||||||
* <li>All methods on the execution stack are from classes
|
|
||||||
* defined using the system class loader or one of its ancestors.
|
|
||||||
*
|
|
||||||
* <li>All methods on the execution stack up to the first
|
|
||||||
* "privileged" caller
|
|
||||||
* (see {@link java.security.AccessController#doPrivileged})
|
|
||||||
* are from classes
|
|
||||||
* defined using the system class loader or one of its ancestors.
|
|
||||||
*
|
|
||||||
* <li> A call to <code>checkPermission</code> with
|
|
||||||
* <code>java.security.AllPermission</code> does not
|
|
||||||
* result in a SecurityException.
|
|
||||||
*
|
|
||||||
* </ol>
|
|
||||||
*
|
|
||||||
* @return the class of the most recent occurrence on the stack
|
|
||||||
* of a method from a class defined using a non-system class
|
|
||||||
* loader.
|
|
||||||
*
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*
|
|
||||||
* @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
|
|
||||||
* @see #checkPermission(java.security.Permission) checkPermission
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected Class<?> currentLoadedClass() {
|
|
||||||
Class<?> c = currentLoadedClass0();
|
|
||||||
if ((c != null) && hasAllPermission())
|
|
||||||
c = null;
|
|
||||||
return c;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the stack depth of the specified class.
|
|
||||||
*
|
|
||||||
* @param name the fully qualified name of the class to search for.
|
|
||||||
* @return the depth on the stack frame of the first occurrence of a
|
|
||||||
* method from a class with the specified name;
|
|
||||||
* <code>-1</code> if such a frame cannot be found.
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected native int classDepth(String name);
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Returns the stack depth of the most recently executing method
|
|
||||||
* from a class defined using a non-system class loader. A non-system
|
|
||||||
* class loader is defined as being a class loader that is not equal to
|
|
||||||
* the system class loader (as returned
|
|
||||||
* by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
|
|
||||||
* <p>
|
|
||||||
* This method will return
|
|
||||||
* -1 in the following three cases:
|
|
||||||
* <ol>
|
|
||||||
* <li>All methods on the execution stack are from classes
|
|
||||||
* defined using the system class loader or one of its ancestors.
|
|
||||||
*
|
|
||||||
* <li>All methods on the execution stack up to the first
|
|
||||||
* "privileged" caller
|
|
||||||
* (see {@link java.security.AccessController#doPrivileged})
|
|
||||||
* are from classes
|
|
||||||
* defined using the system class loader or one of its ancestors.
|
|
||||||
*
|
|
||||||
* <li> A call to <code>checkPermission</code> with
|
|
||||||
* <code>java.security.AllPermission</code> does not
|
|
||||||
* result in a SecurityException.
|
|
||||||
*
|
|
||||||
* </ol>
|
|
||||||
*
|
|
||||||
* @return the depth on the stack frame of the most recent occurrence of
|
|
||||||
* a method from a class defined using a non-system class loader.
|
|
||||||
*
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*
|
|
||||||
* @see java.lang.ClassLoader#getSystemClassLoader() getSystemClassLoader
|
|
||||||
* @see #checkPermission(java.security.Permission) checkPermission
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected int classLoaderDepth() {
|
|
||||||
int depth = classLoaderDepth0();
|
|
||||||
if (depth != -1) {
|
|
||||||
if (hasAllPermission())
|
|
||||||
depth = -1;
|
|
||||||
else
|
|
||||||
depth--; // make sure we don't include ourself
|
|
||||||
}
|
|
||||||
return depth;
|
|
||||||
}
|
|
||||||
|
|
||||||
private native int classLoaderDepth0();
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Tests if a method from a class with the specified
|
|
||||||
* name is on the execution stack.
|
|
||||||
*
|
|
||||||
* @param name the fully qualified name of the class.
|
|
||||||
* @return <code>true</code> if a method from a class with the specified
|
|
||||||
* name is on the execution stack; <code>false</code> otherwise.
