stan/jdk-24
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

8338411: Implement JEP 486: Permanently Disable the Security Manager

Browse Source 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Brian Burkhalter <bpb@openjdk.org>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Co-authored-by: Harshitha Onkar <honkar@openjdk.org>
Co-authored-by: Joe Wang <joehw@openjdk.org>
Co-authored-by: Jorn Vernee <jvernee@openjdk.org>
Co-authored-by: Justin Lu <jlu@openjdk.org>
Co-authored-by: Kevin Walls <kevinw@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Naoto Sato <naoto@openjdk.org>
Co-authored-by: Roger Riggs <rriggs@openjdk.org>
Co-authored-by: Brent Christian <bchristi@openjdk.org>
Co-authored-by: Stuart Marks <smarks@openjdk.org>
Co-authored-by: Ian Graves <igraves@openjdk.org>
Co-authored-by: Phil Race <prr@openjdk.org>
Co-authored-by: Erik Gahlin <egahlin@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Reviewed-by: kevinw, aivanov, rriggs, lancea, coffeys, dfuchs, ihse, erikj, cjplummer, coleenp, naoto, mchung, prr, weijun, joehw, azvegint, psadhukhan, bchristi, sundar, attila
This commit is contained in:
Sean Mullan 2024-11-12 17:16:15 +00:00
parent c12b386d19
commit db85090553
1885 changed files with 5528 additions and 65650 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
make/modules/java.base/Copy.gmk
View File

@ -123,46 +123,6 @@ TARGETS += $(JVMCFG)
################################################################################
POLICY_SRC := $(TOPDIR)/src/java.base/share/conf/security/java.policy
POLICY_DST := $(CONF_DST_DIR)/security/java.policy
POLICY_SRC_LIST := $(POLICY_SRC)
$(POLICY_DST): $(POLICY_SRC_LIST)
$(call MakeTargetDir)
$(RM) $@ $@.tmp
$(foreach f, $(POLICY_SRC_LIST), $(CAT) $(f) >> $@.tmp;)
$(MV) $@.tmp $@
TARGETS += $(POLICY_DST)
################################################################################
DEF_POLICY_SRC := $(TOPDIR)/src/java.base/share/lib/security/default.policy
DEF_POLICY_DST := $(LIB_DST_DIR)/security/default.policy
DEF_POLICY_SRC_LIST := $(DEF_POLICY_SRC)
DEF_POLICY_SRC_LIST += $(CUSTOM_POLICY_SRC_LIST)
ifeq ($(call isTargetOs, windows), true)
DEF_POLICY_SRC_LIST += $(TOPDIR)/src/java.base/$(OPENJDK_TARGET_OS)/lib/security/default.policy
endif
# Allow imported modules to modify the java.policy
ifneq ($(IMPORT_MODULES_CONF), )
DEF_POLICY_SRC_LIST += $(wildcard $(IMPORT_MODULES_CONF)/java.base/security/java.policy.extra)
endif
$(DEF_POLICY_DST): $(DEF_POLICY_SRC_LIST)
$(call MakeTargetDir)
$(RM) $@ $@.tmp
$(foreach f, $(DEF_POLICY_SRC_LIST), $(CAT) $(f) >> $@.tmp;)
$(MV) $@.tmp $@
TARGETS += $(DEF_POLICY_DST)
################################################################################
# CACERTS_FILE is optionally set in configure to override the default cacerts
# which is otherwise generated in Gendata-java.base.gmk
CACERTS_DST := $(LIB_DST_DIR)/security/cacerts

1
make/modules/java.rmi/Launcher.gmk
View File

@ -31,5 +31,4 @@ include LauncherCommon.gmk
$(eval $(call SetupBuildLauncher, rmiregistry, \
MAIN_CLASS := sun.rmi.registry.RegistryImpl, \
JAVA_ARGS := -Djava.security.manager=allow, \
))

62
src/hotspot/share/classfile/dictionary.cpp
View File

@ -347,68 +347,6 @@ void Dictionary::check_package_access(InstanceKlass* klass,
assert(class_loader() != nullptr, "Should not call this");
assert(protection_domain() != nullptr, "Should not call this");
if (!java_lang_System::allow_security_manager()) {
// No need for any further checking. Package access always allowed.
return;
}
if (is_in_package_access_cache(THREAD, klass->name(), protection_domain)) {
// No need to check again.
return;
}
// We only have to call checkPackageAccess if there's a security manager installed.
if (java_lang_System::has_security_manager()) {
// This handle and the class_loader handle passed in keeps this class from
// being unloaded through several GC points.
// The class_loader handle passed in is the initiating loader.
Handle mirror(THREAD, klass->java_mirror());
// Now we have to call back to java to check if the initating class has access
InstanceKlass* system_loader = vmClasses::ClassLoader_klass();
JavaValue result(T_VOID);
JavaCalls::call_special(&result,
class_loader,
system_loader,
vmSymbols::checkPackageAccess_name(),
vmSymbols::class_protectiondomain_signature(),
mirror,
protection_domain,
THREAD);
LogTarget(Debug, protectiondomain) lt;
if (lt.is_enabled()) {
ResourceMark rm(THREAD);
// Print out trace information
LogStream ls(lt);
ls.print_cr("Checking package access");
ls.print("class loader: ");
class_loader()->print_value_on(&ls);
ls.print(" protection domain: ");
protection_domain()->print_value_on(&ls);
ls.print(" loading: "); klass->print_value_on(&ls);
if (HAS_PENDING_EXCEPTION) {
ls.print_cr(" DENIED !!!!!!!!!!!!!!!!!!!!!");
} else {
ls.print_cr(" granted");
}
}
if (HAS_PENDING_EXCEPTION) return;
}
// If no exception has been thrown, we have checked that the protection_domain can access
// this klass. Always add it to the cache (even if no SecurityManager is installed yet).
//
// This ensures that subsequent calls to Dictionary::find(THREAD, klass->name(), protection_domain)
// will always succeed. I.e., a new SecurityManager installed in the future cannot retroactively
// revoke the granted access.
{
MutexLocker mu(THREAD, SystemDictionary_lock);
add_to_package_access_cache(THREAD, klass, protection_domain);
}
}
// During class loading we may have cached a protection domain that has

27
src/hotspot/share/classfile/javaClasses.cpp
View File

@ -1599,7 +1599,6 @@ oop java_lang_Thread_Constants::get_VTHREAD_GROUP() {
int java_lang_Thread::_holder_offset;
int java_lang_Thread::_name_offset;
int java_lang_Thread::_contextClassLoader_offset;
int java_lang_Thread::_inheritedAccessControlContext_offset;
int java_lang_Thread::_eetop_offset;
int java_lang_Thread::_jvmti_thread_state_offset;
int java_lang_Thread::_jvmti_VTMS_transition_disable_count_offset;
@ -1616,7 +1615,6 @@ JFR_ONLY(int java_lang_Thread::_jfr_epoch_offset;)
macro(_holder_offset, k, "holder", thread_fieldholder_signature, false); \
macro(_name_offset, k, vmSymbols::name_name(), string_signature, false); \
macro(_contextClassLoader_offset, k, vmSymbols::contextClassLoader_name(), classloader_signature, false); \
macro(_inheritedAccessControlContext_offset, k, vmSymbols::inheritedAccessControlContext_name(), accesscontrolcontext_signature, false); \
macro(_eetop_offset, k, "eetop", long_signature, false); \
macro(_interrupted_offset, k, "interrupted", bool_signature, false); \
macro(_interruptLock_offset, k, "interruptLock", object_signature, false); \
@ -1794,10 +1792,6 @@ oop java_lang_Thread::context_class_loader(oop java_thread) {
return java_thread->obj_field(_contextClassLoader_offset);
}
oop java_lang_Thread::inherited_access_control_context(oop java_thread) {
return java_thread->obj_field(_inheritedAccessControlContext_offset);
}
jlong java_lang_Thread::stackSize(oop java_thread) {
GET_FIELDHOLDER_FIELD(java_thread, stackSize, 0);
@ -4861,17 +4855,11 @@ oop java_lang_ClassLoader::unnamedModule(oop loader) {
int java_lang_System::_static_in_offset;
int java_lang_System::_static_out_offset;
int java_lang_System::_static_err_offset;
int java_lang_System::_static_security_offset;
int java_lang_System::_static_allow_security_offset;
int java_lang_System::_static_never_offset;
#define SYSTEM_FIELDS_DO(macro) \
macro(_static_in_offset, k, "in", input_stream_signature, true); \
macro(_static_out_offset, k, "out", print_stream_signature, true); \
macro(_static_err_offset, k, "err", print_stream_signature, true); \
macro(_static_security_offset, k, "security", security_manager_signature, true); \
macro(_static_allow_security_offset, k, "allowSecurityManager", int_signature, true); \
macro(_static_never_offset, k, "NEVER", int_signature, true)
macro(_static_err_offset, k, "err", print_stream_signature, true);
void java_lang_System::compute_offsets() {
InstanceKlass* k = vmClasses::System_klass();
@ -4881,21 +4869,12 @@ void java_lang_System::compute_offsets() {
// This field tells us that a security manager can never be installed so we
// can completely skip populating the ProtectionDomainCacheTable.
bool java_lang_System::allow_security_manager() {
static int initialized = false;
static bool allowed = true; // default
if (!initialized) {
oop base = vmClasses::System_klass()->static_field_base_raw();
int never = base->int_field(_static_never_offset);
allowed = (base->int_field(_static_allow_security_offset) != never);
initialized = true;
}
return allowed;
return false;
}
// This field tells us that a security manager is installed.
bool java_lang_System::has_security_manager() {
oop base = vmClasses::System_klass()->static_field_base_raw();
return base->obj_field(_static_security_offset) != nullptr;
return false;
}
#if INCLUDE_CDS

3
src/hotspot/share/classfile/javaClasses.hpp
View File

@ -358,7 +358,6 @@ class java_lang_Thread : AllStatic {
static int _holder_offset;
static int _name_offset;
static int _contextClassLoader_offset;
static int _inheritedAccessControlContext_offset;
static int _eetop_offset;
static int _jvmti_thread_state_offset;
static int _jvmti_VTMS_transition_disable_count_offset;
@ -405,8 +404,6 @@ class java_lang_Thread : AllStatic {
static void set_daemon(oop java_thread);
// Context ClassLoader
static oop context_class_loader(oop java_thread);
// Control context
static oop inherited_access_control_context(oop java_thread);
// Stack size hint
static jlong stackSize(oop java_thread);
// Thread ID

2
src/hotspot/share/classfile/vmSymbols.hpp
View File

@ -439,10 +439,8 @@ class SerializeClosure;
template(getProperty_name, "getProperty") \
template(context_name, "context") \
template(contextClassLoader_name, "contextClassLoader") \
template(inheritedAccessControlContext_name, "inheritedAccessControlContext") \
template(getClassContext_name, "getClassContext") \
template(wait_name, "wait0") \
template(checkPackageAccess_name, "checkPackageAccess") \
template(forName_name, "forName") \
template(forName0_name, "forName0") \
template(isJavaIdentifierStart_name, "isJavaIdentifierStart") \

10
src/hotspot/share/include/jvm.h
View File

@ -723,13 +723,6 @@ JNIEXPORT jbyte JNICALL JVM_ConstantPoolGetTagAt
JNIEXPORT jobjectArray JNICALL
JVM_GetMethodParameters(JNIEnv *env, jobject method);
/*
* java.security.*
*/
JNIEXPORT jobject JNICALL
JVM_GetInheritedAccessControlContext(JNIEnv *env, jclass cls);
/*
* Ensure that code doing a stackwalk and using javaVFrame::locals() to
* get the value will see a materialized value and not a scalar-replaced
@ -741,9 +734,6 @@ JVM_GetInheritedAccessControlContext(JNIEnv *env, jclass cls);
JNIEXPORT void JNICALL
JVM_EnsureMaterializedForStackWalk_func(JNIEnv* env, jobject vthread, jobject value);
JNIEXPORT jobject JNICALL
JVM_GetStackAccessControlContext(JNIEnv *env, jclass cls);
/*
* Signal support, used to implement the shutdown sequence. Every VM must
* support JVM_SIGINT and JVM_SIGTERM, raising the former for user interrupts

81
src/hotspot/share/prims/jvm.cpp
View File

@ -1269,87 +1269,6 @@ JVM_ENTRY(jobject, JVM_GetProtectionDomain(JNIEnv *env, jclass cls))
JVM_END
// Returns the inherited_access_control_context field of the running thread.
JVM_ENTRY(jobject, JVM_GetInheritedAccessControlContext(JNIEnv *env, jclass cls))
oop result = java_lang_Thread::inherited_access_control_context(thread->threadObj());
return JNIHandles::make_local(THREAD, result);
JVM_END
JVM_ENTRY(jobject, JVM_GetStackAccessControlContext(JNIEnv *env, jclass cls))
if (!UsePrivilegedStack) return nullptr;
ResourceMark rm(THREAD);
GrowableArray<Handle>* local_array = new GrowableArray<Handle>(12);
JvmtiVMObjectAllocEventCollector oam;
// count the protection domains on the execution stack. We collapse
// duplicate consecutive protection domains into a single one, as
// well as stopping when we hit a privileged frame.
oop previous_protection_domain = nullptr;
Handle privileged_context(thread, nullptr);
bool is_privileged = false;
oop protection_domain = nullptr;
// Iterate through Java frames
vframeStream vfst(thread);
for(; !vfst.at_end(); vfst.next()) {
// get method of frame
Method* method = vfst.method();
// stop at the first privileged frame
if (method->method_holder() == vmClasses::AccessController_klass() &&
method->name() == vmSymbols::executePrivileged_name())
{
// this frame is privileged
is_privileged = true;
javaVFrame *priv = vfst.asJavaVFrame(); // executePrivileged
StackValueCollection* locals = priv->locals();
StackValue* ctx_sv = locals->at(1); // AccessControlContext context
StackValue* clr_sv = locals->at(2); // Class<?> caller
assert(!ctx_sv->obj_is_scalar_replaced(), "found scalar-replaced object");
assert(!clr_sv->obj_is_scalar_replaced(), "found scalar-replaced object");
privileged_context = ctx_sv->get_obj();
Handle caller = clr_sv->get_obj();
Klass *caller_klass = java_lang_Class::as_Klass(caller());
protection_domain = caller_klass->protection_domain();
} else {
protection_domain = method->method_holder()->protection_domain();
}
if ((previous_protection_domain != protection_domain) && (protection_domain != nullptr)) {
local_array->push(Handle(thread, protection_domain));
previous_protection_domain = protection_domain;
}
if (is_privileged) break;
}
// either all the domains on the stack were system domains, or
// we had a privileged system domain
if (local_array->is_empty()) {
if (is_privileged && privileged_context.is_null()) return nullptr;
oop result = java_security_AccessControlContext::create(objArrayHandle(), is_privileged, privileged_context, CHECK_NULL);
return JNIHandles::make_local(THREAD, result);
}
objArrayOop context = oopFactory::new_objArray(vmClasses::ProtectionDomain_klass(),
local_array->length(), CHECK_NULL);
objArrayHandle h_context(thread, context);
for (int index = 0; index < local_array->length(); index++) {
h_context->obj_at_put(index, local_array->at(index)());
}
oop result = java_security_AccessControlContext::create(h_context, is_privileged, privileged_context, CHECK_NULL);
return JNIHandles::make_local(THREAD, result);
JVM_END
class ScopedValueBindingsResolver {
public:
InstanceKlass* Carrier_klass;

3
src/hotspot/share/runtime/globals.hpp
View File

@ -681,9 +681,6 @@ const int ObjectAlignmentInBytes = 8;
develop(bool, PrintCodeCacheExtension, false, \
"Print extension of code cache") \
\
develop(bool, UsePrivilegedStack, true, \
"Enable the security JVM functions") \
\
product(bool, ClassUnloading, true, \
"Do unloading of classes") \
\

