stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8344077: Remove security manager dependency in java.io

Browse Source 
Reviewed-by: rriggs, alanb, naoto, lancea
This commit is contained in:
Brian Burkhalter 2024-11-19 20:30:22 +00:00
parent f6f73ce70d
commit 81e43114ec
9 changed files with 41 additions and 273 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
src/java.base/share/classes/java/io/Console.java
View File

@ -25,8 +25,6 @@
package java.io;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.*;
import java.nio.charset.Charset;
import jdk.internal.access.JavaIOAccess;
@ -659,9 +657,8 @@ public sealed class Console implements Flushable permits ProxyingConsole {
});
}
@SuppressWarnings("removal")
private static Console instantiateConsole() {
Console c;
Console c = null;
try {
/*
@ -673,25 +670,19 @@ public sealed class Console implements Flushable permits ProxyingConsole {
* If no providers are available, or instantiation failed, java.base built-in
* Console implementation is used.
*/
c = AccessController.doPrivileged(new PrivilegedAction<Console>() {
public Console run() {
var consModName = System.getProperty("jdk.console",
JdkConsoleProvider.DEFAULT_PROVIDER_MODULE_NAME);
var consModName = System.getProperty("jdk.console",
JdkConsoleProvider.DEFAULT_PROVIDER_MODULE_NAME);
for (var jcp : ServiceLoader.load(ModuleLayer.boot(), JdkConsoleProvider.class)) {
if (consModName.equals(jcp.getClass().getModule().getName())) {
var jc = jcp.console(istty, CHARSET);
if (jc != null) {
return new ProxyingConsole(jc);
}
break;
}
for (var jcp : ServiceLoader.load(ModuleLayer.boot(), JdkConsoleProvider.class)) {
if (consModName.equals(jcp.getClass().getModule().getName())) {
var jc = jcp.console(istty, CHARSET);
if (jc != null) {
c = new ProxyingConsole(jc);
}
return null;
break;
}
});
}
} catch (ServiceConfigurationError _) {
c = null;
}
// If not found, default to built-in Console