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected boolean inClass(String name) {
|
|
||||||
return classDepth(name) >= 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Basically, tests if a method from a class defined using a
|
|
||||||
* class loader is on the execution stack.
|
|
||||||
*
|
|
||||||
* @return <code>true</code> if a call to <code>currentClassLoader</code>
|
|
||||||
* has a non-null return value.
|
|
||||||
*
|
|
||||||
* @deprecated This type of security checking is not recommended.
|
|
||||||
* It is recommended that the <code>checkPermission</code>
|
|
||||||
* call be used instead. This method is subject to removal in a
|
|
||||||
* future version of Java SE.
|
|
||||||
* @see #currentClassLoader() currentClassLoader
|
|
||||||
*/
|
|
||||||
@Deprecated(since="1.2", forRemoval=true)
|
|
||||||
protected boolean inClassLoader() {
|
|
||||||
return currentClassLoader() != null;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Creates an object that encapsulates the current execution
|
* Creates an object that encapsulates the current execution
|
||||||
* environment. The result of this method is used, for example, by the
|
* environment. The result of this method is used, for example, by the
|
||||||
@ -1698,64 +1475,32 @@ class SecurityManager {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Throws a <code>SecurityException</code> if the
|
* Throws a {@code SecurityException} if the calling thread does
|
||||||
* calling thread is not allowed to access members.
|
* not have {@code AllPermission}.
|
||||||
* <p>
|
|
||||||
* The default policy is to allow access to PUBLIC members, as well
|
|
||||||
* as access to classes that have the same class loader as the caller.
|
|
||||||
* In all other cases, this method calls <code>checkPermission</code>
|
|
||||||
* with the <code>RuntimePermission("accessDeclaredMembers")
|
|
||||||
* </code> permission.
|
|
||||||
* <p>
|
|
||||||
* If this method is overridden, then a call to
|
|
||||||
* <code>super.checkMemberAccess</code> cannot be made,
|
|
||||||
* as the default implementation of <code>checkMemberAccess</code>
|
|
||||||
* relies on the code being checked being at a stack depth of
|
|
||||||
* 4.
|
|
||||||
*
|
*
|
||||||
* @param clazz the class that reflection is to be performed on.
|
* @param clazz the class that reflection is to be performed on.
|
||||||
*
|
|
||||||
* @param which type of access, PUBLIC or DECLARED.
|
* @param which type of access, PUBLIC or DECLARED.
|
||||||
*
|
* @throws SecurityException if the caller does not have
|
||||||
* @exception SecurityException if the caller does not have
|
* {@code AllPermission}
|
||||||
* permission to access members.
|
* @throws NullPointerException if the {@code clazz} argument is
|
||||||
* @exception NullPointerException if the <code>clazz</code> argument is
|
* {@code null}
|
||||||
* <code>null</code>.
|
* @deprecated This method was originally used to check if the calling
|
||||||
*
|
* thread was allowed to access members. It relied on the
|
||||||
* @deprecated This method relies on the caller being at a stack depth
|
* caller being at a stack depth of 4 which is error-prone and
|
||||||
* of 4 which is error-prone and cannot be enforced by the runtime.
|
* cannot be enforced by the runtime. The method has been
|
||||||
* Users of this method should instead invoke {@link #checkPermission}
|
* obsoleted and code should instead use
|
||||||
* directly.
|
* {@link #checkPermission} to check
|
||||||
* This method is subject to removal in a future version of Java SE.
|
* {@code RuntimePermission("accessDeclaredMembers")}. This
|
||||||
*
|
* method is subject to removal in a future version of Java SE.