204
src/java.base/share/classes/java/io/File.java
View File

@ -556,9 +556,6 @@ public class File
* @return The absolute pathname string denoting the same file or
* directory as this abstract pathname
*
* @throws SecurityException
* If a required system property value cannot be accessed.
*
* @see java.io.File#isAbsolute()
*/
public String getAbsolutePath() {
@ -572,9 +569,6 @@ public class File
* @return The absolute abstract pathname denoting the same file or
* directory as this abstract pathname
*
* @throws SecurityException
* If a required system property value cannot be accessed.
*
* @since 1.2
*/
public File getAbsoluteFile() {
@ -614,12 +608,6 @@ public class File
* construction of the canonical pathname may require
* filesystem queries
*
* @throws SecurityException
* If a required system property value cannot be accessed, or
* if a security manager exists and its {@link
* java.lang.SecurityManager#checkRead} method denies
* read access to the file
*
* @since 1.1
* @see Path#toRealPath
*/
@ -642,12 +630,6 @@ public class File
* construction of the canonical pathname may require
* filesystem queries
*
* @throws SecurityException
* If a required system property value cannot be accessed, or
* if a security manager exists and its {@link
* java.lang.SecurityManager#checkRead} method denies
* read access to the file
*
* @since 1.2
* @see Path#toRealPath
*/
@ -736,8 +718,6 @@ public class File
* @return An absolute, hierarchical URI with a scheme equal to
* {@code "file"}, a path representing this abstract pathname,
* and undefined authority, query, and fragment components
* @throws SecurityException If a required system property value cannot
* be accessed.
*
* @see #File(java.net.URI)
* @see java.net.URI
@ -769,11 +749,6 @@ public class File
* @return {@code true} if and only if the file specified by this
* abstract pathname exists <em>and</em> can be read by the
* application; {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file
*/
public boolean canRead() {
@SuppressWarnings("removal")
@ -798,11 +773,6 @@ public class File
* contains a file denoted by this abstract pathname <em>and</em>
* the application is allowed to write to the file;
* {@code false} otherwise.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*/
public boolean canWrite() {
@SuppressWarnings("removal")
@ -822,11 +792,6 @@ public class File
*
* @return {@code true} if and only if the file or directory denoted
* by this abstract pathname exists; {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file or directory
*/
public boolean exists() {
@SuppressWarnings("removal")
@ -853,11 +818,6 @@ public class File
* @return {@code true} if and only if the file denoted by this
* abstract pathname exists <em>and</em> is a directory;
* {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file
*/
public boolean isDirectory() {
@SuppressWarnings("removal")
@ -886,11 +846,6 @@ public class File
* @return {@code true} if and only if the file denoted by this
* abstract pathname exists <em>and</em> is a normal file;
* {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file
*/
public boolean isFile() {
@SuppressWarnings("removal")
@ -923,11 +878,6 @@ public class File
* abstract pathname is hidden according to the conventions of the
* underlying platform
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file
*
* @since 1.2
*/
public boolean isHidden() {
@ -968,11 +918,6 @@ public class File
* file does not exist or if an I/O error occurs. The value may
* be negative indicating the number of milliseconds before the
* epoch
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file
*/
public long lastModified() {
@SuppressWarnings("removal")
@ -1000,11 +945,6 @@ public class File
* pathname, or {@code 0L} if the file does not exist. Some
* operating systems may return {@code 0L} for pathnames
* denoting system-dependent entities such as devices or pipes.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method denies read access to the file
*/
public long length() {
@SuppressWarnings("removal")
@ -1040,11 +980,6 @@ public class File
* @throws IOException
* If an I/O error occurred
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*
* @since 1.2
*/
public boolean createNewFile() throws IOException {
@ -1070,11 +1005,6 @@ public class File
*
* @return {@code true} if and only if the file or directory is
* successfully deleted; {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkDelete} method denies
* delete access to the file
*/
public boolean delete() {
@SuppressWarnings("removal")
@ -1108,11 +1038,6 @@ public class File
* {@link java.nio.channels.FileLock FileLock}
* facility should be used instead.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkDelete} method denies
* delete access to the file
*
* @see #delete
*
* @since 1.2
@ -1155,11 +1080,6 @@ public class File
* empty if the directory is empty. Returns {@code null} if
* this abstract pathname does not denote a directory, or if an
* I/O error occurs.
*
* @throws SecurityException
* If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to
* the directory
*/
public String[] list() {
return normalizedList();
@ -1175,11 +1095,6 @@ public class File
* empty if the directory is empty. Returns {@code null} if
* this abstract pathname does not denote a directory, or if an
* I/O error occurs.
*
* @throws SecurityException
* If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to
* the directory
*/
private final String[] normalizedList() {
@SuppressWarnings("removal")
@ -1223,11 +1138,6 @@ public class File
* Returns {@code null} if this abstract pathname does not denote
* a directory, or if an I/O error occurs.
*
* @throws SecurityException
* If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to
* the directory
*
* @see java.nio.file.Files#newDirectoryStream(Path,String)
*/
public String[] list(FilenameFilter filter) {
@ -1275,11 +1185,6 @@ public class File
* {@code null} if this abstract pathname does not denote a
* directory, or if an I/O error occurs.
*
* @throws SecurityException
* If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to
* the directory
*
* @since 1.2
*/
public File[] listFiles() {
@ -1315,11 +1220,6 @@ public class File
* {@code null} if this abstract pathname does not denote a
* directory, or if an I/O error occurs.
*
* @throws SecurityException
* If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to
* the directory
*
* @since 1.2
* @see java.nio.file.Files#newDirectoryStream(Path,String)
*/
@ -1353,11 +1253,6 @@ public class File
* {@code null} if this abstract pathname does not denote a
* directory, or if an I/O error occurs.
*
* @throws SecurityException
* If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to
* the directory
*
* @since 1.2
* @see java.nio.file.Files#newDirectoryStream(Path,java.nio.file.DirectoryStream.Filter)
*/
@ -1378,11 +1273,6 @@ public class File
*
* @return {@code true} if and only if the directory was
* created; {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method does not permit the named directory to be created
*/
public boolean mkdir() {
@SuppressWarnings("removal")
@ -1405,16 +1295,6 @@ public class File
* @return {@code true} if and only if the directory was created,
* along with all necessary parent directories; {@code false}
* otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkRead(java.lang.String)}
* method does not permit verification of the existence of the
* named directory and all necessary parent directories; or if
* the {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method does not permit the named directory and all necessary
* parent directories to be created
*/
public boolean mkdirs() {
if (exists()) {
@ -1458,11 +1338,6 @@ public class File
* @return {@code true} if and only if the renaming succeeded;
* {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to either the old or new pathnames
*
* @throws NullPointerException
* If parameter {@code dest} is {@code null}
*/
@ -1501,11 +1376,6 @@ public class File
*
* @throws IllegalArgumentException If the argument is negative
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the named file
*
* @since 1.2
*/
public boolean setLastModified(long time) {
@ -1533,11 +1403,6 @@ public class File
* @return {@code true} if and only if the operation succeeded;
* {@code false} otherwise
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the named file
*
* @since 1.2
*/
public boolean setReadOnly() {
@ -1577,11 +1442,6 @@ public class File
* operation will fail if the user does not have permission to change
* the access permissions of this abstract pathname.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the named file
*
* @since 1.6
*/
public boolean setWritable(boolean writable, boolean ownerOnly) {
@ -1617,11 +1477,6 @@ public class File
* operation will fail if the user does not have permission to
* change the access permissions of this abstract pathname.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*
* @since 1.6
*/
public boolean setWritable(boolean writable) {
@ -1659,11 +1514,6 @@ public class File
* fails, or the value of the {@code readable} parameter if
* setting the read permission is not supported.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*
* @since 1.6
*/
public boolean setReadable(boolean readable, boolean ownerOnly) {
@ -1705,11 +1555,6 @@ public class File
* fails, or the value of the {@code readable} parameter if
* setting the read permission is not supported.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*
* @since 1.6
*/
public boolean setReadable(boolean readable) {
@ -1747,11 +1592,6 @@ public class File
* fails, or the value of the {@code executable} parameter if
* setting the execute permission is not supported.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*
* @since 1.6
*/
public boolean setExecutable(boolean executable, boolean ownerOnly) {
@ -1793,11 +1633,6 @@ public class File
* fails, or the value of the {@code executable} parameter if
* setting the execute permission is not supported.
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method denies write access to the file
*
* @since 1.6
*/
public boolean setExecutable(boolean executable) {
@ -1814,11 +1649,6 @@ public class File
* @return {@code true} if and only if the abstract pathname exists
* <em>and</em> the application is allowed to execute the file
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkExec(java.lang.String)}
* method denies execute access to the file
*
* @since 1.6
*/
public boolean canExecute() {
@ -1850,12 +1680,6 @@ public class File
* machine will begin with one of the roots returned by this method.
* There is no guarantee that a root directory can be accessed.
*
* <p> Unlike most methods in this class, this method does not throw
* security exceptions. If a security manager exists and its {@link
* SecurityManager#checkRead(String)} method denies read access to a
* particular root directory, then that directory will not appear in the
* result.
*
* @implNote
* Windows platforms, for example, have a root directory
* for each active drive; UNIX platforms have a single root directory,
@ -1898,12 +1722,6 @@ public class File
* abstract pathname does not name a partition or if the size
* cannot be obtained
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("getFileSystemAttributes")}
* or its {@link SecurityManager#checkRead(String)} method denies
* read access to the file named by this abstract pathname
*
* @since 1.6
* @see FileStore#getTotalSpace
*/
@ -1942,12 +1760,6 @@ public class File
* equal to the total file system size returned by
* {@link #getTotalSpace}.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("getFileSystemAttributes")}
* or its {@link SecurityManager#checkRead(String)} method denies
* read access to the file named by this abstract pathname
*
* @since 1.6
* @see FileStore#getUnallocatedSpace
*/
@ -1989,12 +1801,6 @@ public class File
* is not available, this method will be equivalent to a call to
* {@link #getFreeSpace}.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("getFileSystemAttributes")}
* or its {@link SecurityManager#checkRead(String)} method denies
* read access to the file named by this abstract pathname
*
* @since 1.6
* @see FileStore#getUsableSpace
*/
@ -2176,11 +1982,6 @@ public class File
* @throws IOException
* If a file could not be created
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method does not allow a file to be created
*
* @since 1.2
*/
public static File createTempFile(String prefix, String suffix,
@ -2250,11 +2051,6 @@ public class File
*
* @throws IOException If a file could not be created
*
* @throws SecurityException
* If a security manager exists and its {@link
* java.lang.SecurityManager#checkWrite(java.lang.String)}
* method does not allow a file to be created
*
* @since 1.2
* @see java.nio.file.Files#createTempDirectory(String,FileAttribute[])
*/

26
src/java.base/share/classes/java/io/FileInputStream.java
View File

@ -95,11 +95,6 @@ public class FileInputStream extends InputStream
* object is created to represent this file
* connection.
* <p>
* First, if there is a security
* manager, its {@code checkRead} method
* is called with the {@code name} argument
* as its argument.
* <p>
* If the named file does not exist, is a directory rather than a regular
* file, or for some other reason cannot be opened for reading then a
* {@code FileNotFoundException} is thrown.
@ -109,10 +104,6 @@ public class FileInputStream extends InputStream
* is a directory rather than a regular file,
* or for some other reason cannot be opened for
* reading.
* @throws SecurityException if a security manager exists and its
* {@code checkRead} method denies read access
* to the file.
* @see java.lang.SecurityManager#checkRead(java.lang.String)
*/
public FileInputStream(String name) throws FileNotFoundException {
this(name != null ? new File(name) : null);
@ -126,11 +117,6 @@ public class FileInputStream extends InputStream
* A new {@code FileDescriptor} object
* is created to represent this file connection.
* <p>
* First, if there is a security manager,
* its {@code checkRead} method is called
* with the path represented by the {@code file}
* argument as its argument.
* <p>
* If the named file does not exist, is a directory rather than a regular
* file, or for some other reason cannot be opened for reading then a
* {@code FileNotFoundException} is thrown.
@ -140,10 +126,7 @@ public class FileInputStream extends InputStream
* is a directory rather than a regular file,
* or for some other reason cannot be opened for
* reading.
* @throws SecurityException if a security manager exists and its
* {@code checkRead} method denies read access to the file.
* @see java.io.File#getPath()
* @see java.lang.SecurityManager#checkRead(java.lang.String)
*/
@SuppressWarnings("this-escape")
public FileInputStream(File file) throws FileNotFoundException {
@ -171,11 +154,6 @@ public class FileInputStream extends InputStream
* {@code fdObj}, which represents an existing connection to an
* actual file in the file system.
* <p>
* If there is a security manager, its {@code checkRead} method is
* called with the file descriptor {@code fdObj} as its argument to
* see if it's ok to read the file descriptor. If read access is denied
* to the file descriptor a {@code SecurityException} is thrown.
* <p>
* If {@code fdObj} is null then a {@code NullPointerException}
* is thrown.
* <p>
@ -185,10 +163,6 @@ public class FileInputStream extends InputStream
* I/O on the stream, an {@code IOException} is thrown.
*
* @param fdObj the file descriptor to be opened for reading.
* @throws SecurityException if a security manager exists and its
* {@code checkRead} method denies read access to the
* file descriptor.
* @see SecurityManager#checkRead(java.io.FileDescriptor)
*/
@SuppressWarnings("this-escape")
public FileInputStream(FileDescriptor fdObj) {

40
src/java.base/share/classes/java/io/FileOutputStream.java
View File

@ -103,9 +103,6 @@ public class FileOutputStream extends OutputStream
* A new {@code FileDescriptor} object is
* created to represent this file connection.
* <p>
* First, if there is a security manager, its {@code checkWrite}
* method is called with {@code name} as its argument.
* <p>
* If the file exists but is a directory rather than a regular file, does
* not exist but cannot be created, or cannot be opened for any other
* reason then a {@code FileNotFoundException} is thrown.
@ -118,10 +115,6 @@ public class FileOutputStream extends OutputStream
* @throws FileNotFoundException if the file exists but is a directory
* rather than a regular file, does not exist but cannot
* be created, or cannot be opened for any other reason
* @throws SecurityException if a security manager exists and its
* {@code checkWrite} method denies write access
* to the file.
* @see java.lang.SecurityManager#checkWrite(java.lang.String)
*/
public FileOutputStream(String name) throws FileNotFoundException {
this(name != null ? new File(name) : null, false);
@ -137,9 +130,6 @@ public class FileOutputStream extends OutputStream
* A new {@code FileDescriptor} object is created to represent this
* file connection.
* <p>
* First, if there is a security manager, its {@code checkWrite}
* method is called with {@code name} as its argument.
* <p>
* If the file exists but is a directory rather than a regular file, does
* not exist but cannot be created, or cannot be opened for any other
* reason then a {@code FileNotFoundException} is thrown.
@ -150,10 +140,6 @@ public class FileOutputStream extends OutputStream
* @throws FileNotFoundException if the file exists but is a directory
* rather than a regular file, does not exist but cannot
* be created, or cannot be opened for any other reason.
* @throws SecurityException if a security manager exists and its
* {@code checkWrite} method denies write access
* to the file.
* @see java.lang.SecurityManager#checkWrite(java.lang.String)
* @since 1.1
*/
public FileOutputStream(String name, boolean append)
@ -171,10 +157,6 @@ public class FileOutputStream extends OutputStream
* A new {@code FileDescriptor} object is
* created to represent this file connection.
* <p>
* First, if there is a security manager, its {@code checkWrite}
* method is called with the path represented by the {@code file}
* argument as its argument.
* <p>
* If the file exists but is a directory rather than a regular file, does
* not exist but cannot be created, or cannot be opened for any other
* reason then a {@code FileNotFoundException} is thrown.
@ -183,12 +165,7 @@ public class FileOutputStream extends OutputStream
* @throws FileNotFoundException if the file exists but is a directory
* rather than a regular file, does not exist but cannot
* be created, or cannot be opened for any other reason
* @throws SecurityException if a security manager exists and its
* {@code checkWrite} method denies write access
* to the file.
* @see java.io.File#getPath()
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkWrite(java.lang.String)
*/
public FileOutputStream(File file) throws FileNotFoundException {
this(file, false);
@ -205,10 +182,6 @@ public class FileOutputStream extends OutputStream
* A new {@code FileDescriptor} object is created to represent this
* file connection.
* <p>
* First, if there is a security manager, its {@code checkWrite}
* method is called with the path represented by the {@code file}
* argument as its argument.
* <p>
* If the file exists but is a directory rather than a regular file, does
* not exist but cannot be created, or cannot be opened for any other
* reason then a {@code FileNotFoundException} is thrown.
@ -219,12 +192,7 @@ public class FileOutputStream extends OutputStream
* @throws FileNotFoundException if the file exists but is a directory
* rather than a regular file, does not exist but cannot
* be created, or cannot be opened for any other reason
* @throws SecurityException if a security manager exists and its
* {@code checkWrite} method denies write access
* to the file.
* @see java.io.File#getPath()
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkWrite(java.lang.String)
* @since 1.4
*/
@SuppressWarnings("this-escape")
@ -256,10 +224,6 @@ public class FileOutputStream extends OutputStream
* descriptor, which represents an existing connection to an actual
* file in the file system.
* <p>
* First, if there is a security manager, its {@code checkWrite}
* method is called with the file descriptor {@code fdObj}
* argument as its argument.
* <p>
* If {@code fdObj} is null then a {@code NullPointerException}
* is thrown.
* <p>
@ -269,10 +233,6 @@ public class FileOutputStream extends OutputStream
* I/O on the stream, an {@code IOException} is thrown.
*
* @param fdObj the file descriptor to be opened for writing
* @throws SecurityException if a security manager exists and its
* {@code checkWrite} method denies
* write access to the file descriptor
* @see java.lang.SecurityManager#checkWrite(java.io.FileDescriptor)
*/
@SuppressWarnings("this-escape")
public FileOutputStream(FileDescriptor fdObj) {

38
src/java.base/share/classes/java/io/FilePermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -61,39 +61,15 @@ import sun.security.util.SecurityConstants;
* (recursively) all files and subdirectories contained in the current
* directory.
* <P>
* The actions to be granted are passed to the constructor in a string containing
* The actions are passed to the constructor in a string containing
* a list of one or more comma-separated keywords. The possible keywords are
* "read", "write", "execute", "delete", and "readlink". Their meaning is
* defined as follows:
*
* <DL>
* <DT> read <DD> read permission
* <DT> write <DD> write permission
* <DT> execute
* <DD> execute permission. Allows {@code Runtime.exec} to
* be called. Corresponds to {@code SecurityManager.checkExec}.
* <DT> delete
* <DD> delete permission. Allows {@code File.delete} to
* be called. Corresponds to {@code SecurityManager.checkDelete}.
* <DT> readlink
* <DD> read link permission. Allows the target of a
* <a href="../nio/file/package-summary.html#links">symbolic link</a>
* to be read by invoking the {@link java.nio.file.Files#readSymbolicLink
* readSymbolicLink } method.
* </DL>
* "read", "write", "execute", "delete", and "readlink".
* <P>
* The actions string is converted to lowercase before processing.
* <P>
* Be careful when granting FilePermissions. Think about the implications
* of granting read and especially write access to various files and
* directories. The {@literal "<<ALL FILES>>"} permission with write action is
* especially dangerous. This grants permission to write to the entire
* file system. One thing this effectively allows is replacement of the
* system binary, including the JVM runtime environment.
* <P>
* Please note: Code can always read a file from the same
* directory it's in (or a subdirectory of that directory); it does not
* need explicit permission to do so.
*
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @see java.security.Permission
* @see java.security.Permissions