138
src/java.base/share/classes/java/io/File.java
View File

@ -751,11 +751,6 @@ public class File
* application; {@code false} otherwise
*/
public boolean canRead() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return false;
}
@ -775,11 +770,6 @@ public class File
* {@code false} otherwise.
*/
public boolean canWrite() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -794,11 +784,6 @@ public class File
* by this abstract pathname exists; {@code false} otherwise
*/
public boolean exists() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return false;
}
@ -820,11 +805,6 @@ public class File
* {@code false} otherwise
*/
public boolean isDirectory() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return false;
}
@ -848,11 +828,6 @@ public class File
* {@code false} otherwise
*/
public boolean isFile() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return false;
}
@ -881,11 +856,6 @@ public class File
* @since 1.2
*/
public boolean isHidden() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return false;
}
@ -920,11 +890,6 @@ public class File
* epoch
*/
public long lastModified() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return 0L;
}
@ -947,11 +912,6 @@ public class File
* denoting system-dependent entities such as devices or pipes.
*/
public long length() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return 0L;
}
@ -983,9 +943,6 @@ public class File
* @since 1.2
*/
public boolean createNewFile() throws IOException {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) security.checkWrite(path);
if (isInvalid()) {
throw new IOException("Invalid file path");
}
@ -1007,11 +964,6 @@ public class File
* successfully deleted; {@code false} otherwise
*/
public boolean delete() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkDelete(path);
}
if (isInvalid()) {
return false;
}
@ -1043,11 +995,6 @@ public class File
* @since 1.2
*/
public void deleteOnExit() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkDelete(path);
}
if (isInvalid()) {
return;
}
@ -1097,11 +1044,6 @@ public class File
* I/O error occurs.
*/
private final String[] normalizedList() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
}
if (isInvalid()) {
return null;
}
@ -1275,11 +1217,6 @@ public class File
* created; {@code false} otherwise
*/
public boolean mkdir() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -1345,12 +1282,6 @@ public class File
if (dest == null) {
throw new NullPointerException();
}
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
security.checkWrite(dest.path);
}
if (this.isInvalid() || dest.isInvalid()) {
return false;
}
@ -1380,11 +1311,6 @@ public class File
*/
public boolean setLastModified(long time) {
if (time < 0) throw new IllegalArgumentException("Negative time");
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -1406,11 +1332,6 @@ public class File
* @since 1.2
*/
public boolean setReadOnly() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -1445,11 +1366,6 @@ public class File
* @since 1.6
*/
public boolean setWritable(boolean writable, boolean ownerOnly) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -1517,11 +1433,6 @@ public class File
* @since 1.6
*/
public boolean setReadable(boolean readable, boolean ownerOnly) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -1595,11 +1506,6 @@ public class File
* @since 1.6
*/
public boolean setExecutable(boolean executable, boolean ownerOnly) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
}
if (isInvalid()) {
return false;
}
@ -1652,11 +1558,6 @@ public class File
* @since 1.6
*/
public boolean canExecute() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkExec(path);
}
if (isInvalid()) {
return false;
}
@ -1726,12 +1627,6 @@ public class File
* @see FileStore#getTotalSpace
*/
public long getTotalSpace() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getFileSystemAttributes"));
sm.checkRead(path);
}
if (isInvalid()) {
return 0L;
}
@ -1764,12 +1659,6 @@ public class File
* @see FileStore#getUnallocatedSpace
*/
public long getFreeSpace() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getFileSystemAttributes"));
sm.checkRead(path);
}
if (isInvalid()) {
return 0L;
}
@ -1805,12 +1694,6 @@ public class File
* @see FileStore#getUsableSpace
*/
public long getUsableSpace() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getFileSystemAttributes"));
sm.checkRead(path);
}
if (isInvalid()) {
return 0L;
}
@ -1840,7 +1723,6 @@ public class File
}
return subNameLength;
}
@SuppressWarnings("removal")
static File generateFile(String prefix, String suffix, File dir)
throws IOException
{
@ -1897,11 +1779,8 @@ public class File
File f = new File(dir, name);
if (!name.equals(f.getName()) || f.isInvalid()) {
if (System.getSecurityManager() != null)
throw new IOException("Unable to create temporary file");
else
throw new IOException("Unable to create temporary file, "
+ name);
throw new IOException("Unable to create temporary file, "
+ name);
}
return f;
}
@ -1998,22 +1877,9 @@ public class File
File tmpdir = (directory != null) ? directory
: TempDirectory.location();
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
File f;
do {
f = TempDirectory.generateFile(prefix, suffix, tmpdir);
if (sm != null) {
try {
sm.checkWrite(f.getPath());
} catch (SecurityException se) {
// don't reveal temporary directory location
if (directory == null)
throw new SecurityException("Unable to create temporary file");
throw se;
}
}
} while (FS.hasBooleanAttributes(f, FileSystem.BA_EXISTS));
if (!FS.createFileExclusively(f.getPath()))

18
src/java.base/share/classes/java/io/FileInputStream.java
View File

@ -130,22 +130,13 @@ public class FileInputStream extends InputStream
*/
@SuppressWarnings("this-escape")
public FileInputStream(File file) throws FileNotFoundException {
String name = (file != null ? file.getPath() : null);
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(name);
}
if (name == null) {
throw new NullPointerException();
}
if (file.isInvalid()) {
throw new FileNotFoundException("Invalid file path");
}
path = file.getPath();
fd = new FileDescriptor();
fd.attach(this);
path = name;
open(name);
open(path);
FileCleanable.register(fd); // open set the fd, register the cleanup
}
@ -166,14 +157,9 @@ public class FileInputStream extends InputStream
*/
@SuppressWarnings("this-escape")
public FileInputStream(FileDescriptor fdObj) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (fdObj == null) {
throw new NullPointerException();
}
if (security != null) {
security.checkRead(fdObj);
}
fd = fdObj;
path = null;