|
||||||
* @see java.lang.reflect.Member
|
|
||||||
* @since 1.1
|
* @since 1.1
|
||||||
* @see #checkPermission(java.security.Permission) checkPermission
|
* @see #checkPermission(java.security.Permission) checkPermission
|
||||||
*/
|
*/
|
||||||
@Deprecated(since="1.8", forRemoval=true)
|
@Deprecated(since="1.8", forRemoval=true)
|
||||||
@CallerSensitive
|
|
||||||
public void checkMemberAccess(Class<?> clazz, int which) {
|
public void checkMemberAccess(Class<?> clazz, int which) {
|
||||||
if (clazz == null) {
|
if (clazz == null) {
|
||||||
throw new NullPointerException("class can't be null");
|
throw new NullPointerException("class can't be null");
|
||||||
}
|
}
|
||||||
if (which != Member.PUBLIC) {
|
checkPermission(SecurityConstants.ALL_PERMISSION);
|
||||||
Class<?> stack[] = getClassContext();
|
|
||||||
/*
|
|
||||||
* stack depth of 4 should be the caller of one of the
|
|
||||||
* methods in java.lang.Class that invoke checkMember
|
|
||||||
* access. The stack should look like:
|
|
||||||
*
|
|
||||||
* someCaller [3]
|
|
||||||
* java.lang.Class.someReflectionAPI [2]
|
|
||||||
* java.lang.Class.checkMemberAccess [1]
|
|
||||||
* SecurityManager.checkMemberAccess [0]
|
|
||||||
*
|
|
||||||
*/
|
|
||||||
if ((stack.length<4) ||
|
|
||||||
(stack[3].getClassLoader() != clazz.getClassLoader())) {
|
|
||||||
checkPermission(SecurityConstants.CHECK_MEMBER_ACCESS_PERMISSION);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -1792,8 +1537,6 @@ class SecurityManager {
|
|||||||
checkPermission(new SecurityPermission(target));
|
checkPermission(new SecurityPermission(target));
|
||||||
}
|
}
|
||||||
|
|
||||||
private native Class<?> currentLoadedClass0();
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns the thread group into which to instantiate any new
|
* Returns the thread group into which to instantiate any new
|
||||||
* thread being created at the time this is being called.
|
* thread being created at the time this is being called.
|
||||||
|
@ -262,21 +262,9 @@ JVM_DumpThreads(JNIEnv *env, jclass threadClass, jobjectArray threads);
|
|||||||
/*
|
/*
|
||||||
* java.lang.SecurityManager
|
* java.lang.SecurityManager
|
||||||
*/
|
*/
|
||||||
JNIEXPORT jclass JNICALL
|
|
||||||
JVM_CurrentLoadedClass(JNIEnv *env);
|
|
||||||
|
|
||||||
JNIEXPORT jobject JNICALL
|
|
||||||
JVM_CurrentClassLoader(JNIEnv *env);
|
|
||||||
|
|
||||||
JNIEXPORT jobjectArray JNICALL
|
JNIEXPORT jobjectArray JNICALL
|
||||||
JVM_GetClassContext(JNIEnv *env);
|
JVM_GetClassContext(JNIEnv *env);
|
||||||
|
|
||||||
JNIEXPORT jint JNICALL
|
|
||||||
JVM_ClassDepth(JNIEnv *env, jstring name);
|
|
||||||
|
|
||||||
JNIEXPORT jint JNICALL
|
|
||||||
JVM_ClassLoaderDepth(JNIEnv *env);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* java.lang.Package
|
* java.lang.Package
|
||||||
*/
|
*/
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 1995, 2017, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -76,53 +76,3 @@ Java_java_lang_SecurityManager_getClassContext(JNIEnv *env, jobject this)
|
|||||||
|
|
||||||
return JVM_GetClassContext(env);
|
return JVM_GetClassContext(env);
|
||||||
}
|
}
|
||||||
|
|
||||||
JNIEXPORT jclass JNICALL
|
|
||||||
Java_java_lang_SecurityManager_currentLoadedClass0(JNIEnv *env, jobject this)
|
|
||||||
{
|
|
||||||
/* Make sure the security manager instance is initialized */
|
|
||||||
if (!check(env, this)) {
|
|
||||||
return NULL; /* exception */
|
|
||||||
}
|
|
||||||
|
|
||||||
return JVM_CurrentLoadedClass(env);
|
|
||||||
}
|
|
||||||
|
|
||||||
JNIEXPORT jobject JNICALL
|
|
||||||
Java_java_lang_SecurityManager_currentClassLoader0(JNIEnv *env, jobject this)
|
|
||||||
{
|
|
||||||
/* Make sure the security manager instance is initialized */
|
|
||||||
if (!check(env, this)) {
|
|
||||||
return NULL; /* exception */
|
|
||||||
}
|
|
||||||
|
|
||||||
return JVM_CurrentClassLoader(env);
|
|
||||||
}
|
|