4
src/java.base/share/classes/java/io/ObjectInputFilter.java
View File

@ -728,8 +728,6 @@ public interface ObjectInputFilter {
* Set the static JVM-wide filter if it has not already been configured or set.
*
* @param filter the deserialization filter to set as the JVM-wide filter; not null
* @throws SecurityException if there is security manager and the
* {@code SerializablePermission("serialFilter")} is not granted
* @throws IllegalStateException if the filter has already been set or the initialization
* of the filter from the system property {@code jdk.serialFilter} or
* the security property {@code jdk.serialFilter} fails.
@ -829,8 +827,6 @@ public interface ObjectInputFilter {
* @throws IllegalStateException if the builtin deserialization filter factory
* has already been replaced or any instance of {@link ObjectInputStream}
* has been created.
* @throws SecurityException if there is security manager and the
* {@code SerializablePermission("serialFilter")} is not granted
* @since 17
*/
public static void setSerialFilterFactory(BinaryOperator<ObjectInputFilter> filterFactory) {

45
src/java.base/share/classes/java/io/ObjectInputStream.java
View File

@ -374,17 +374,9 @@ public class ObjectInputStream
* When the filter factory {@code apply} method is invoked it may throw a runtime exception
* preventing the {@code ObjectInputStream} from being constructed.
*
* <p>If a security manager is installed, this constructor will check for
* the "enableSubclassImplementation" SerializablePermission when invoked
* directly or indirectly by the constructor of a subclass which overrides
* the ObjectInputStream.readFields or ObjectInputStream.readUnshared
* methods.
*
* @param in input stream to read from
* @throws StreamCorruptedException if the stream header is incorrect
* @throws IOException if an I/O error occurs while reading stream header
* @throws SecurityException if untrusted subclass illegally overrides
* security-sensitive methods
* @throws IllegalStateException if the initialization of {@link ObjectInputFilter.Config}
* fails due to invalid serial filter or serial filter factory properties.
* @throws NullPointerException if {@code in} is {@code null}
@ -419,21 +411,11 @@ public class ObjectInputStream
* When the filter factory {@code apply} method is invoked it may throw a runtime exception
* preventing the {@code ObjectInputStream} from being constructed.
*
* <p>If there is a security manager installed, this method first calls the
* security manager's {@code checkPermission} method with the
* {@code SerializablePermission("enableSubclassImplementation")}
* permission to ensure it's ok to enable subclassing.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies enabling
* subclassing.
* @throws IOException if an I/O error occurs while creating this stream
* @throws IllegalStateException if the initialization of {@link ObjectInputFilter.Config}
* fails due to invalid serial filter or serial filter factory properties.
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
protected ObjectInputStream() throws IOException, SecurityException {
protected ObjectInputStream() throws IOException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -599,12 +581,6 @@ public class ObjectInputStream
* each object (regular or class) read to reconstruct the root object.
* See {@link #setObjectInputFilter(ObjectInputFilter) setObjectInputFilter} for details.
*
* <p>ObjectInputStream subclasses which override this method can only be
* constructed in security contexts possessing the
* "enableSubclassImplementation" SerializablePermission; any attempt to
* instantiate such a subclass without this permission will cause a
* SecurityException to be thrown.
*
* @return reference to deserialized object
* @throws ClassNotFoundException if class of an object to deserialize
* cannot be found
@ -923,26 +899,11 @@ public class ObjectInputStream
* enabled, the {@link #resolveObject} method is called for every object being
* deserialized.
*
* <p>If object replacement is currently not enabled, and
* {@code enable} is true, and there is a security manager installed,
* this method first calls the security manager's
* {@code checkPermission} method with the
* {@code SerializablePermission("enableSubstitution")} permission to
* ensure that the caller is permitted to enable the stream to do replacement
* of objects read from the stream.
*
* @param enable true for enabling use of {@code resolveObject} for
* every object being deserialized
* @return the previous setting before this method was invoked
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies enabling the stream
* to do replacement of objects read from the stream.
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
protected boolean enableResolveObject(boolean enable)
throws SecurityException
{
protected boolean enableResolveObject(boolean enable) {
if (enable == enableResolve) {
return enable;
}
@ -1341,8 +1302,6 @@ public class ObjectInputStream
* is increased before reading an object.
*
* @param filter the filter, may be null
* @throws SecurityException if there is security manager and the
* {@code SerializablePermission("serialFilter")} is not granted
* @throws IllegalStateException if an object has been read,
* if the filter factory returns {@code null} when the
* {@linkplain #getObjectInputFilter() current filter} is non-null, or

43
src/java.base/share/classes/java/io/ObjectOutputStream.java
View File

@ -237,16 +237,8 @@ public class ObjectOutputStream
* ensure that constructors for receiving ObjectInputStreams will not block
* when reading the header.
*
* <p>If a security manager is installed, this constructor will check for
* the "enableSubclassImplementation" SerializablePermission when invoked
* directly or indirectly by the constructor of a subclass which overrides
* the ObjectOutputStream.putFields or ObjectOutputStream.writeUnshared
* methods.
*
* @param out output stream to write to
* @throws IOException if an I/O error occurs while writing stream header
* @throws SecurityException if untrusted subclass illegally overrides
* security-sensitive methods
* @throws NullPointerException if {@code out} is {@code null}
* @since 1.4
* @see ObjectOutputStream#ObjectOutputStream()
@ -274,19 +266,9 @@ public class ObjectOutputStream
* ObjectOutputStream to not have to allocate private data just used by
* this implementation of ObjectOutputStream.
*
* <p>If there is a security manager installed, this method first calls the
* security manager's {@code checkPermission} method with a
* {@code SerializablePermission("enableSubclassImplementation")}
* permission to ensure it's ok to enable subclassing.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies enabling
* subclassing.
* @throws IOException if an I/O error occurs while creating this stream
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
protected ObjectOutputStream() throws IOException, SecurityException {
protected ObjectOutputStream() throws IOException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -414,12 +396,6 @@ public class ObjectOutputStream
* writeUnshared, and not to any transitively referenced sub-objects in the
* object graph to be serialized.
*
* <p>ObjectOutputStream subclasses which override this method can only be
* constructed in security contexts possessing the
* "enableSubclassImplementation" SerializablePermission; any attempt to
* instantiate such a subclass without this permission will cause a
* SecurityException to be thrown.
*
* @param obj object to write to stream
* @throws NotSerializableException if an object in the graph to be
* serialized does not implement the Serializable interface
@ -611,26 +587,11 @@ public class ObjectOutputStream
* enabled, the {@link #replaceObject} method is called for every object being
* serialized.
*
* <p>If object replacement is currently not enabled, and
* {@code enable} is true, and there is a security manager installed,
* this method first calls the security manager's
* {@code checkPermission} method with the
* {@code SerializablePermission("enableSubstitution")} permission to
* ensure that the caller is permitted to enable the stream to do replacement
* of objects written to the stream.
*
* @param enable true for enabling use of {@code replaceObject} for
* every object being serialized
* @return the previous setting before this method was invoked
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies enabling the stream
* to do replacement of objects written to the stream.
* @see SecurityManager#checkPermission
* @see java.io.SerializablePermission
*/
protected boolean enableReplaceObject(boolean enable)
throws SecurityException
{
protected boolean enableReplaceObject(boolean enable) {
if (enable == enableReplace) {
return enable;
}

28
src/java.base/share/classes/java/io/PrintStream.java
View File

@ -249,10 +249,6 @@ public class PrintStream extends FilterOutputStream
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(fileName)} denies write
* access to the file
* @see Charset#defaultCharset()
*
* @since 1.5
@ -284,11 +280,6 @@ public class PrintStream extends FilterOutputStream
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(fileName)} denies write
* access to the file
*
* @throws UnsupportedEncodingException
* If the named charset is not supported
*
@ -320,11 +311,6 @@ public class PrintStream extends FilterOutputStream
* @throws IOException
* if an I/O error occurs while opening or creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(fileName)} denies write
* access to the file
*
* @since 10
*/
public PrintStream(String fileName, Charset charset) throws IOException {
@ -351,10 +337,6 @@ public class PrintStream extends FilterOutputStream
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(file.getPath())}
* denies write access to the file
* @see Charset#defaultCharset()
*
* @since 1.5
@ -386,11 +368,6 @@ public class PrintStream extends FilterOutputStream
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(file.getPath())}
* denies write access to the file
*
* @throws UnsupportedEncodingException
* If the named charset is not supported
*
@ -423,11 +400,6 @@ public class PrintStream extends FilterOutputStream
* @throws IOException
* if an I/O error occurs while opening or creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(file.getPath())}
* denies write access to the file
*
* @since 10
*/
public PrintStream(File file, Charset charset) throws IOException {

28
src/java.base/share/classes/java/io/PrintWriter.java
View File

@ -195,10 +195,6 @@ public class PrintWriter extends Writer {
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(fileName)} denies write
* access to the file
* @see Charset#defaultCharset()
*
* @since 1.5
@ -247,11 +243,6 @@ public class PrintWriter extends Writer {
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(fileName)} denies write
* access to the file
*
* @throws UnsupportedEncodingException
* If the named charset is not supported
*
@ -282,11 +273,6 @@ public class PrintWriter extends Writer {
* @throws IOException
* if an I/O error occurs while opening or creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(fileName)} denies write
* access to the file
*
* @since 10
*/
public PrintWriter(String fileName, Charset charset) throws IOException {
@ -313,10 +299,6 @@ public class PrintWriter extends Writer {
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(file.getPath())}
* denies write access to the file
* @see Charset#defaultCharset()
*
* @since 1.5
@ -348,11 +330,6 @@ public class PrintWriter extends Writer {
* created, or if some other error occurs while opening or
* creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(file.getPath())}
* denies write access to the file
*
* @throws UnsupportedEncodingException
* If the named charset is not supported
*
@ -383,11 +360,6 @@ public class PrintWriter extends Writer {
* @throws IOException
* if an I/O error occurs while opening or creating the file
*
* @throws SecurityException
* If a security manager is present and {@link
* SecurityManager#checkWrite checkWrite(file.getPath())}
* denies write access to the file
*
* @since 10
*/
public PrintWriter(File file, Charset charset) throws IOException {

29
src/java.base/share/classes/java/io/RandomAccessFile.java
View File

@ -114,15 +114,6 @@ public class RandomAccessFile implements DataOutput, DataInput, Closeable {
* specified for the <a
* href="#mode">{@code RandomAccessFile(File,String)}</a> constructor.
*
* <p>
* If there is a security manager, its {@code checkRead} method
* is called with the {@code pathname} argument
* as its argument to see if read access to the file is allowed.
* If the mode allows writing, the security manager's
* {@code checkWrite} method
* is also called with the {@code pathname} argument
* as its argument to see if write access to the file is allowed.
*
* @param pathname the system-dependent pathname string
* @param mode the access <a href="#mode">mode</a>
* @throws IllegalArgumentException if the mode argument is not equal
@ -135,13 +126,6 @@ public class RandomAccessFile implements DataOutput, DataInput, Closeable {
* existing, writable regular file and a new regular file of
* that pathname cannot be created, or if some other error
* occurs while opening or creating the file
* @throws SecurityException if a security manager exists and its
* {@code checkRead} method denies read access to the file
* or the mode is {@code "rw"} and the security manager's
* {@code checkWrite} method denies write access to the file
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkRead(java.lang.String)
* @see java.lang.SecurityManager#checkWrite(java.lang.String)
*/
public RandomAccessFile(String pathname, String mode)
throws FileNotFoundException
@ -205,13 +189,6 @@ public class RandomAccessFile implements DataOutput, DataInput, Closeable {
* updates to both the file's content and its metadata to be written, which
* generally requires at least one more low-level I/O operation.
*
* <p>If there is a security manager, its {@code checkRead} method is
* called with the pathname of the {@code file} argument as its
* argument to see if read access to the file is allowed. If the mode
* allows writing, the security manager's {@code checkWrite} method is
* also called with the pathname of the {@code file} argument to see if
* write access to the file is allowed.
*
* @param file the file object
* @param mode the access mode, as described
* <a href="#mode">above</a>
@ -225,12 +202,6 @@ public class RandomAccessFile implements DataOutput, DataInput, Closeable {
* an existing, writable regular file and a new regular file of
* that pathname cannot be created, or if some other error
* occurs while opening or creating the file
* @throws SecurityException if a security manager exists and its
* {@code checkRead} method denies read access to the file
* or the mode is {@code "rw"} and the security manager's
* {@code checkWrite} method denies write access to the file
* @see java.lang.SecurityManager#checkRead(java.lang.String)
* @see java.lang.SecurityManager#checkWrite(java.lang.String)
* @see java.nio.channels.FileChannel#force(boolean)
*/
@SuppressWarnings("this-escape")

55
src/java.base/share/classes/java/io/SerializablePermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -36,55 +36,9 @@ import java.util.StringTokenizer;
* no actions list; you either have the named permission
* or you don't.
*
* <P>
* The target name is the name of the Serializable permission (see below).
*
* <P>
* The following table lists the standard {@code SerializablePermission} target names,
* and for each provides a description of what the permission allows
* and a discussion of the risks of granting code the permission.
*
* <table class="striped">
* <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption>
* <thead>
* <tr>
* <th scope="col">Permission Target Name</th>
* <th scope="col">What the Permission Allows</th>
* <th scope="col">Risks of Allowing this Permission</th>
* </tr>
* </thead>
* <tbody>
*
* <tr>
* <th scope="row">enableSubclassImplementation</th>
* <td>Subclass implementation of ObjectOutputStream or ObjectInputStream
* to override the default serialization or deserialization, respectively,
* of objects</td>
* <td>Code can use this to serialize or
* deserialize classes in a purposefully malfeasant manner. For example,
* during serialization, malicious code can use this to
* purposefully store confidential private field data in a way easily accessible
* to attackers. Or, during deserialization it could, for example, deserialize
* a class with all its private fields zeroed out.</td>
* </tr>
*
* <tr>
* <th scope="row">enableSubstitution</th>
* <td>Substitution of one object for another during
* serialization or deserialization</td>
* <td>This is dangerous because malicious code
* can replace the actual object with one which has incorrect or
* malignant data.</td>
* </tr>
*
* <tr>
* <th scope="row">serialFilter</th>
* <td>Setting a filter for ObjectInputStreams.</td>
* <td>Code could remove a configured filter and remove protections
* already established.</td>
* </tr>
* </tbody>
* </table>
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @see java.security.BasicPermission
* @see java.security.Permission
@ -92,7 +46,6 @@ import java.util.StringTokenizer;
* @see java.security.PermissionCollection
* @see java.lang.SecurityManager
*
*
* @author Joe Fialli
* @since 1.2
*/

2
src/java.base/share/classes/java/lang/Boolean.java
View File

@ -271,8 +271,6 @@ public final class Boolean implements java.io.Serializable,
*
* @param name the system property name.
* @return the {@code boolean} value of the system property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
*/