19
src/java.base/share/classes/java/io/FileOutputStream.java
View File

@ -199,23 +199,15 @@ public class FileOutputStream extends OutputStream
public FileOutputStream(File file, boolean append)
throws FileNotFoundException
{
String name = (file != null ? file.getPath() : null);
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(name);
}
if (name == null) {
throw new NullPointerException();
}
if (file.isInvalid()) {
throw new FileNotFoundException("Invalid file path");
}
this.path = file.getPath();
this.fd = new FileDescriptor();
fd.attach(this);
this.path = name;
open(name, append);
open(this.path, append);
FileCleanable.register(fd); // open sets the fd, register the cleanup
}
@ -236,14 +228,9 @@ public class FileOutputStream extends OutputStream
*/
@SuppressWarnings("this-escape")
public FileOutputStream(FileDescriptor fdObj) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (fdObj == null) {
throw new NullPointerException();
}
if (security != null) {
security.checkWrite(fdObj);
}
this.fd = fdObj;
this.path = null;

38
src/java.base/share/classes/java/io/FilePermission.java
View File

@ -26,7 +26,8 @@
package java.io;
import java.nio.file.*;
import java.security.*;
import java.security.Permission;
import java.security.PermissionCollection;
import java.util.Enumeration;
import java.util.Objects;
import java.util.StringJoiner;
@ -36,7 +37,6 @@ import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.access.JavaIOFilePermissionAccess;
import jdk.internal.access.SharedSecrets;
import sun.nio.fs.DefaultFileSystemProvider;
import sun.security.action.GetPropertyAction;
import sun.security.util.FilePermCompat;
import sun.security.util.SecurityConstants;
@ -181,8 +181,7 @@ public final class FilePermission extends Permission implements Serializable {
private static final java.nio.file.FileSystem builtInFS =
DefaultFileSystemProvider.theFileSystem();
private static final Path here = builtInFS.getPath(
GetPropertyAction.privilegedGetProperty("user.dir"));
private static final Path here = builtInFS.getPath(jdk.internal.util.StaticProperty.userDir());
private static final Path EMPTY_PATH = builtInFS.getPath("");
private static final Path DASH_PATH = builtInFS.getPath("-");
@ -361,25 +360,20 @@ public final class FilePermission extends Permission implements Serializable {
}
// store only the canonical cpath if possible
cpath = AccessController.doPrivileged(new PrivilegedAction<>() {
public String run() {
try {
String path = cpath;
if (cpath.endsWith("*")) {
// call getCanonicalPath with a path with wildcard character
// replaced to avoid calling it with paths that are
// intended to match all entries in a directory
path = path.substring(0, path.length() - 1) + "-";
path = new File(path).getCanonicalPath();
return path.substring(0, path.length() - 1) + "*";
} else {
return new File(path).getCanonicalPath();
}
} catch (IOException ioe) {
return cpath;
}
try {
String path = cpath;
if (cpath.endsWith("*")) {
// call getCanonicalPath with a path with wildcard character
// replaced to avoid calling it with paths that are
// intended to match all entries in a directory
path = path.substring(0, path.length() - 1) + "-";
path = new File(path).getCanonicalPath();
cpath = path.substring(0, path.length() - 1) + "*";
} else {
cpath = new File(path).getCanonicalPath();
}
});
} catch (IOException ignore) {
}
int len = cpath.length();
char last = ((len > 0) ? cpath.charAt(len - 1) : 0);

8
src/java.base/share/classes/java/io/RandomAccessFile.java
View File

@ -245,14 +245,6 @@ public class RandomAccessFile implements DataOutput, DataInput, Closeable {
+ "\" must be one of "
+ "\"r\", \"rw\", \"rws\","
+ " or \"rwd\"");
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(name);
if (rw) {
security.checkWrite(name);
}
}
if (name == null) {
throw new NullPointerException();
}

3
src/java.base/share/classes/java/io/SerializablePermission.java
View File

@ -25,7 +25,7 @@
package java.io;
import java.security.*;
import java.security.BasicPermission;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;
@ -44,7 +44,6 @@ import java.util.StringTokenizer;
* @see java.security.Permission
* @see java.security.Permissions
* @see java.security.PermissionCollection
* @see java.lang.SecurityManager
*
* @author Joe Fialli
* @since 1.2