||||||
|
|
||||||
JNIEXPORT jint JNICALL
|
|
||||||
Java_java_lang_SecurityManager_classDepth(JNIEnv *env, jobject this,
|
|
||||||
jstring name)
|
|
||||||
{
|
|
||||||
/* Make sure the security manager instance is initialized */
|
|
||||||
if (!check(env, this)) {
|
|
||||||
return -1; /* exception */
|
|
||||||
}
|
|
||||||
|
|
||||||
if (name == NULL) {
|
|
||||||
JNU_ThrowNullPointerException(env, 0);
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
return JVM_ClassDepth(env, name);
|
|
||||||
}
|
|
||||||
|
|
||||||
JNIEXPORT jint JNICALL
|
|
||||||
Java_java_lang_SecurityManager_classLoaderDepth0(JNIEnv *env, jobject this)
|
|
||||||
{
|
|
||||||
/* Make sure the security manager instance is initialized */
|
|
||||||
if (!check(env, this)) {
|
|
||||||
return -1; /* exception */
|
|
||||||
}
|
|
||||||
|
|
||||||
return JVM_ClassLoaderDepth(env);
|
|
||||||
}
|
|
||||||
|
@ -48,6 +48,8 @@ import sun.awt.AppContext;
|
|||||||
import sun.awt.AWTPermissions;
|
import sun.awt.AWTPermissions;
|
||||||
import sun.security.util.SecurityConstants;
|
import sun.security.util.SecurityConstants;
|
||||||
|
|
||||||
|
import static java.lang.StackWalker.*;
|
||||||
|
import static java.lang.StackWalker.Option.*;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -106,11 +108,90 @@ class AppletSecurity extends AWTSecurityManager {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static final StackWalker walker =
|
||||||
|
AccessController.doPrivileged(
|
||||||
|
(PrivilegedAction<StackWalker>) () ->
|
||||||
|
StackWalker.getInstance(RETAIN_CLASS_REFERENCE));
|
||||||
|
/**
|
||||||
|
* Returns the class loader of the most recently executing method from
|
||||||
|
* a class defined using a non-system class loader. A non-system
|
||||||
|
* class loader is defined as being a class loader that is not equal to
|
||||||
|
* the system class loader (as returned
|
||||||
|
* by {@link ClassLoader#getSystemClassLoader}) or one of its ancestors.
|
||||||
|
* <p>
|
||||||
|
* This method will return
|
||||||
|
* <code>null</code> in the following three cases:
|
||||||
|
* <ol>
|
||||||
|
* <li>All methods on the execution stack are from classes
|
||||||
|
* defined using the system class loader or one of its ancestors.
|
||||||
|
*
|
||||||
|
* <li>All methods on the execution stack up to the first
|
||||||
|
* "privileged" caller
|
||||||
|
* (see {@link java.security.AccessController#doPrivileged})
|
||||||
|
* are from classes
|
||||||
|
* defined using the system class loader or one of its ancestors.
|
||||||
|
*
|
||||||
|
* <li> A call to <code>checkPermission</code> with
|
||||||
|
* <code>java.security.AllPermission</code> does not
|
||||||
|
* result in a SecurityException.
|
||||||
|
* </ol>
|
||||||
|
*
|
||||||
|
* NOTE: This is an implementation of the SecurityManager.currentClassLoader
|
||||||
|
* method that uses StackWalker. SecurityManager.currentClassLoader
|
||||||
|
* has been removed from SE. This is a temporary workaround which is
|
||||||
|
* only needed while applets are still supported.
|
||||||
|
*
|
||||||
|
* @return the class loader of the most recent occurrence on the stack
|
||||||
|
* of a method from a class defined using a non-system class
|
||||||
|
* loader.
|
||||||
|
*/
|
||||||
|
private static ClassLoader currentClassLoader() {
|
||||||
|
StackFrame f =
|
||||||
|
walker.walk(s -> s.takeWhile(AppletSecurity::isNonPrivileged)
|
||||||
|
.filter(AppletSecurity::isNonSystemFrame)
|
||||||
|
.findFirst())
|
||||||
|
.orElse(null);
|
||||||
|
|
||||||
|
SecurityManager sm = System.getSecurityManager();
|
||||||
|
if (f != null && sm != null) {
|
||||||
|
try {
|
||||||
|
sm.checkPermission(new AllPermission());
|
||||||
|
} catch (SecurityException se) {
|
||||||
|
return f.getDeclaringClass().getClassLoader();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true if the StackFrame is not AccessController.doPrivileged.