385
src/java.base/share/classes/java/lang/Class.java
View File

@ -530,11 +530,6 @@ public final class Class<T> implements java.io.Serializable,
* by this method fails
* @throws ClassNotFoundException if the class cannot be located by
* the specified class loader
* @throws SecurityException
* if a security manager is present, and the {@code loader} is
* {@code null}, and the caller's class loader is not
* {@code null}, and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @see java.lang.Class#forName(String)
* @see java.lang.ClassLoader
@ -610,8 +605,6 @@ public final class Class<T> implements java.io.Serializable,
* a binary name. This method returns {@code null} on failure rather than
* throwing a {@link ClassNotFoundException}, as is done by
* the {@link #forName(String, boolean, ClassLoader)} method.
* The security check is a stack-based permission check if the caller
* loads a class in another module.
*
* @param module A module
* @param name The {@linkplain ClassLoader##binary-name binary name}
@ -623,16 +616,6 @@ public final class Class<T> implements java.io.Serializable,
*
* @throws LinkageError if the linkage fails
*
* @throws SecurityException
* <ul>
* <li> if the caller is not the specified module and
* {@code RuntimePermission("getClassLoader")} permission is denied; or</li>
* <li> access to the module content is denied. For example,
* permission check will be performed when a class loader calls
* {@link ModuleReader#open(String)} to read the bytes of a class file
* in a module.</li>
* </ul>
*
* @jls 12.2 Loading of Classes and Interfaces
* @jls 12.3 Linking of Classes and Interfaces
* @since 9
@ -756,13 +739,6 @@ public final class Class<T> implements java.io.Serializable,
* or if the instantiation fails for some other reason.
* @throws ExceptionInInitializerError if the initialization
* provoked by this method fails.
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*/
@SuppressWarnings("removal")
@CallerSensitive
@ -1057,15 +1033,7 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the class loader that loaded the class or interface
* represented by this {@code Class} object.
* @throws SecurityException
* if a security manager is present, and the caller's class loader
* is not {@code null} and is not the same as or an ancestor of the
* class loader for the class whose class loader is requested,
* and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
* @see java.lang.ClassLoader
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*/
@CallerSensitive
@ForceInline // to ensure Reflection.getCallerClass optimization
@ -1541,30 +1509,10 @@ public final class Class<T> implements java.io.Serializable,
* @return the immediately enclosing method of the underlying class, if
* that class is a local or anonymous class; otherwise {@code null}.
*
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of the enclosing class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the methods within the enclosing class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the enclosing class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of the enclosing class
*
* </ul>
* @since 1.5
*/
@CallerSensitive
public Method getEnclosingMethod() throws SecurityException {
public Method getEnclosingMethod() {
EnclosingMethodInfo enclosingInfo = getEnclosingMethodInfo();
if (enclosingInfo == null)
@ -1697,30 +1645,11 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the immediately enclosing constructor of the underlying class, if
* that class is a local or anonymous class; otherwise {@code null}.
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of the enclosing class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the constructors within the enclosing class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the enclosing class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of the enclosing class
*
* </ul>
* @since 1.5
*/
@CallerSensitive
public Constructor<?> getEnclosingConstructor() throws SecurityException {
public Constructor<?> getEnclosingConstructor() {
EnclosingMethodInfo enclosingInfo = getEnclosingMethodInfo();
if (enclosingInfo == null)
@ -1777,16 +1706,10 @@ public final class Class<T> implements java.io.Serializable,
* type, or void, then this method returns null.
*
* @return the declaring class for this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and the caller's
* class loader is not the same as or an ancestor of the class
* loader for the declaring class and invocation of {@link
* SecurityManager#checkPackageAccess s.checkPackageAccess()}
* denies access to the package of the declaring class
* @since 1.1
*/
@CallerSensitive
public Class<?> getDeclaringClass() throws SecurityException {
public Class<?> getDeclaringClass() {
final Class<?> candidate = getDeclaringClass0();
if (candidate != null) {
@ -1808,16 +1731,10 @@ public final class Class<T> implements java.io.Serializable,
* class. If the underlying class is a top level class this
* method returns {@code null}.
* @return the immediately enclosing class of the underlying class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and the caller's
* class loader is not the same as or an ancestor of the class
* loader for the enclosing class and invocation of {@link
* SecurityManager#checkPackageAccess s.checkPackageAccess()}
* denies access to the package of the enclosing class
* @since 1.5
*/
@CallerSensitive
public Class<?> getEnclosingClass() throws SecurityException {
public Class<?> getEnclosingClass() {
// There are five kinds of classes (or interfaces):
// a) Top level classes
// b) Nested classes (static member classes)
@ -2072,14 +1989,6 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Class} objects representing the public
* members of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @since 1.1
*/
@SuppressWarnings("removal")
@ -2140,20 +2049,13 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Field} objects representing the
* public fields
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @since 1.1
* @jls 8.2 Class Members
* @jls 8.3 Field Declarations
*/
@CallerSensitive
public Field[] getFields() throws SecurityException {
public Field[] getFields() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2231,20 +2133,13 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Method} objects representing the
* public methods of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @jls 8.2 Class Members
* @jls 8.4 Method Declarations
* @since 1.1
*/
@CallerSensitive
public Method[] getMethods() throws SecurityException {
public Method[] getMethods() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2274,19 +2169,12 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Constructor} objects representing the
* public constructors of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @see #getDeclaredConstructors()
* @since 1.1
*/
@CallerSensitive
public Constructor<?>[] getConstructors() throws SecurityException {
public Constructor<?>[] getConstructors() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2326,21 +2214,13 @@ public final class Class<T> implements java.io.Serializable,
* @throws NoSuchFieldException if a field with the specified name is
* not found.
* @throws NullPointerException if {@code name} is {@code null}
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @since 1.1
* @jls 8.2 Class Members
* @jls 8.3 Field Declarations
*/
@CallerSensitive
public Field getField(String name)
throws NoSuchFieldException, SecurityException {
public Field getField(String name) throws NoSuchFieldException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
@ -2437,13 +2317,6 @@ public final class Class<T> implements java.io.Serializable,
* or if the name is {@value ConstantDescs#INIT_NAME} or
* {@value ConstantDescs#CLASS_INIT_NAME}.
* @throws NullPointerException if {@code name} is {@code null}
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @jls 8.2 Class Members
* @jls 8.4 Method Declarations
@ -2451,7 +2324,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Method getMethod(String name, Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException {
throws NoSuchMethodException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
@ -2486,21 +2359,13 @@ public final class Class<T> implements java.io.Serializable,
* @throws NoSuchMethodException if a matching constructor is not found,
* including when this {@code Class} object represents
* an interface, a primitive type, an array class, or void.
* @throws SecurityException
* If a security manager, <i>s</i>, is present and
* the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class.
*
* @see #getDeclaredConstructor(Class<?>[])
* @see #getDeclaredConstructor(Class[])
* @since 1.1
*/
@CallerSensitive
public Constructor<T> getConstructor(Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException
{
throws NoSuchMethodException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2523,32 +2388,12 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Class} objects representing all the
* declared members of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared classes within this class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @since 1.1
* @jls 8.5 Member Class and Interface Declarations
*/
@CallerSensitive
public Class<?>[] getDeclaredClasses() throws SecurityException {
public Class<?>[] getDeclaredClasses() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2575,33 +2420,13 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Field} objects representing all the
* declared fields of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared fields within this class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @since 1.1
* @jls 8.2 Class Members
* @jls 8.3 Field Declarations
*/
@CallerSensitive
public Field[] getDeclaredFields() throws SecurityException {
public Field[] getDeclaredFields() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2638,26 +2463,6 @@ public final class Class<T> implements java.io.Serializable,
* @return An array of {@code RecordComponent} objects representing all the
* record components of this record class, or {@code null} if this
* class is not a record class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared methods within this class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @jls 8.10 Record Classes
* @since 16
@ -2706,26 +2511,6 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Method} objects representing all the
* declared methods of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared methods within this class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @jls 8.2 Class Members
* @jls 8.4 Method Declarations
@ -2735,7 +2520,7 @@ public final class Class<T> implements java.io.Serializable,
* @since 1.1
*/
@CallerSensitive
public Method[] getDeclaredMethods() throws SecurityException {
public Method[] getDeclaredMethods() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2760,33 +2545,13 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the array of {@code Constructor} objects representing all the
* declared constructors of this class
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared constructors within this class
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @since 1.1
* @see #getConstructors()
* @jls 8.8 Constructor Declarations
*/
@CallerSensitive
public Constructor<?>[] getDeclaredConstructors() throws SecurityException {
public Constructor<?>[] getDeclaredConstructors() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -2811,34 +2576,13 @@ public final class Class<T> implements java.io.Serializable,
* @throws NoSuchFieldException if a field with the specified name is
* not found.
* @throws NullPointerException if {@code name} is {@code null}
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared field
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @since 1.1
* @jls 8.2 Class Members
* @jls 8.3 Field Declarations
*/
@CallerSensitive
public Field getDeclaredField(String name)
throws NoSuchFieldException, SecurityException {
public Field getDeclaredField(String name) throws NoSuchFieldException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
@ -2877,26 +2621,6 @@ public final class Class<T> implements java.io.Serializable,
* matching the specified name and parameters
* @throws NoSuchMethodException if a matching method is not found.
* @throws NullPointerException if {@code name} is {@code null}
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared method
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @jls 8.2 Class Members
* @jls 8.4 Method Declarations
@ -2904,7 +2628,7 @@ public final class Class<T> implements java.io.Serializable,
*/
@CallerSensitive
public Method getDeclaredMethod(String name, Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException {
throws NoSuchMethodException {
Objects.requireNonNull(name);
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
@ -2975,34 +2699,13 @@ public final class Class<T> implements java.io.Serializable,
* @throws NoSuchMethodException if a matching constructor is not found,
* including when this {@code Class} object represents
* an interface, a primitive type, an array class, or void.
* @throws SecurityException
* If a security manager, <i>s</i>, is present and any of the
* following conditions is met:
*
* <ul>
*
* <li> the caller's class loader is not the same as the
* class loader of this class and invocation of
* {@link SecurityManager#checkPermission
* s.checkPermission} method with
* {@code RuntimePermission("accessDeclaredMembers")}
* denies access to the declared constructor
*
* <li> the caller's class loader is not the same as or an
* ancestor of the class loader for the current class and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the package
* of this class
*
* </ul>
*
* @see #getConstructor(Class<?>[])
* @see #getConstructor(Class[])
* @since 1.1
*/
@CallerSensitive
public Constructor<T> getDeclaredConstructor(Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException
{
throws NoSuchMethodException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
@ -3058,10 +2761,9 @@ public final class Class<T> implements java.io.Serializable,
*
* @param name name of the desired resource
* @return A {@link java.io.InputStream} object; {@code null} if no
* resource with this name is found, the resource is in a package
* resource with this name is found, or the resource is in a package
* that is not {@linkplain Module#isOpen(String, Module) open} to at
* least the caller module, or access to the resource is denied
* by the security manager.
* least the caller module.
* @throws NullPointerException If {@code name} is {@code null}
*
* @see Module#getResourceAsStream(String)
@ -3154,11 +2856,10 @@ public final class Class<T> implements java.io.Serializable,
*
* @param name name of the desired resource
* @return A {@link java.net.URL} object; {@code null} if no resource with
* this name is found, the resource cannot be located by a URL, the
* this name is found, the resource cannot be located by a URL, or the
* resource is in a package that is not
* {@linkplain Module#isOpen(String, Module) open} to at least the caller
* module, or access to the resource is denied by the security
* manager.
* module.
* @throws NullPointerException If {@code name} is {@code null}
* @since 1.1
*/
@ -3224,23 +2925,11 @@ public final class Class<T> implements java.io.Serializable,
}
/**
* Returns the {@code ProtectionDomain} of this class. If there is a
* security manager installed, this method first calls the security
* manager's {@code checkPermission} method with a
* {@code RuntimePermission("getProtectionDomain")} permission to
* ensure it's ok to get the
* {@code ProtectionDomain}.
* Returns the {@code ProtectionDomain} of this class.
*
* @return the ProtectionDomain of this class
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* getting the ProtectionDomain.
*
* @see java.security.ProtectionDomain
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
* @since 1.2
*/
public ProtectionDomain getProtectionDomain() {
@ -4466,13 +4155,6 @@ public final class Class<T> implements java.io.Serializable,
*
* @return the nest host of this class or interface
*
* @throws SecurityException
* If the returned class is not the current class, and
* if a security manager, <i>s</i>, is present and the caller's
* class loader is not the same as or an ancestor of the class
* loader for the returned class and invocation of {@link
* SecurityManager#checkPackageAccess s.checkPackageAccess()}
* denies access to the package of the returned class
* @since 11
* @jvms 4.7.28 The {@code NestHost} Attribute
* @jvms 4.7.29 The {@code NestMembers} Attribute
@ -4557,14 +4239,6 @@ public final class Class<T> implements java.io.Serializable,
* @return an array of all classes and interfaces in the same nest as
* this class or interface
*
* @throws SecurityException
* If any returned class is not the current class, and
* if a security manager, <i>s</i>, is present and the caller's
* class loader is not the same as or an ancestor of the class
* loader for that returned class and invocation of {@link
* SecurityManager#checkPackageAccess s.checkPackageAccess()}
* denies access to the package of that returned class
*
* @since 11
* @see #getNestHost()
* @jvms 4.7.28 The {@code NestHost} Attribute
@ -4751,15 +4425,8 @@ public final class Class<T> implements java.io.Serializable,
* cannot be obtained, it is silently ignored, and not included in the result
* array.
*
* @return an array of {@code Class} objects of the permitted subclasses of this class or interface,
* or {@code null} if this class or interface is not sealed.
*
* @throws SecurityException
* If a security manager, <i>s</i>, is present and the caller's
* class loader is not the same as or an ancestor of the class
* loader for that returned class and invocation of {@link
* SecurityManager#checkPackageAccess s.checkPackageAccess()}
* denies access to the package of any class in the returned array.
* @return an array of {@code Class} objects of the permitted subclasses of this class
* or interface, or {@code null} if this class or interface is not sealed.
*
* @jls 8.1 Class Declarations
* @jls 9.1 Interface Declarations

128
src/java.base/share/classes/java/lang/ClassLoader.java
View File

@ -33,10 +33,7 @@ import java.io.File;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.net.URL;
import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.CodeSource;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.ArrayList;
@ -67,7 +64,6 @@ import jdk.internal.reflect.CallerSensitive;
import jdk.internal.reflect.CallerSensitiveAdapter;
import jdk.internal.reflect.Reflection;
import jdk.internal.util.StaticProperty;
import sun.reflect.misc.ReflectUtil;
import sun.security.util.SecurityConstants;
/**
@ -93,9 +89,6 @@ import sun.security.util.SecurityConstants;
* extend the manner in which the Java virtual machine dynamically loads
* classes.
*
* <p> Class loaders may typically be used by security managers to indicate
* security domains.
*
* <p> In addition to loading classes, a class loader is also responsible for
* locating resources. A resource is some data (a "{@code .class}" file,
* configuration data, or an image for example) that is identified with an
@ -424,11 +417,6 @@ public abstract class ClassLoader {
*
* @throws IllegalArgumentException if the given name is empty.
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkCreateClassLoader()}
* method doesn't allow creation of a new class loader.
*
* @since 9
*/
@SuppressWarnings("this-escape")
@ -440,10 +428,6 @@ public abstract class ClassLoader {
* Creates a new class loader using the specified parent class loader for
* delegation.
*
* <p> If there is a security manager, its {@link
* SecurityManager#checkCreateClassLoader() checkCreateClassLoader} method
* is invoked. This may result in a security exception. </p>
*
* @apiNote If the parent is specified as {@code null} (for the
* bootstrap class loader) then there is no guarantee that all platform
* classes are visible.
@ -451,11 +435,6 @@ public abstract class ClassLoader {
* @param parent
* The parent class loader
*
* @throws SecurityException
* If a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow creation
* of a new class loader.
*
* @since 1.2
*/
@SuppressWarnings("this-escape")
@ -467,16 +446,6 @@ public abstract class ClassLoader {
* Creates a new class loader using the {@code ClassLoader} returned by
* the method {@link #getSystemClassLoader()
* getSystemClassLoader()} as the parent class loader.
*
* <p> If there is a security manager, its {@link
* SecurityManager#checkCreateClassLoader()
* checkCreateClassLoader} method is invoked. This may result in
* a security exception. </p>
*
* @throws SecurityException
* If a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow creation
* of a new class loader.
*/
@SuppressWarnings("this-escape")
protected ClassLoader() {
@ -688,30 +657,6 @@ public abstract class ClassLoader {
return lock;
}
// Invoked by the VM after loading class with this loader.
@SuppressWarnings("removal")
private void checkPackageAccess(Class<?> cls, ProtectionDomain pd) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (ReflectUtil.isNonPublicProxyClass(cls)) {
for (Class<?> intf: cls.getInterfaces()) {
checkPackageAccess(intf, pd);
}
return;
}
final String packageName = cls.getPackageName();
if (!packageName.isEmpty()) {
AccessController.doPrivileged(new PrivilegedAction<>() {
public Void run() {
sm.checkPackageAccess(packageName);
return null;
}
}, new AccessControlContext(new ProtectionDomain[] {pd}));
}
}
}
/**
* Finds the class with the specified <a href="#binary-name">binary name</a>.
* This method should be overridden by class loader implementations that
@ -823,12 +768,10 @@ public abstract class ClassLoader {
* Before the {@code Class} can be used it must be resolved.
*
* <p> This method assigns a default {@link java.security.ProtectionDomain
* ProtectionDomain} to the newly defined class. The
* {@code ProtectionDomain} is effectively granted the same set of
* permissions returned when {@link
* java.security.Policy#getPermissions(java.security.CodeSource)
* Policy.getPolicy().getPermissions(new CodeSource(null, null))}
* is invoked. The default protection domain is created on the first invocation
* ProtectionDomain} to the newly defined class. The
* {@code getPermissions} method of the {@code ProtectionDomain} always
* returns {@code null}.
* The default protection domain is created on the first invocation
* of {@link #defineClass(String, byte[], int, int) defineClass},
* and re-used on subsequent invocations.
*
@ -1342,8 +1285,7 @@ public abstract class ClassLoader {
* The resource name
*
* @return A URL to the resource; {@code null} if the resource could not be
* found, a URL could not be constructed to locate the resource,
* access to the resource is denied by the security manager, or
* found, a URL could not be constructed to locate the resource, or
* there isn't a module of the given name defined to the class
* loader.
*
@ -1395,9 +1337,8 @@ public abstract class ClassLoader {
*
* @return {@code URL} object for reading the resource; {@code null} if
* the resource could not be found, a {@code URL} could not be
* constructed to locate the resource, the resource is in a package
* that is not opened unconditionally, or access to the resource is
* denied by the security manager.
* constructed to locate the resource, or the resource is in a package
* that is not opened unconditionally.
*
* @throws NullPointerException If {@code name} is {@code null}
*
@ -1457,9 +1398,8 @@ public abstract class ClassLoader {
* @return An enumeration of {@link java.net.URL URL} objects for the
* resource. If no resources could be found, the enumeration will
* be empty. Resources for which a {@code URL} cannot be
* constructed, are in a package that is not opened
* unconditionally, or access to the resource is denied by the
* security manager, are not returned in the enumeration.
* constructed, or are in a package that is not opened
* unconditionally, are not returned in the enumeration.
*
* @throws IOException
* If I/O errors occur
@ -1518,9 +1458,8 @@ public abstract class ClassLoader {
*
* @return A stream of resource {@link java.net.URL URL} objects. If no
* resources could be found, the stream will be empty. Resources
* for which a {@code URL} cannot be constructed, are in a package
* that is not opened unconditionally, or access to the resource
* is denied by the security manager, will not be in the stream.
* for which a {@code URL} cannot be constructed, or are in a package
* that is not opened unconditionally, will not be in the stream.
*
* @throws NullPointerException If {@code name} is {@code null}
*
@ -1558,9 +1497,8 @@ public abstract class ClassLoader {
*
* @return {@code URL} object for reading the resource; {@code null} if
* the resource could not be found, a {@code URL} could not be
* constructed to locate the resource, the resource is in a package
* that is not opened unconditionally, or access to the resource is
* denied by the security manager.
* constructed to locate the resource, or the resource is in a package
* that is not opened unconditionally.
*
* @since 1.2
*/
@ -1589,8 +1527,7 @@ public abstract class ClassLoader {
* @return An enumeration of {@link java.net.URL URL} objects for
* the resource. If no resources could be found, the enumeration
* will be empty. Resources for which a {@code URL} cannot be
* constructed, are in a package that is not opened unconditionally,
* or access to the resource is denied by the security manager,
* constructed, or are in a package that is not opened unconditionally,
* are not returned in the enumeration.
*
* @throws IOException
@ -1676,9 +1613,8 @@ public abstract class ClassLoader {
*
* @return A {@link java.net.URL URL} to the resource; {@code
* null} if the resource could not be found, a URL could not be
* constructed to locate the resource, the resource is in a package
* that is not opened unconditionally or access to the resource is
* denied by the security manager.
* constructed to locate the resource, or the resource is in a package
* that is not opened unconditionally.
*
* @since 1.1
*/
@ -1708,8 +1644,7 @@ public abstract class ClassLoader {
* @return An enumeration of {@link java.net.URL URL} objects for
* the resource. If no resources could be found, the enumeration
* will be empty. Resources for which a {@code URL} cannot be
* constructed, are in a package that is not opened unconditionally,
* or access to the resource is denied by the security manager,
* constructed, or are in a package that is not opened unconditionally,
* are not returned in the enumeration.
*
* @throws IOException
@ -1740,9 +1675,8 @@ public abstract class ClassLoader {
* The resource name
*
* @return An input stream for reading the resource; {@code null} if the
* resource could not be found, the resource is in a package that
* is not opened unconditionally, or access to the resource is
* denied by the security manager.
* resource could not be found, or the resource is in a package that
* is not opened unconditionally.
*
* @throws NullPointerException If {@code name} is {@code null}
*
@ -1774,9 +1708,8 @@ public abstract class ClassLoader {
* The resource name
*
* @return An input stream for reading the resource; {@code null} if the
* resource could not be found, the resource is in a package that
* is not opened unconditionally, or access to the resource is
* denied by the security manager.
* resource could not be found, or the resource is in a package that
* is not opened unconditionally.
*
* @since 1.1
*/
@ -1800,12 +1733,6 @@ public abstract class ClassLoader {
*
* @return The parent {@code ClassLoader}
*
* @throws SecurityException
* If a security manager is present, and the caller's class loader
* is not {@code null} and is not an ancestor of this class loader,
* and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 1.2
*/
@CallerSensitive
@ -1845,13 +1772,6 @@ public abstract class ClassLoader {
*
* @return The platform {@code ClassLoader}.
*
* @throws SecurityException
* If a security manager is present, and the caller's class loader is
* not {@code null}, and the caller's class loader is not the same
* as or an ancestor of the platform class loader,
* and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 9
*/
@CallerSensitive
@ -1920,12 +1840,6 @@ public abstract class ClassLoader {
*
* @return The system {@code ClassLoader}
*
* @throws SecurityException
* If a security manager is present, and the caller's class loader
* is not {@code null} and is not the same as or an ancestor of the
* system class loader, and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @throws IllegalStateException
* If invoked recursively during the construction of the class
* loader specified by the "{@code java.system.class.loader}"