19
src/java.base/unix/classes/java/io/UnixFileSystem.java
View File

@ -27,7 +27,6 @@ package java.io;
import java.util.Properties;
import jdk.internal.util.StaticProperty;
import sun.security.action.GetPropertyAction;
final class UnixFileSystem extends FileSystem {
@ -36,7 +35,7 @@ final class UnixFileSystem extends FileSystem {
private final String userDir;
UnixFileSystem() {
Properties props = GetPropertyAction.privilegedGetProperties();
Properties props = System.getProperties();
slash = props.getProperty("file.separator").charAt(0);
colon = props.getProperty("path.separator").charAt(0);
userDir = StaticProperty.userDir();
@ -150,11 +149,6 @@ final class UnixFileSystem extends FileSystem {
@Override
public String resolve(File f) {
if (isAbsolute(f)) return f.getPath();
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPropertyAccess("user.dir");
}
return resolve(userDir, f.getPath());
}
@ -259,16 +253,7 @@ final class UnixFileSystem extends FileSystem {
@Override
public File[] listRoots() {
try {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead("/");
}
return new File[] { new File("/") };
} catch (SecurityException x) {
return new File[0];
}
return new File[] { new File("/") };
}
/* -- Disk usage -- */

42
src/java.base/windows/classes/java/io/WinNTFileSystem.java
View File

@ -30,7 +30,6 @@ import java.nio.file.Path;
import java.util.BitSet;
import java.util.Locale;
import java.util.Properties;
import sun.security.action.GetPropertyAction;
/**
* Unicode-aware FileSystem for Windows NT/2000.
@ -53,7 +52,7 @@ final class WinNTFileSystem extends FileSystem {
// only if the property is set, ignoring case, to the string "false".
private static final boolean ENABLE_ADS;
static {
String enableADS = GetPropertyAction.privilegedGetProperty("jdk.io.File.enableADS");
String enableADS = System.getProperty("jdk.io.File.enableADS");
if (enableADS != null) {
ENABLE_ADS = !enableADS.equalsIgnoreCase(Boolean.FALSE.toString());
} else {
@ -81,7 +80,7 @@ final class WinNTFileSystem extends FileSystem {
}
WinNTFileSystem() {
Properties props = GetPropertyAction.privilegedGetProperties();
Properties props = System.getProperties();
slash = props.getProperty("file.separator").charAt(0);
semicolon = props.getProperty("path.separator").charAt(0);
altSlash = (this.slash == '\\') ? '/' : '\\';
@ -394,15 +393,15 @@ final class WinNTFileSystem extends FileSystem {
if (pl == 3)
return path; /* Absolute local */
if (pl == 0)
return getUserPath() + slashify(path); /* Completely relative */
return userDir + slashify(path); /* Completely relative */
if (pl == 1) { /* Drive-relative */
String up = getUserPath();
String up = userDir;
String ud = getDrive(up);
if (ud != null) return ud + path;
return up + path; /* User dir is a UNC path */
}
if (pl == 2) { /* Directory-relative */
String up = getUserPath();
String up = userDir;
String ud = getDrive(up);
if ((ud != null) && path.startsWith(ud))
return up + slashify(path.substring(2));
@ -413,14 +412,6 @@ final class WinNTFileSystem extends FileSystem {
drive other than the current drive, insist that the caller
have read permission on the result */
String p = drive + (':' + dir + slashify(path.substring(2)));
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
try {
if (security != null) security.checkRead(p);
} catch (SecurityException x) {
/* Don't disclose the drive's directory in the exception */
throw new SecurityException("Cannot resolve path " + path);
}
return p;
}
return drive + ":" + slashify(path.substring(2)); /* fake it */
@ -428,17 +419,6 @@ final class WinNTFileSystem extends FileSystem {
throw new InternalError("Unresolvable path: " + path);
}
private String getUserPath() {
/* For both compatibility and security,
we must look this up every time */
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPropertyAccess("user.dir");
}
return userDir;
}
private String getDrive(String path) {
int pl = prefixLength(path);
return (pl == 3) ? path.substring(0, 2) : null;
@ -595,22 +575,10 @@ final class WinNTFileSystem extends FileSystem {
.valueOf(new long[] {listRoots0()})
.stream()
.mapToObj(i -> new File((char)('A' + i) + ":" + slash))
.filter(f -> access(f.getPath()))
.toArray(File[]::new);
}
private static native int listRoots0();
private boolean access(String path) {
try {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) security.checkRead(path);
return true;
} catch (SecurityException x) {
return false;
}
}
/* -- Disk usage -- */
@Override