|
||||||
|
*/
|
||||||
|
private static boolean isNonPrivileged(StackFrame f) {
|
||||||
|
// possibly other doPrivileged variants
|
||||||
|
Class<?> c = f.getDeclaringClass();
|
||||||
|
return c == AccessController.class &&
|
||||||
|
f.getMethodName().equals("doPrivileged");
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns true if the StackFrame is not from a class defined by the
|
||||||
|
* system class loader or one of its ancestors.
|
||||||
|
*/
|
||||||
|
private static boolean isNonSystemFrame(StackFrame f) {
|
||||||
|
ClassLoader loader = ClassLoader.getSystemClassLoader();
|
||||||
|
ClassLoader ld = f.getDeclaringClass().getClassLoader();
|
||||||
|
if (ld == null || ld == loader) return false;
|
||||||
|
|
||||||
|
while ((loader = loader.getParent()) != null) {
|
||||||
|
if (ld == loader)
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* get the current (first) instance of an AppletClassLoader on the stack.
|
* get the current (first) instance of an AppletClassLoader on the stack.
|
||||||
*/
|
*/
|
||||||
@SuppressWarnings({"deprecation",
|
|
||||||
"removal"}) // SecurityManager.currentClassLoader()
|
|
||||||
private AppletClassLoader currentAppletClassLoader()
|
private AppletClassLoader currentAppletClassLoader()
|
||||||
{
|
{
|
||||||
// try currentClassLoader first
|
// try currentClassLoader first
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
|
* Copyright (c) 2013, 2017, Oracle and/or its affiliates. All rights reserved.
|
||||||
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
||||||
*
|
*
|
||||||
* This code is free software; you can redistribute it and/or modify it
|
* This code is free software; you can redistribute it and/or modify it
|
||||||
@ -22,15 +22,15 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
/* @test
|
/* @test
|
||||||
* @bug 8004502 8008793 8029886
|
* @bug 8004502 8008793 8029886 8186535
|
||||||
* @summary Sanity check that SecurityManager methods that used to check
|
* @summary Sanity check that the SecurityManager checkMemberAccess method and
|
||||||
* AWTPermission now check for AllPermission
|
* methods that used to check AWTPermission now check for AllPermission
|
||||||
*/
|
*/
|
||||||
|
|
||||||
import java.security.AllPermission;
|
import java.security.AllPermission;
|
||||||
import java.security.Permission;
|
import java.security.Permission;
|
||||||
|
|
||||||
public class NoAWT {
|
public class DepMethodsRequireAllPerm {
|
||||||
|
|
||||||
static class MySecurityManager extends SecurityManager {
|
static class MySecurityManager extends SecurityManager {
|
||||||
final Class<?> expectedClass;
|
final Class<?> expectedClass;
|
||||||
@ -68,5 +68,15 @@ public class NoAWT {
|
|||||||
if (sm.checkTopLevelWindow(new Object())) {
|
if (sm.checkTopLevelWindow(new Object())) {
|
||||||
throw new RuntimeException("checkTopLevelWindow expected to return false");
|
throw new RuntimeException("checkTopLevelWindow expected to return false");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
try {
|
||||||
|
sm.checkMemberAccess(Object.class, java.lang.reflect.Member.DECLARED);
|
||||||
|
throw new RuntimeException("SecurityException expected");
|
||||||
|
} catch (SecurityException expected) { }
|
||||||
|
|
||||||
|
try {
|
||||||
|
sm.checkMemberAccess(null, java.lang.reflect.Member.DECLARED);
|
||||||
|
throw new RuntimeException("NullPointerException expected");
|
||||||
|
} catch (NullPointerException expected) { }
|
||||||
}
|
}
|
||||||
}
|
}
|
Loading…
x
Reference in New Issue
Block a user