6
src/java.base/share/classes/java/lang/Integer.java
View File

@ -1187,8 +1187,6 @@ public final class Integer extends Number
*
* @param nm property name.
* @return the {@code Integer} value of the property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
*/
@ -1233,8 +1231,6 @@ public final class Integer extends Number
* @param nm property name.
* @param val default value.
* @return the {@code Integer} value of the property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
*/
@ -1275,8 +1271,6 @@ public final class Integer extends Number
* @param nm property name.
* @param val default value.
* @return the {@code Integer} value of the property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see System#getProperty(java.lang.String)
* @see System#getProperty(java.lang.String, java.lang.String)
*/

6
src/java.base/share/classes/java/lang/Long.java
View File

@ -1276,8 +1276,6 @@ public final class Long extends Number
*
* @param nm property name.
* @return the {@code Long} value of the property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
*/
@ -1321,8 +1319,6 @@ public final class Long extends Number
* @param nm property name.
* @param val default value.
* @return the {@code Long} value of the property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
*/
@ -1370,8 +1366,6 @@ public final class Long extends Number
* @param nm property name.
* @param val default value.
* @return the {@code Long} value of the property.
* @throws SecurityException for the same reasons as
* {@link System#getProperty(String) System.getProperty}
* @see System#getProperty(java.lang.String)
* @see System#getProperty(java.lang.String, java.lang.String)
*/

13
src/java.base/share/classes/java/lang/Module.java
View File

@ -195,15 +195,7 @@ public final class Module implements AnnotatedElement {
/**
* Returns the {@code ClassLoader} for this module.
*
* <p> If there is a security manager then its {@code checkPermission}
* method if first called with a {@code RuntimePermission("getClassLoader")}
* permission to check that the caller is allowed to get access to the
* class loader. </p>
*
* @return The class loader for this module
*
* @throws SecurityException
* If denied by the security manager
*/
public ClassLoader getClassLoader() {
@SuppressWarnings("removal")
@ -1689,9 +1681,8 @@ public final class Module implements AnnotatedElement {
* with the name "{@code META-INF/MANIFEST.MF}" is never encapsulated
* because "{@code META-INF}" is not a legal package name. </p>
*
* <p> This method returns {@code null} if the resource is not in this
* module, the resource is encapsulated and cannot be located by the caller,
* or access to the resource is denied by the security manager. </p>
* <p> This method returns {@code null} if the resource is not in this module
* or the resource is encapsulated and cannot be located by the caller. </p>
*
* @param name
* The resource name

38
src/java.base/share/classes/java/lang/ModuleLayer.java
View File

@ -359,10 +359,6 @@ public final class ModuleLayer {
* @throws LayerInstantiationException
* If the layer cannot be created for any of the reasons specified
* by the static {@code defineModulesWithOneLoader} method
* @throws SecurityException
* If {@code RuntimePermission("createClassLoader")} or
* {@code RuntimePermission("getClassLoader")} is denied by
* the security manager
*
* @see #findLoader
*/
@ -401,10 +397,6 @@ public final class ModuleLayer {
* @throws LayerInstantiationException
* If the layer cannot be created for any of the reasons specified
* by the static {@code defineModulesWithManyLoaders} method
* @throws SecurityException
* If {@code RuntimePermission("createClassLoader")} or
* {@code RuntimePermission("getClassLoader")} is denied by
* the security manager
*
* @see #findLoader
*/
@ -440,9 +432,6 @@ public final class ModuleLayer {
* @throws LayerInstantiationException
* If the layer cannot be created for any of the reasons specified
* by the static {@code defineModules} method
* @throws SecurityException
* If {@code RuntimePermission("getClassLoader")} is denied by
* the security manager
*/
public ModuleLayer defineModules(Configuration cf,
Function<String, ClassLoader> clf) {
@ -490,10 +479,6 @@ public final class ModuleLayer {
* a module named "{@code java.base}", or a module contains a package named
* "{@code java}" or a package with a name starting with "{@code java.}". </p>
*
* <p> If there is a security manager then the class loader created by
* this method will load classes and resources with privileges that are
* restricted by the calling context of this method. </p>
*
* @param cf
* The configuration for the layer
* @param parentLayers
@ -510,10 +495,6 @@ public final class ModuleLayer {
* @throws LayerInstantiationException
* If all modules cannot be defined to the same class loader for any
* of the reasons listed above
* @throws SecurityException
* If {@code RuntimePermission("createClassLoader")} or
* {@code RuntimePermission("getClassLoader")} is denied by
* the security manager
*
* @see #findLoader
*/
@ -563,10 +544,6 @@ public final class ModuleLayer {
* methods) in the module defined to the class loader before searching
* the parent class loader. </p>
*
* <p> If there is a security manager then the class loaders created by
* this method will load classes and resources with privileges that are
* restricted by the calling context of this method. </p>
*
* @param cf
* The configuration for the layer
* @param parentLayers
@ -586,11 +563,6 @@ public final class ModuleLayer {
* named "{@code java}" or a package with a name starting with
* "{@code java.}"
*
* @throws SecurityException
* If {@code RuntimePermission("createClassLoader")} or
* {@code RuntimePermission("getClassLoader")} is denied by
* the security manager
*
* @see #findLoader
*/
public static Controller defineModulesWithManyLoaders(Configuration cf,
@ -673,9 +645,6 @@ public final class ModuleLayer {
* configuration of the parent layers, including order
* @throws LayerInstantiationException
* If creating the layer fails for any of the reasons listed above
* @throws SecurityException
* If {@code RuntimePermission("getClassLoader")} is denied by
* the security manager
*/
public static Controller defineModules(Configuration cf,
List<ModuleLayer> parentLayers,
@ -906,11 +875,6 @@ public final class ModuleLayer {
* parent} layers are searched in the manner specified by {@link
* #findModule(String) findModule}.
*
* <p> If there is a security manager then its {@code checkPermission}
* method is called with a {@code RuntimePermission("getClassLoader")}
* permission to check that the caller is allowed to get access to the
* class loader. </p>
*
* @apiNote This method does not return an {@code Optional<ClassLoader>}
* because `null` must be used to represent the bootstrap class loader.
*
@ -921,8 +885,6 @@ public final class ModuleLayer {
*
* @throws IllegalArgumentException if a module of the given name is not
* defined in this layer or any parent of this layer
*
* @throws SecurityException if denied by the security manager
*/
public ClassLoader findLoader(String name) {
Optional<Module> om = findModule(name);

9
src/java.base/share/classes/java/lang/Process.java
View File

@ -753,8 +753,7 @@ public abstract class Process {
*
* {@code Process} objects returned by {@link ProcessBuilder#start()} and
* {@link Runtime#exec} implement {@code toHandle} as the equivalent of
* {@link ProcessHandle#of(long) ProcessHandle.of(pid)} including the
* check for a SecurityManager and {@code RuntimePermission("manageProcess")}.
* {@link ProcessHandle#of(long) ProcessHandle.of(pid)}.
*
* @implSpec
* This implementation throws an instance of
@ -766,8 +765,6 @@ public abstract class Process {
* @return Returns a ProcessHandle for the Process
* @throws UnsupportedOperationException if the Process implementation
* does not support this operation
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
* @since 9
*/
public ProcessHandle toHandle() {
@ -811,8 +808,6 @@ public abstract class Process {
* direct children of the process
* @throws UnsupportedOperationException if the Process implementation
* does not support this operation
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
* @since 9
*/
public Stream<ProcessHandle> children() {
@ -837,8 +832,6 @@ public abstract class Process {
* are descendants of the process
* @throws UnsupportedOperationException if the Process implementation
* does not support this operation
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
* @since 9
*/
public Stream<ProcessHandle> descendants() {

66
src/java.base/share/classes/java/lang/ProcessBuilder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -329,23 +329,12 @@ public final class ProcessBuilder
*
* <p>The returned map is typically case-sensitive on all platforms.
*
* <p>If a security manager exists, its
* {@link SecurityManager#checkPermission checkPermission} method
* is called with a
* {@link RuntimePermission}{@code ("getenv.*")} permission.
* This may result in a {@link SecurityException} being thrown.
*
* <p>When passing information to a Java subprocess,
* <a href=System.html#EnvironmentVSSystemProperties>system properties</a>
* are generally preferred over environment variables.
*
* @return this process builder's environment
*
* @throws SecurityException
* if a security manager exists and its
* {@link SecurityManager#checkPermission checkPermission}
* method doesn't allow access to the process environment
*
* @see Runtime#exec(String[],String[],java.io.File)
* @see System#getenv()
*/
@ -1009,12 +998,6 @@ public final class ProcessBuilder
* The minimal set of system dependent environment variables
* may override the values provided in the environment.
*
* <p>If there is a security manager, its
* {@link SecurityManager#checkExec checkExec}
* method is called with the first component of this object's
* {@code command} array as its argument. This may result in
* a {@link SecurityException} being thrown.
*
* <p>Starting an operating system process is highly system-dependent.
* Among the many things that can go wrong are:
* <ul>
@ -1042,29 +1025,6 @@ public final class ProcessBuilder
* @throws IndexOutOfBoundsException
* if the command is an empty list (has size {@code 0})
*
* @throws SecurityException
* if a security manager exists and
* <ul>
*
* <li>its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess, or
*
* <li>the standard input to the subprocess was
* {@linkplain #redirectInput redirected from a file}
* and the security manager's
* {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file, or
*
* <li>the standard output or standard error of the
* subprocess was
* {@linkplain #redirectOutput redirected to a file}
* and the security manager's
* {@link SecurityManager#checkWrite(String) checkWrite} method
* denies write access to the file
*
* </ul>
*
* @throws UnsupportedOperationException
* If the operating system does not support the creation of processes.
*
@ -1216,12 +1176,6 @@ public final class ProcessBuilder
* The minimal set of system dependent environment variables
* may override the values provided in the environment.
* <p>
* If there is a security manager, its
* {@link SecurityManager#checkExec checkExec}
* method is called with the first component of each process builder's
* {@code command} array as its argument. This may result in
* a {@link SecurityException} being thrown.
* <p>
* Starting an operating system process is highly system-dependent.
* Among the many things that can go wrong are:
* <ul>
@ -1272,24 +1226,6 @@ public final class ProcessBuilder
* the builders argument is null
* @throws IndexOutOfBoundsException
* if the command is an empty list (has size {@code 0})
* @throws SecurityException
* if a security manager exists and
* <ul>
* <li>its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess, or
* <li>the standard input to the subprocess was
* {@linkplain #redirectInput redirected from a file}
* and the security manager's
* {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file, or
* <li>the standard output or standard error of the
* subprocess was
* {@linkplain #redirectOutput redirected to a file}
* and the security manager's
* {@link SecurityManager#checkWrite(String) checkWrite} method
* denies write access to the file
* </ul>
*
* @throws UnsupportedOperationException
* If the operating system does not support the creation of processes

18
src/java.base/share/classes/java/lang/ProcessHandle.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -66,9 +66,7 @@ import java.util.stream.Stream;
* can be used to wait for process termination, and possibly trigger dependent
* actions.
* <p>
* The factory methods limit access to ProcessHandles using the
* SecurityManager checking the {@link RuntimePermission RuntimePermission("manageProcess")}.
* The ability to control processes is also restricted by the native system,
* The ability to control processes may be restricted by the native system,
* ProcessHandle provides no more access to, or control over, the native process
* than would be allowed by a native application.
*
@ -113,8 +111,6 @@ public interface ProcessHandle extends Comparable<ProcessHandle> {
* @param pid a native process ID
* @return an {@code Optional<ProcessHandle>} of the PID for the process;
* the {@code Optional} is empty if the process does not exist
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
* @throws UnsupportedOperationException if the implementation
* does not support this operation
*/
@ -127,8 +123,6 @@ public interface ProcessHandle extends Comparable<ProcessHandle> {
* used to destroy the current process, use {@link System#exit System.exit} instead.
*
* @return a ProcessHandle for the current process
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
* @throws UnsupportedOperationException if the implementation
* does not support this operation
*/
@ -143,8 +137,6 @@ public interface ProcessHandle extends Comparable<ProcessHandle> {
* @return an {@code Optional<ProcessHandle>} of the parent process;
* the {@code Optional} is empty if the child process does not have a parent
* or if the parent is not available, possibly due to operating system limitations
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
*/
Optional<ProcessHandle> parent();
@ -159,8 +151,6 @@ public interface ProcessHandle extends Comparable<ProcessHandle> {
*
* @return a sequential Stream of ProcessHandles for processes that are
* direct children of the process
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
*/
Stream<ProcessHandle> children();
@ -176,8 +166,6 @@ public interface ProcessHandle extends Comparable<ProcessHandle> {
*
* @return a sequential Stream of ProcessHandles for processes that
* are descendants of the process
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
*/
Stream<ProcessHandle> descendants();
@ -190,8 +178,6 @@ public interface ProcessHandle extends Comparable<ProcessHandle> {
* </em>
*
* @return a Stream of ProcessHandles for all processes
* @throws SecurityException if a security manager has been installed and
* it denies RuntimePermission("manageProcess")
* @throws UnsupportedOperationException if the implementation
* does not support this operation
*/

83
src/java.base/share/classes/java/lang/Runtime.java
View File

@ -142,9 +142,9 @@ public class Runtime {
/**
* Initiates the {@linkplain ##shutdown shutdown sequence} of the Java Virtual Machine.
* Unless the security manager denies exiting, this method initiates the shutdown sequence
* (if it is not already initiated) and then blocks indefinitely. This method neither returns
* nor throws an exception; that is, it does not complete either normally or abruptly.
* This method initiates the shutdown sequence (if it is not already initiated) and
* then blocks indefinitely. This method neither returns nor throws an exception; that
* is, it does not complete either normally or abruptly.
*
* <p> The argument serves as a status code. By convention, a nonzero status code
* indicates abnormal termination.
@ -169,13 +169,6 @@ public class Runtime {
* Termination status. By convention, a nonzero status code
* indicates abnormal termination.
*
* @throws SecurityException
* If a security manager is present and its
* {@link SecurityManager#checkExit checkExit} method does not permit
* exiting with the specified status
*
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkExit(int)
* @see #addShutdownHook
* @see #removeShutdownHook
* @see #halt(int)
@ -233,10 +226,6 @@ public class Runtime {
* @throws IllegalStateException
* If the shutdown sequence has already begun
*
* @throws SecurityException
* If a security manager is present and it denies
* {@link RuntimePermission}{@code ("shutdownHooks")}
*
* @see #removeShutdownHook
* @see #halt(int)
* @see #exit(int)
@ -265,10 +254,6 @@ public class Runtime {
* @throws IllegalStateException
* If the shutdown sequence has already begun
*
* @throws SecurityException
* If a security manager is present and it denies
* {@link RuntimePermission}{@code ("shutdownHooks")}
*
* @see #addShutdownHook
* @see #exit(int)
* @since 1.3
@ -284,8 +269,7 @@ public class Runtime {
/**
* Immediately {@linkplain ##termination terminates} the Java Virtual Machine.
* If the security manager denies exiting, throws {@link SecurityException}.
* Otherwise, termination of the Java Virtual Machine is unconditional and immediate.
* Termination of the Java Virtual Machine is unconditional and immediate.
* This method does not initiate the {@linkplain ##shutdown shutdown sequence}, nor does
* it wait for the shutdown sequence to finish if it is already in progress. An
* invocation of this method never returns normally.
@ -303,11 +287,6 @@ public class Runtime {
* has already been invoked then this status code
* will override the status code passed to that method.
*
* @throws SecurityException
* If a security manager is present and its
* {@link SecurityManager#checkExit checkExit} method
* does not permit an exit with the specified status
*
* @see #exit
* @see #addShutdownHook
* @see #removeShutdownHook
@ -341,11 +320,6 @@ public class Runtime {
*
* @return A new {@link Process} object for managing the subprocess
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess
*
* @throws IOException
* If an I/O error occurs
*
@ -392,11 +366,6 @@ public class Runtime {
*
* @return A new {@link Process} object for managing the subprocess
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess
*
* @throws IOException
* If an I/O error occurs
*
@ -457,11 +426,6 @@ public class Runtime {
*
* @return A new {@link Process} object for managing the subprocess
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess
*
* @throws IOException
* If an I/O error occurs
*
@ -505,11 +469,6 @@ public class Runtime {
*
* @return A new {@link Process} object for managing the subprocess
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess
*
* @throws IOException
* If an I/O error occurs
*
@ -551,11 +510,6 @@ public class Runtime {
*
* @return A new {@link Process} object for managing the subprocess
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess
*
* @throws IOException
* If an I/O error occurs
*
@ -610,12 +564,6 @@ public class Runtime {
* If {@code dir} is {@code null}, the subprocess inherits the
* current working directory of the current process.
*
* <p>If a security manager exists, its
* {@link SecurityManager#checkExec checkExec}
* method is invoked with the first component of the array
* {@code cmdarray} as its argument. This may result in a
* {@link SecurityException} being thrown.
*
* <p>Starting an operating system process is highly system-dependent.
* Among the many things that can go wrong are:
* <ul>
@ -647,11 +595,6 @@ public class Runtime {
*
* @return A new {@link Process} object for managing the subprocess
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkExec checkExec}
* method doesn't allow creation of the subprocess
*
* @throws UnsupportedOperationException
* If the operating system does not support the creation of processes.
*
@ -808,10 +751,6 @@ public class Runtime {
* Otherwise, the filename argument is mapped to a native library image in
* an implementation-dependent manner.
* <p>
* First, if there is a security manager, its {@code checkLink}
* method is called with the {@code filename} as its argument.
* This may result in a security exception.
* <p>
* This is similar to the method {@link #loadLibrary(String)}, but it
* accepts a general file name as an argument rather than just a library
* name, allowing any file of native code to be loaded.
@ -820,9 +759,6 @@ public class Runtime {
* convenient means of invoking this method.
*
* @param filename the file to load.
* @throws SecurityException if a security manager exists and its
* {@code checkLink} method doesn't allow
* loading of the specified dynamic library
* @throws UnsatisfiedLinkError if either the filename is not an
* absolute path name, the native library is not statically
* linked with the VM, or the library cannot be mapped to
@ -833,8 +769,6 @@ public class Runtime {
* does not have native access enabled.
* @spec jni/index.html Java Native Interface Specification
* @see java.lang.Runtime#getRuntime()
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkLink(java.lang.String)
*/
@CallerSensitive
@Restricted
@ -871,10 +805,6 @@ public class Runtime {
* location and mapped to a native library image in an
* implementation-dependent manner.
* <p>
* First, if there is a security manager, its {@code checkLink}
* method is called with the {@code libname} as its argument.
* This may result in a security exception.
* <p>
* The method {@link System#loadLibrary(String)} is the conventional
* and convenient means of invoking this method. If native
* methods are to be used in the implementation of a class, a standard
@ -891,9 +821,6 @@ public class Runtime {
* name, the second and subsequent calls are ignored.
*
* @param libname the name of the library.
* @throws SecurityException if a security manager exists and its
* {@code checkLink} method doesn't allow
* loading of the specified dynamic library
* @throws UnsatisfiedLinkError if either the libname argument
* contains a file path, the native library is not statically
* linked with the VM, or the library cannot be mapped to a
@ -903,8 +830,6 @@ public class Runtime {
* @throws IllegalCallerException if the caller is in a module that
* does not have native access enabled.
* @spec jni/index.html Java Native Interface Specification
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkLink(java.lang.String)
*/
@CallerSensitive
@Restricted

357
src/java.base/share/classes/java/lang/RuntimePermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,361 +26,21 @@
package java.lang;
import java.security.*;
import java.lang.module.ModuleFinder;
/**
* This class is for runtime permissions. A {@code RuntimePermission}
* contains a name (also referred to as a "target name") but no actions
* list; you either have the named permission or you don't.
* <p>
* The target name is the name of the runtime permission (see below). The
* naming convention follows the hierarchical property naming convention.
* Also, an asterisk may appear at the end of the name, following a ".",
* The target name is the name of the runtime permission. The naming convention
* follows the hierarchical property naming convention, typically the reverse
* domain name notation, to avoid name clashes.
* An asterisk may appear at the end of the name, following a ".",
* or by itself, to signify a wildcard match. For example: "loadLibrary.*"
* and "*" signify a wildcard match, while "*loadLibrary" and "a*b" do not.
* <p>
* The following table lists the standard {@code RuntimePermission}
* target names, and for each provides a description of what the permission
* allows and a discussion of the risks of granting code the permission.
*
* <table class="striped">
* <caption style="display:none">permission target name,
* what the target allows, and associated risks</caption>
* <thead>
* <tr>
* <th scope="col">Permission Target Name</th>
* <th scope="col">What the Permission Allows</th>
* <th scope="col">Risks of Allowing this Permission</th>
* </tr>
* </thead>
* <tbody>
*
* <tr>
* <th scope="row">createClassLoader</th>
* <td>Creation of a class loader</td>
* <td>This is an extremely dangerous permission to grant.
* Malicious applications that can instantiate their own class
* loaders could then load their own rogue classes into the system.
* These newly loaded classes could be placed into any protection
* domain by the class loader, thereby automatically granting the
* classes the permissions for that domain.</td>
* </tr>
*
* <tr>
* <th scope="row">getClassLoader</th>
* <td>Retrieval of a class loader (e.g., the class loader for the calling
* class)</td>
* <td>This would grant an attacker permission to get the
* class loader for a particular class. This is dangerous because
* having access to a class's class loader allows the attacker to
* load other classes available to that class loader. The attacker
* would typically otherwise not have access to those classes.</td>
* </tr>
*
* <tr>
* <th scope="row">setContextClassLoader</th>
* <td>Setting of the context class loader used by a thread</td>
* <td>The context class loader is used by system code and extensions
* when they need to lookup resources that might not exist in the system
* class loader. Granting setContextClassLoader permission would allow
* code to change which context class loader is used
* for a particular thread, including system threads.</td>
* </tr>
*
* <tr>
* <th scope="row">enableContextClassLoaderOverride</th>
* <td>Subclass implementation of the thread context class loader methods</td>
* <td>The context class loader is used by system code and extensions
* when they need to lookup resources that might not exist in the system
* class loader. Granting enableContextClassLoaderOverride permission would allow
* a subclass of Thread to override the methods that are used
* to get or set the context class loader for a particular thread.</td>
* </tr>
*
* <tr>
* <th scope="row">closeClassLoader</th>
* <td>Closing of a ClassLoader</td>
* <td>Granting this permission allows code to close any URLClassLoader
* that it has a reference to.</td>
* </tr>
*
* <tr>
* <th scope="row">setSecurityManager</th>
* <td>Setting of the security manager (possibly replacing an existing one)
* </td>
* <td>The security manager is a class that allows
* applications to implement a security policy. Granting the setSecurityManager
* permission would allow code to change which security manager is used by
* installing a different, possibly less restrictive security manager,
* thereby bypassing checks that would have been enforced by the original
* security manager.</td>
* </tr>
*
* <tr>
* <th scope="row">createSecurityManager</th>
* <td>Creation of a new security manager</td>
* <td>This gives code access to protected, sensitive methods that may
* disclose information about other classes or the execution stack.</td>
* </tr>
*
* <tr>
* <th scope="row">getenv.{variable name}</th>
* <td>Reading of the value of the specified environment variable</td>
* <td>This would allow code to read the value, or determine the
* existence, of a particular environment variable. This is
* dangerous if the variable contains confidential data.</td>
* </tr>
*
* <tr>
* <th scope="row">exitVM.{exit status}</th>
* <td>Halting of the Java Virtual Machine with the specified exit status</td>
* <td>This allows an attacker to mount a denial-of-service attack
* by automatically forcing the virtual machine to halt.
* Note: The "exitVM.*" permission is automatically granted to all code
* loaded from the application class path, thus enabling applications
* to terminate themselves. Also, the "exitVM" permission is equivalent to
* "exitVM.*".</td>
* </tr>
*
* <tr>
* <th scope="row">shutdownHooks</th>
* <td>Registration and cancellation of virtual-machine shutdown hooks</td>
* <td>This allows an attacker to register a malicious shutdown
* hook that interferes with the clean shutdown of the virtual machine.</td>
* </tr>
*
* <tr>
* <th scope="row">setFactory</th>
* <td>Setting of the socket factory used by ServerSocket or Socket,
* or of the stream handler factory used by URL</td>
* <td>This allows code to set the actual implementation
* for the socket, server socket, stream handler, or RMI socket factory.
* An attacker may set a faulty implementation which mangles the data
* stream.</td>
* </tr>
*
* <tr>
* <th scope="row">setIO</th>
* <td>Setting of System.out, System.in, and System.err</td>
* <td>This allows changing the value of the standard system streams.
* An attacker may change System.in to monitor and
* steal user input, or may set System.err to a "null" OutputStream,
* which would hide any error messages sent to System.err. </td>
* </tr>
*
* <tr>
* <th scope="row">modifyThread</th>
* <td>Modification of threads, e.g., via calls to Thread
* {@code interrupt, setDaemon, setPriority, setName} and
* {@code setUncaughtExceptionHandler} methods</td>
* <td>This allows an attacker to modify the behaviour of
* any thread in the system.</td>
* </tr>
*
* <tr>
* <th scope="row">modifyThreadGroup</th>
* <td>modification of thread groups, e.g., via calls to ThreadGroup
* {@code getParent}, {@code setDaemon}, and {@code setMaxPriority} methods</td>
* <td>This allows an attacker to create thread groups and
* set their run priority.</td>
* </tr>
*
* <tr>
* <th scope="row">getProtectionDomain</th>
* <td>Retrieval of the ProtectionDomain for a class</td>
* <td>This allows code to obtain policy information
* for a particular code source. While obtaining policy information
* does not compromise the security of the system, it does give
* attackers additional information, such as local file names for
* example, to better aim an attack.</td>
* </tr>
*
* <tr>
* <th scope="row">getFileSystemAttributes</th>
* <td>Retrieval of file system attributes</td>
* <td>This allows code to obtain file system information such as disk usage
* or disk space available to the caller. This is potentially dangerous
* because it discloses information about the system hardware
* configuration and some information about the caller's privilege to
* write files.</td>
* </tr>
*
* <tr>
* <th scope="row">readFileDescriptor</th>
* <td>Reading of file descriptors</td>
* <td>This would allow code to read the particular file associated
* with the file descriptor read. This is dangerous if the file
* contains confidential data.</td>
* </tr>
*
* <tr>
* <th scope="row">writeFileDescriptor</th>
* <td>Writing to file descriptors</td>
* <td>This allows code to write to a particular file associated
* with the descriptor. This is dangerous because it may allow
* malicious code to plant viruses or at the very least, fill up
* your entire disk.</td>
* </tr>
*
* <tr>
* <th scope="row">loadLibrary.{library name}</th>
* <td>Dynamic linking of the specified library</td>
* <td>It is dangerous to allow an applet permission to load native code
* libraries, because the Java security architecture is not designed to and
* does not prevent malicious behavior at the level of native code.</td>
* </tr>
*
* <tr>
* <th scope="row">accessClassInPackage.{package name}</th>
* <td>Access to the specified package via a class loader's
* {@code loadClass} method when that class loader calls
* the SecurityManager {@code checkPackageAccess} method</td>
* <td>This gives code access to classes in packages
* to which it normally does not have access. Malicious code
* may use these classes to help in its attempt to compromise
* security in the system.</td>
* </tr>
*
* <tr>
* <th scope="row">defineClassInPackage.{package name}</th>
* <td>Definition of classes in the specified package, via a class
* loader's {@code defineClass} method when that class loader calls
* the SecurityManager {@code checkPackageDefinition} method.</td>
* <td>This grants code permission to define a class
* in a particular package. This is dangerous because malicious
* code with this permission may define rogue classes in
* trusted packages like {@code java.security} or {@code java.lang},
* for example.</td>
* </tr>
*
* <tr>
* <th scope="row">defineClass</th>
* <td>Define a class with
* {@link java.lang.invoke.MethodHandles.Lookup#defineClass(byte[])
* Lookup.defineClass}.</td>
* <td>This grants code with a suitably privileged {@code Lookup} object
* permission to define classes in the same package as the {@code Lookup}'s
* lookup class. </td>
* </tr>
*
* <tr>
* <th scope="row">accessDeclaredMembers</th>
* <td>Access to the declared members of a class</td>
* <td>This grants code permission to query a class for its public,
* protected, default (package) access, and private fields and/or
* methods. Although the code would have
* access to the private and protected field and method names, it would not
* have access to the private/protected field data and would not be able
* to invoke any private methods. Nevertheless, malicious code
* may use this information to better aim an attack.
* Additionally, it may invoke any public methods and/or access public fields
* in the class. This could be dangerous if
* the code would normally not be able to invoke those methods and/or
* access the fields because
* it can't cast the object to the class/interface with those methods
* and fields.</td>
* </tr>
* <tr>
* <th scope="row">queuePrintJob</th>
* <td>Initiation of a print job request</td>
* <td>This could print sensitive information to a printer,
* or simply waste paper.</td>
* </tr>
*
* <tr>
* <th scope="row">getStackTrace</th>
* <td>Retrieval of the stack trace information of another thread.</td>
* <td>This allows retrieval of the stack trace information of
* another thread. This might allow malicious code to monitor the
* execution of threads and discover vulnerabilities in applications.</td>
* </tr>
*
* <tr>
* <th scope="row">getStackWalkerWithClassReference</th>
* <td>Get a stack walker that can retrieve stack frames with class reference.</td>
* <td>This allows retrieval of Class objects from stack walking.
* This might allow malicious code to access Class objects on the stack
* outside its own context.</td>
* </tr>
*
* <tr>
* <th scope="row">setDefaultUncaughtExceptionHandler</th>
* <td>Setting the default handler to be used when a thread
* terminates abruptly due to an uncaught exception</td>
* <td>This allows an attacker to register a malicious
* uncaught exception handler that could interfere with termination
* of a thread</td>
* </tr>
*
* <tr>
* <th scope="row">preferences</th>
* <td>Represents the permission required to get access to the
* java.util.prefs.Preferences implementations user or system root
* which in turn allows retrieval or update operations within the
* Preferences persistent backing store.) </td>
* <td>This permission allows the user to read from or write to the
* preferences backing store if the user running the code has
* sufficient OS privileges to read/write to that backing store.
* The actual backing store may reside within a traditional filesystem
* directory or within a registry depending on the platform OS</td>
* </tr>
*
* <tr>
* <th scope="row">manageProcess</th>
* <td>Native process termination and information about processes
* {@link ProcessHandle}.</td>
* <td>Allows code to identify and terminate processes that it did not create.</td>
* </tr>
*
* <tr>
* <th scope="row">localeServiceProvider</th>
* <td>This {@code RuntimePermission} is required to be granted to
* classes which subclass and implement
* {@code java.util.spi.LocaleServiceProvider}. The permission is
* checked during invocation of the abstract base class constructor.
* This permission ensures trust in classes which implement this
* security-sensitive provider mechanism. </td>
* <td>See <a href= "../util/spi/LocaleServiceProvider.html">
* {@code java.util.spi.LocaleServiceProvider}</a> for more
* information.</td>
* </tr>
*
* <tr>
* <th scope="row">loggerFinder</th>
* <td>This {@code RuntimePermission} is required to be granted to
* classes which subclass or call methods on
* {@code java.lang.System.LoggerFinder}. The permission is
* checked during invocation of the abstract base class constructor, as
* well as on the invocation of its public methods.
* This permission ensures trust in classes which provide loggers
* to system classes.</td>
* <td>See {@link java.lang.System.LoggerFinder java.lang.System.LoggerFinder}
* for more information.</td>
* </tr>
*
* <tr>
* <th scope="row">accessSystemModules</th>
* <td>Access system modules in the runtime image.</td>
* <td>This grants the permission to access resources in the
* {@linkplain ModuleFinder#ofSystem system modules} in the runtime image.</td>
* </tr>
*
* <tr>
* <th scope="row">inetAddressResolverProvider</th>
* <td>This {@code RuntimePermission} is required to be granted to
* classes which subclass and implement {@code java.net.spi.InetAddressResolverProvider}.
* The permission is checked during invocation of the abstract base class constructor.
* This permission ensures trust in classes which provide resolvers used by
* {@link java.net.InetAddress} hostname and address resolution methods.</td>
* <td>See {@link java.net.spi.InetAddressResolverProvider} for more information.</td>
* </tr>
*
* </tbody>
* </table>
*
* @implNote
* Implementations may define additional target names, but should use naming
* conventions such as reverse domain name notation to avoid name clashes.
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @see java.security.BasicPermission
* @see java.security.Permission
@ -388,7 +48,6 @@ import java.lang.module.ModuleFinder;
* @see java.security.PermissionCollection
* @see java.lang.SecurityManager
*
*
* @author Marianne Mueller
* @author Roland Schemers
* @since 1.2

9
src/java.base/share/classes/java/lang/SecurityException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -25,9 +25,12 @@
package java.lang;
/**
* Thrown by the security manager to indicate a security violation.
* Thrown to indicate a security violation.
*
* <p> This exception was originally specified for use with a SecurityManager when
* an operation was denied. This feature no longer exists. This exception may be
* deprecated in a future release.
*
* @see java.lang.SecurityManager
* @since 1.0
*/
public class SecurityException extends RuntimeException {

1450
src/java.base/share/classes/java/lang/SecurityManager.java
View File

File diff suppressed because it is too large Load Diff

28
src/java.base/share/classes/java/lang/StackWalker.java
View File

@ -61,9 +61,6 @@ import jdk.internal.vm.ContinuationScope;
*
* <p> {@code StackWalker} is thread-safe. Multiple threads can share
* a single {@code StackWalker} object to traverse its own stack.
* A permission check is performed when a {@code StackWalker} is created,
* according to the options it requests.
* No further permission check is done at stack walking time.
*
* @apiNote
* Examples
@ -354,18 +351,10 @@ public final class StackWalker {
/**
* Returns a {@code StackWalker} instance with the given option specifying
* the stack frame information it can access.
* <p>
* If a security manager is present and the given {@code option} is
* {@link Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE},
* it calls its {@link SecurityManager#checkPermission checkPermission}
* method for {@code RuntimePermission("getStackWalkerWithClassReference")}.
*
* @param option {@link Option stack walking option}
*
* @return a {@code StackWalker} configured with the given option
*
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies access.
*/
public static StackWalker getInstance(Option option) {
return getInstance(EnumSet.of(Objects.requireNonNull(option)));
@ -380,18 +369,9 @@ public final class StackWalker {
* configured to skip all {@linkplain Option#SHOW_HIDDEN_FRAMES hidden frames}
* and no {@linkplain Option#RETAIN_CLASS_REFERENCE class reference} is retained.
*
* <p>
* If a security manager is present and the given {@code options} contains
* {@link Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE},
* it calls its {@link SecurityManager#checkPermission checkPermission}
* method for {@code RuntimePermission("getStackWalkerWithClassReference")}.
*
* @param options {@link Option stack walking options}
*
* @return a {@code StackWalker} configured with the given options
*
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies access.
*/
public static StackWalker getInstance(Set<Option> options) {
if (options.isEmpty()) {
@ -413,12 +393,6 @@ public final class StackWalker {
* and no {@linkplain Option#RETAIN_CLASS_REFERENCE class reference} is retained.
*
* <p>
* If a security manager is present and the given {@code options} contains
* {@link Option#RETAIN_CLASS_REFERENCE Option.RETAIN_CLASS_REFERENCE},
* it calls its {@link SecurityManager#checkPermission checkPermission}
* method for {@code RuntimePermission("getStackWalkerWithClassReference")}.
*
* <p>
* The {@code estimateDepth} specifies the estimate number of stack frames
* this {@code StackWalker} will traverse that the {@code StackWalker} could
* use as a hint for the buffer size.
@ -429,8 +403,6 @@ public final class StackWalker {
* @return a {@code StackWalker} configured with the given options
*
* @throws IllegalArgumentException if {@code estimateDepth <= 0}
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method denies access.
*/
public static StackWalker getInstance(Set<Option> options, int estimateDepth) {
if (estimateDepth <= 0) {

397
src/java.base/share/classes/java/lang/System.java
View File

@ -38,12 +38,9 @@ import java.lang.annotation.Annotation;
import java.lang.foreign.MemorySegment;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodType;
import java.lang.invoke.StringConcatFactory;
import java.lang.module.ModuleDescriptor;
import java.lang.reflect.Constructor;
import java.lang.reflect.Executable;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.net.URI;
import java.net.URL;
import java.nio.channels.Channel;
@ -75,7 +72,6 @@ import jdk.internal.loader.NativeLibraries;
import jdk.internal.logger.LoggerFinderLoader.TemporaryLoggerFinder;
import jdk.internal.misc.Blocker;
import jdk.internal.misc.CarrierThreadLocal;
import jdk.internal.misc.Unsafe;
import jdk.internal.util.StaticProperty;
import jdk.internal.module.ModuleBootstrap;
import jdk.internal.module.ServicesCatalog;
@ -94,7 +90,6 @@ import jdk.internal.vm.StackableScope;
import jdk.internal.vm.ThreadContainer;
import jdk.internal.vm.annotation.IntrinsicCandidate;
import jdk.internal.vm.annotation.Stable;
import sun.nio.fs.DefaultFileSystemProvider;
import sun.reflect.annotation.AnnotationType;
import sun.nio.ch.Interruptible;
import sun.nio.cs.UTF_8;
@ -193,42 +188,16 @@ public final class System {
private static @Stable InputStream initialIn;
private static @Stable PrintStream initialErr;
// indicates if a security manager is possible
private static final int NEVER = 1;
private static final int MAYBE = 2;
private static @Stable int allowSecurityManager;
// current security manager
@SuppressWarnings("removal")
private static volatile SecurityManager security; // read by VM
// `sun.jnu.encoding` if it is not supported. Otherwise null.
// It is initialized in `initPhase1()` before any charset providers
// are initialized.
private static String notSupportedJnuEncoding;
// return true if a security manager is allowed
private static boolean allowSecurityManager() {
return (allowSecurityManager != NEVER);
}
/**
* Reassigns the "standard" input stream.
*
* First, if there is a security manager, its {@code checkPermission}
* method is called with a {@code RuntimePermission("setIO")} permission
* to see if it's ok to reassign the "standard" input stream.
*
* @param in the new standard input stream.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* reassigning of the standard input stream.
*
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*
* @since 1.1
*/
public static void setIn(InputStream in) {
@ -239,20 +208,8 @@ public final class System {
/**
* Reassigns the "standard" output stream.
*
* First, if there is a security manager, its {@code checkPermission}
* method is called with a {@code RuntimePermission("setIO")} permission
* to see if it's ok to reassign the "standard" output stream.
*
* @param out the new standard output stream
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* reassigning of the standard output stream.
*
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*
* @since 1.1
*/
public static void setOut(PrintStream out) {
@ -263,20 +220,8 @@ public final class System {
/**
* Reassigns the "standard" error output stream.
*
* First, if there is a security manager, its {@code checkPermission}
* method is called with a {@code RuntimePermission("setIO")} permission
* to see if it's ok to reassign the "standard" error output stream.
*
* @param err the new standard error output stream.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* reassigning of the standard error output stream.
*
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*
* @since 1.1
*/
public static void setErr(PrintStream err) {
@ -325,10 +270,6 @@ public final class System {
* @throws IOException
* If an I/O error occurs
*
* @throws SecurityException
* If a security manager is present and it does not
* permit access to the channel.
*
* @since 1.5
*/
public static Channel inheritedChannel() throws IOException {
@ -362,147 +303,37 @@ public final class System {
}
/**
* Sets the system-wide security manager.
* Throws {@code UnsupportedOperationException}. Setting a security manager
* is not supported.
*
* If there is a security manager already installed, this method first
* calls the security manager's {@code checkPermission} method
* with a {@code RuntimePermission("setSecurityManager")}
* permission to ensure it's ok to replace the existing
* security manager.
* This may result in throwing a {@code SecurityException}.
*
* <p> Otherwise, the argument is established as the current
* security manager. If the argument is {@code null} and no
* security manager has been established, then no action is taken and
* the method simply returns.
*
* @implNote In the JDK implementation, if the Java virtual machine is
* started with the system property {@code java.security.manager} not set or set to
* the special token "{@code disallow}" then the {@code setSecurityManager}
* method cannot be used to set a security manager. See the following
* <a href="SecurityManager.html#set-security-manager">section of the
* {@code SecurityManager} class specification</a> for more details.
*
* @param sm the security manager or {@code null}
* @throws SecurityException
* if the security manager has already been set and its {@code
* checkPermission} method doesn't allow it to be replaced
* @throws UnsupportedOperationException
* if {@code sm} is non-null and a security manager is not allowed
* to be set dynamically
* @param sm ignored
* @throws UnsupportedOperationException always
* @see #getSecurityManager
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
* @deprecated This method originally set
* {@linkplain SecurityManager the system-wide Security Manager}.
* Setting a Security Manager is no longer supported. There is no
* replacement for the Security Manager or this method.
*/
@Deprecated(since="17", forRemoval=true)
@CallerSensitive
public static void setSecurityManager(@SuppressWarnings("removal") SecurityManager sm) {
if (allowSecurityManager()) {
var callerClass = Reflection.getCallerClass();
if (CallersHolder.callers.putIfAbsent(callerClass, true) == null) {
URL url = codeSource(callerClass);
final String source;
if (url == null) {
source = callerClass.getName();
} else {
source = callerClass.getName() + " (" + url + ")";
}
initialErr.printf("""
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by %s
WARNING: Please consider reporting this to the maintainers of %s
WARNING: System::setSecurityManager will be removed in a future release
""", source, callerClass.getName());
}
implSetSecurityManager(sm);
} else {
// security manager not allowed
if (sm != null) {
throw new UnsupportedOperationException(
"The Security Manager is deprecated and will be removed in a future release");
}
}
}
private static void implSetSecurityManager(@SuppressWarnings("removal") SecurityManager sm) {
if (security == null) {
// ensure image reader is initialized
Object.class.getResource("java/lang/ANY");
// ensure the default file system is initialized
DefaultFileSystemProvider.theFileSystem();
}
if (sm != null) {
try {
// pre-populates the SecurityManager.packageAccess cache
// to avoid recursive permission checking issues with custom
// SecurityManager implementations
sm.checkPackageAccess("java.lang");
} catch (Exception e) {
// no-op
}
}
setSecurityManager0(sm);
}
@SuppressWarnings("removal")
private static synchronized
void setSecurityManager0(final SecurityManager s) {
SecurityManager sm = getSecurityManager();
if (sm != null) {
// ask the currently installed security manager if we
// can replace it.
sm.checkPermission(new RuntimePermission("setSecurityManager"));
}
if ((s != null) && (s.getClass().getClassLoader() != null)) {
// New security manager class is not on bootstrap classpath.
// Force policy to get initialized before we install the new
// security manager, in order to prevent infinite loops when
// trying to initialize the policy (which usually involves
// accessing some security and/or system properties, which in turn
// calls the installed security manager's checkPermission method
// which will loop infinitely if there is a non-system class
// (in this case: the new security manager class) on the stack).
AccessController.doPrivileged(new PrivilegedAction<>() {
public Object run() {
s.getClass().getProtectionDomain().implies
(SecurityConstants.ALL_PERMISSION);
return null;
}
});
}
security = s;
throw new UnsupportedOperationException(
"Setting a Security Manager is not supported");
}
/**
* Gets the system-wide security manager.
* Returns {@code null}. Setting a security manager is not supported.
*
* @return if a security manager has already been established for the
* current application, then that security manager is returned;
* otherwise, {@code null} is returned.
* @return {@code null}
* @see #setSecurityManager
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
* @deprecated This method originally returned
* {@linkplain SecurityManager the system-wide Security Manager}.
* Setting a Security Manager is no longer supported. There is no
* replacement for the Security Manager or this method.
*/
@SuppressWarnings("removal")
@Deprecated(since="17", forRemoval=true)
public static SecurityManager getSecurityManager() {
if (allowSecurityManager()) {
return security;
} else {
return null;
}
return null;
}
/**
@ -690,10 +521,6 @@ public final class System {
/**
* Determines the current system properties.
*
* First, if there is a security manager, its
* {@code checkPropertiesAccess} method is called with no
* arguments. This may result in a security exception.
* <p>
* The current set of system properties for use by the
* {@link #getProperty(String)} method is returned as a
@ -808,10 +635,6 @@ public final class System {
* Multiple paths in a system property value are separated by the path
* separator character of the platform.
* <p>
* Note that even if the security manager does not permit the
* {@code getProperties} operation, it may choose to permit the
* {@link #getProperty(String)} operation.
* <p>
* Additional locale-related system properties defined by the
* {@link Locale##default_locale Default Locale} section in the {@code Locale}
* class description may also be obtained with this method.
@ -855,12 +678,7 @@ public final class System {
* </table>
*
* @return the system properties
* @throws SecurityException if a security manager exists and its
* {@code checkPropertiesAccess} method doesn't allow access
* to the system properties.
* @see #setProperties
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertiesAccess()
* @see java.util.Properties
*/
public static Properties getProperties() {
@ -892,10 +710,6 @@ public final class System {
/**
* Sets the system properties to the {@code Properties} argument.
*
* First, if there is a security manager, its
* {@code checkPropertiesAccess} method is called with no
* arguments. This may result in a security exception.
* <p>
* The argument becomes the current set of system properties for use
* by the {@link #getProperty(String)} method. If the argument is
@ -908,13 +722,8 @@ public final class System {
* See {@linkplain #getProperties getProperties} for details.
*
* @param props the new system properties.
* @throws SecurityException if a security manager exists and its
* {@code checkPropertiesAccess} method doesn't allow access
* to the system properties.
* @see #getProperties
* @see java.util.Properties
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertiesAccess()
*/
public static void setProperties(Properties props) {
@SuppressWarnings("removal")
@ -933,10 +742,6 @@ public final class System {
/**
* Gets the system property indicated by the specified key.
*
* First, if there is a security manager, its
* {@code checkPropertyAccess} method is called with the key as
* its argument. This may result in a SecurityException.
* <p>
* If there is no current set of system properties, a set of system
* properties is first created and initialized in the same manner as
@ -951,14 +756,9 @@ public final class System {
* @return the string value of the system property,
* or {@code null} if there is no property with that key.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPropertyAccess} method doesn't allow
* access to the specified system property.
* @throws NullPointerException if {@code key} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #setProperty
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertyAccess(java.lang.String)
* @see java.lang.System#getProperties()
*/
public static String getProperty(String key) {
@ -974,10 +774,6 @@ public final class System {
/**
* Gets the system property indicated by the specified key.
*
* First, if there is a security manager, its
* {@code checkPropertyAccess} method is called with the
* {@code key} as its argument.
* <p>
* If there is no current set of system properties, a set of system
* properties is first created and initialized in the same manner as
@ -988,13 +784,9 @@ public final class System {
* @return the string value of the system property,
* or the default value if there is no property with that key.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPropertyAccess} method doesn't allow
* access to the specified system property.
* @throws NullPointerException if {@code key} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #setProperty
* @see java.lang.SecurityManager#checkPropertyAccess(java.lang.String)
* @see java.lang.System#getProperties()
*/
public static String getProperty(String key, String def) {
@ -1011,13 +803,6 @@ public final class System {
/**
* Sets the system property indicated by the specified key.
*
* First, if a security manager exists, its
* {@code SecurityManager.checkPermission} method
* is called with a {@code PropertyPermission(key, "write")}
* permission. This may result in a SecurityException being thrown.
* If no exception is thrown, the specified property is set to the given
* value.
*
* @apiNote
* <strong>Changing a standard system property may have unpredictable results
* unless otherwise specified</strong>.
@ -1028,17 +813,12 @@ public final class System {
* @return the previous value of the system property,
* or {@code null} if it did not have one.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method doesn't allow
* setting of the specified property.
* @throws NullPointerException if {@code key} or
* {@code value} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #getProperty
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
* @see java.util.PropertyPermission
* @see SecurityManager#checkPermission
* @since 1.2
*/
public static String setProperty(String key, String value) {
@ -1056,12 +836,6 @@ public final class System {
/**
* Removes the system property indicated by the specified key.
*
* First, if a security manager exists, its
* {@code SecurityManager.checkPermission} method
* is called with a {@code PropertyPermission(key, "write")}
* permission. This may result in a SecurityException being thrown.
* If no exception is thrown, the specified property is removed.
*
* @apiNote
* <strong>Changing a standard system property may have unpredictable results
* unless otherwise specified</strong>.
@ -1071,16 +845,11 @@ public final class System {
* @return the previous string value of the system property,
* or {@code null} if there was no property with that key.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPropertyAccess} method doesn't allow
* access to the specified system property.
* @throws NullPointerException if {@code key} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #getProperty
* @see #setProperty
* @see java.util.Properties
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertiesAccess()
* @since 1.5
*/
public static String clearProperty(String key) {
@ -1108,14 +877,6 @@ public final class System {
* environment variable is a system-dependent external named
* value.
*
* <p>If a security manager exists, its
* {@link SecurityManager#checkPermission checkPermission}
* method is called with a
* {@link RuntimePermission RuntimePermission("getenv."+name)}
* permission. This may result in a {@link SecurityException}
* being thrown. If no exception is thrown the value of the
* variable {@code name} is returned.
*
* <p><a id="EnvironmentVSSystemProperties"><i>System
* properties</i> and <i>environment variables</i></a> are both
* conceptually mappings between names and values. Both
@ -1141,11 +902,6 @@ public final class System {
* @return the string value of the variable, or {@code null}
* if the variable is not defined in the system environment
* @throws NullPointerException if {@code name} is {@code null}
* @throws SecurityException
* if a security manager exists and its
* {@link SecurityManager#checkPermission checkPermission}
* method doesn't allow access to the environment variable
* {@code name}
* @see #getenv()
* @see ProcessBuilder#environment()
*/
@ -1180,21 +936,11 @@ public final class System {
*
* <p>The returned map is typically case-sensitive on all platforms.
*
* <p>If a security manager exists, its
* {@link SecurityManager#checkPermission checkPermission}
* method is called with a
* {@link RuntimePermission RuntimePermission("getenv.*")} permission.
* This may result in a {@link SecurityException} being thrown.
*
* <p>When passing information to a Java subprocess,
* <a href=#EnvironmentVSSystemProperties>system properties</a>
* are generally preferred over environment variables.
*
* @return the environment as a map of variable names to values
* @throws SecurityException
* if a security manager exists and its
* {@link SecurityManager#checkPermission checkPermission}
* method doesn't allow access to the process environment
* @see #getenv(String)
* @see ProcessBuilder#environment()
* @since 1.5
@ -1614,16 +1360,6 @@ public final class System {
* would make them dependent from a specific implementation of the
* {@code LoggerFinder} service.
* <p>
* In addition, when a security manager is present, loggers provided to
* system classes should not be directly configurable through the logging
* backend without requiring permissions.
* <br>
* It is the responsibility of the provider of
* the concrete {@code LoggerFinder} implementation to ensure that
* these loggers are not configured by untrusted code without proper
* permission checks, as configuration performed on such loggers usually
* affects all applications in the same Java Runtime.
* <p>
* <b>Message Levels and Mapping to backend levels</b>
* <p>
* A logger finder is responsible for mapping from a {@code
@ -1656,10 +1392,6 @@ public final class System {
* implementation does not perform any heavy initialization in its
* constructor, in order to avoid possible risks of deadlock or class
* loading cycles during the instantiation of the service provider.
*
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
protected LoggerFinder() {
this(checkPermission());
@ -1689,9 +1421,6 @@ public final class System {
* module.
* @throws NullPointerException if {@code name} is {@code null} or
* {@code module} is {@code null}.
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
public abstract Logger getLogger(String name, Module module);
@ -1732,9 +1461,6 @@ public final class System {
*
* @throws NullPointerException if {@code name} is {@code null} or
* {@code module} is {@code null}.
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
public Logger getLocalizedLogger(String name, ResourceBundle bundle,
Module module) {
@ -1749,9 +1475,6 @@ public final class System {
* loaded.
*
* @return the {@link LoggerFinder LoggerFinder} instance.
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
public static LoggerFinder getLoggerFinder() {
@SuppressWarnings("removal")
@ -1896,10 +1619,10 @@ public final class System {
}
/**
* Initiates the {@linkplain Runtime##shutdown shutdown sequence} of the Java Virtual Machine.
* Unless the security manager denies exiting, this method initiates the shutdown sequence
* (if it is not already initiated) and then blocks indefinitely. This method neither returns
* nor throws an exception; that is, it does not complete either normally or abruptly.
* Initiates the {@linkplain Runtime##shutdown shutdown sequence} of the Java Virtual
* Machine. This method initiates the shutdown sequence (if it is not already initiated)
* and then blocks indefinitely. This method neither returns nor throws an exception;
* that is, it does not complete either normally or abruptly.
* <p>
* The argument serves as a status code. By convention, a nonzero status code
* indicates abnormal termination.
@ -1913,9 +1636,6 @@ public final class System {
* The initiation of the shutdown sequence is logged by {@link Runtime#exit(int)}.
*
* @param status exit status.
* @throws SecurityException
* if a security manager exists and its {@code checkExit} method
* doesn't allow exit with the specified status.
* @see java.lang.Runtime#exit(int)
*/
public static void exit(int status) {
@ -2009,9 +1729,6 @@ public final class System {
* </pre></blockquote>
*
* @param filename the file to load.
* @throws SecurityException if a security manager exists and its
* {@code checkLink} method doesn't allow
* loading of the specified dynamic library
* @throws UnsatisfiedLinkError if either the filename is not an
* absolute path name, the native library is not statically
* linked with the VM, or the library cannot be mapped to
@ -2022,7 +1739,6 @@ public final class System {
*
* @spec jni/index.html Java Native Interface Specification
* @see java.lang.Runtime#load(java.lang.String)
* @see java.lang.SecurityManager#checkLink(java.lang.String)
*/
@CallerSensitive
@Restricted
@ -2052,9 +1768,6 @@ public final class System {
* </pre></blockquote>
*
* @param libname the name of the library.
* @throws SecurityException if a security manager exists and its
* {@code checkLink} method doesn't allow
* loading of the specified dynamic library
* @throws UnsatisfiedLinkError if either the libname argument
* contains a file path, the native library is not statically
* linked with the VM, or the library cannot be mapped to a
@ -2065,7 +1778,6 @@ public final class System {
*
* @spec jni/index.html Java Native Interface Specification
* @see java.lang.Runtime#loadLibrary(java.lang.String)
* @see java.lang.SecurityManager#checkLink(java.lang.String)
*/
@CallerSensitive
@Restricted
@ -2334,24 +2046,13 @@ public final class System {
/*
* Invoked by VM. Phase 3 is the final system initialization:
* 1. eagerly initialize bootstrap method factories that might interact
* negatively with custom security managers and custom class loaders
* 2. set security manager
* 3. set system class loader
* 4. set TCCL
* 1. set system class loader
* 2. set TCCL
*
* This method must be called after the module system initialization.
* The security manager and system class loader may be a custom class from
* the application classpath or modulepath.
*/
@SuppressWarnings("removal")
private static void initPhase3() {
// Initialize the StringConcatFactory eagerly to avoid potential
// bootstrap circularity issues that could be caused by a custom
// SecurityManager
Unsafe.getUnsafe().ensureClassInitialized(StringConcatFactory.class);
// Emit a warning if java.io.tmpdir is set via the command line
// to a directory that doesn't exist
if (SystemProps.isBadIoTmpdir()) {
@ -2359,52 +2060,17 @@ public final class System {
}
String smProp = System.getProperty("java.security.manager");
boolean needWarning = false;
if (smProp != null) {
switch (smProp) {
case "disallow":
allowSecurityManager = NEVER;
break;
case "allow":
allowSecurityManager = MAYBE;
break;
case "":
case "default":
implSetSecurityManager(new SecurityManager());
allowSecurityManager = MAYBE;
needWarning = true;
break;
default:
try {
ClassLoader cl = ClassLoader.getBuiltinAppClassLoader();
Class<?> c = Class.forName(smProp, false, cl);
Constructor<?> ctor = c.getConstructor();
// Must be a public subclass of SecurityManager with
// a public no-arg constructor
if (!SecurityManager.class.isAssignableFrom(c) ||
!Modifier.isPublic(c.getModifiers()) ||
!Modifier.isPublic(ctor.getModifiers())) {
throw new Error("Could not create SecurityManager: "
+ ctor.toString());
}
// custom security manager may be in non-exported package
ctor.setAccessible(true);
SecurityManager sm = (SecurityManager) ctor.newInstance();
implSetSecurityManager(sm);
needWarning = true;
} catch (Exception e) {
throw new InternalError("Could not create SecurityManager", e);
}
allowSecurityManager = MAYBE;
throw new Error("A command line option has attempted to allow or enable the Security Manager."
+ " Enabling a Security Manager is not supported.");
}
} else {
allowSecurityManager = NEVER;
}
if (needWarning) {
System.err.println("""
WARNING: A command line option has enabled the Security Manager
WARNING: The Security Manager is deprecated and will be removed in a future release""");
}
// Emit a warning if `sun.jnu.encoding` is not supported.
@ -2491,14 +2157,6 @@ public final class System {
public Package definePackage(ClassLoader cl, String name, Module module) {
return cl.definePackage(name, module);
}
@SuppressWarnings("removal")
public void addNonExportedPackages(ModuleLayer layer) {
SecurityManager.addNonExportedPackages(layer);
}
@SuppressWarnings("removal")
public void invalidatePackageAccessCache() {
SecurityManager.invalidatePackageAccessCache();
}
public Module defineModule(ClassLoader loader,
ModuleDescriptor descriptor,
URI uri) {
@ -2791,11 +2449,6 @@ public final class System {
public boolean bytesCompatible(String string, Charset charset) {
return string.bytesCompatible(charset);
}
@Override
public boolean allowSecurityManager() {
return System.allowSecurityManager();
}
});
}
}

242
src/java.base/share/classes/java/lang/Thread.java
View File

@ -29,9 +29,7 @@ import java.lang.ref.Reference;
import java.lang.reflect.Field;
import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.Permission;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.time.Duration;
import java.util.Map;
import java.util.HashMap;
@ -162,7 +160,15 @@ import static java.util.concurrent.TimeUnit.NANOSECONDS;
* }
*
* <h2><a id="inheritance">Inheritance when creating threads</a></h2>
* A {@code Thread} inherits its initial values of {@linkplain InheritableThreadLocal
* A {@code Thread} created with one of the public constructors inherits the daemon
* status and thread priority from the parent thread at the time that the child {@code
* Thread} is created. The {@linkplain ThreadGroup thread group} is also inherited when
* not provided to the constructor. When using a {@code Thread.Builder} to create a
* platform thread, the daemon status, thread priority, and thread group are inherited
* when not set on the builder. As with the constructors, inheriting from the parent
* thread is done when the child {@code Thread} is created.
*
* <p> A {@code Thread} inherits its initial values of {@linkplain InheritableThreadLocal
* inheritable-thread-local} variables (including the context class loader) from
* the parent thread values at the time that the child {@code Thread} is created.
* The 5-param {@linkplain Thread#Thread(ThreadGroup, Runnable, String, long, boolean)
@ -171,17 +177,6 @@ import static java.util.concurrent.TimeUnit.NANOSECONDS;
* {@link Builder#inheritInheritableThreadLocals(boolean) inheritInheritableThreadLocals}
* method can be used to select if the initial values are inherited.
*
* <p> Platform threads inherit the daemon status, thread priority, and when not
* provided (or not selected by a security manager), the thread group.
*
* <p> Creating a platform thread {@linkplain AccessController#getContext() captures} the
* {@linkplain AccessControlContext caller context} to limit the {@linkplain Permission
* permissions} of the new thread when it executes code that performs a {@linkplain
* AccessController#doPrivileged(PrivilegedAction) privileged action}. The captured
* caller context is the new thread's "Inherited {@link AccessControlContext}". Creating
* a virtual thread does not capture the caller context; virtual threads have no
* permissions when executing code that performs a privileged action.
*
* <p> Unless otherwise specified, passing a {@code null} argument to a constructor
* or method in this class will cause a {@link NullPointerException} to be thrown.
*
@ -245,10 +240,6 @@ public class Thread implements Runnable {
// context ClassLoader
private volatile ClassLoader contextClassLoader;
// inherited AccessControlContext, this could be moved to FieldHolder
@SuppressWarnings("removal")
private AccessControlContext inheritedAccessControlContext;
// Additional fields for platform threads.
// All fields, except task, are accessed directly by the VM.
private static class FieldHolder {
@ -685,8 +676,7 @@ public class Thread implements Runnable {
* @param task the object whose run() method gets called
* @param stackSize the desired stack size for the new thread, or
* zero to indicate that this parameter is to be ignored.
* @param acc the AccessControlContext to inherit, or
* AccessController.getContext() if null
* @param acc ignored
*/
@SuppressWarnings("removal")
Thread(ThreadGroup g, String name, int characteristics, Runnable task,
@ -734,12 +724,6 @@ public class Thread implements Runnable {
this.name = (name != null) ? name : genThreadName();
if (acc != null) {
this.inheritedAccessControlContext = acc;
} else {
this.inheritedAccessControlContext = AccessController.getContext();
}
// thread locals
if (!attached) {
if ((characteristics & NO_INHERIT_THREAD_LOCALS) == 0) {
@ -771,7 +755,6 @@ public class Thread implements Runnable {
Thread(String name, int characteristics, boolean bound) {
this.tid = ThreadIdentifiers.next();
this.name = (name != null) ? name : "";
this.inheritedAccessControlContext = Constants.NO_PERMISSIONS_ACC;
// thread locals
if ((characteristics & NO_INHERIT_THREAD_LOCALS) == 0) {
@ -803,18 +786,6 @@ public class Thread implements Runnable {
* Returns a builder for creating a platform {@code Thread} or {@code ThreadFactory}
* that creates platform threads.
*
* <p> <a id="ofplatform-security"><b>Interaction with security manager when
* creating platform threads</b></a>
* <p> Creating a platform thread when there is a security manager set will
* invoke the security manager's {@link SecurityManager#checkAccess(ThreadGroup)
* checkAccess(ThreadGroup)} method with the thread's thread group.
* If the thread group has not been set with the {@link
* Builder.OfPlatform#group(ThreadGroup) OfPlatform.group} method then the
* security manager's {@link SecurityManager#getThreadGroup() getThreadGroup}
* method will be invoked first to select the thread group. If the security
* manager {@code getThreadGroup} method returns {@code null} then the thread
* group of the constructing thread is used.
*
* @apiNote The following are examples using the builder:
* {@snippet :
* // Start a daemon thread to run a task
@ -944,9 +915,6 @@ public class Thread implements Runnable {
*
* @param task the object to run when the thread executes
* @return a new unstarted Thread
* @throws SecurityException if denied by the security manager
* (See <a href="Thread.html#ofplatform-security">Interaction with
* security manager when creating platform threads</a>)
*
* @see <a href="Thread.html#inheritance">Inheritance when creating threads</a>
*/
@ -958,9 +926,6 @@ public class Thread implements Runnable {
*
* @param task the object to run when the thread executes
* @return a new started Thread
* @throws SecurityException if denied by the security manager
* (See <a href="Thread.html#ofplatform-security">Interaction with
* security manager when creating platform threads</a>)
*
* @see <a href="Thread.html#inheritance">Inheritance when creating threads</a>
*/
@ -1185,21 +1150,13 @@ public class Thread implements Runnable {
* <pre>{@code Thread.ofPlatform().group(group).unstarted(task); }</pre>
*
* @param group
* the thread group. If {@code null} and there is a security
* manager, the group is determined by {@linkplain
* SecurityManager#getThreadGroup SecurityManager.getThreadGroup()}.
* If there is not a security manager or {@code
* SecurityManager.getThreadGroup()} returns {@code null}, the group
* the thread group. If {@code null} the group
* is set to the current thread's thread group.
*
* @param task
* the object whose {@code run} method is invoked when this thread
* is started. If {@code null}, this thread's run method is invoked.
*
* @throws SecurityException
* if the current thread cannot create a thread in the specified
* thread group
*
* @see <a href="#inheritance">Inheritance when creating threads</a>
*/
public Thread(ThreadGroup group, Runnable task) {
@ -1232,20 +1189,12 @@ public class Thread implements Runnable {
* override the {@link #run()} method.
*
* @param group
* the thread group. If {@code null} and there is a security
* manager, the group is determined by {@linkplain
* SecurityManager#getThreadGroup SecurityManager.getThreadGroup()}.
* If there is not a security manager or {@code
* SecurityManager.getThreadGroup()} returns {@code null}, the group
* the thread group. If {@code null}, the group
* is set to the current thread's thread group.
*
* @param name
* the name of the new thread
*
* @throws SecurityException
* if the current thread cannot create a thread in the specified
* thread group
*
* @see <a href="#inheritance">Inheritance when creating threads</a>
*/
public Thread(ThreadGroup group, String name) {
@ -1279,16 +1228,6 @@ public class Thread implements Runnable {
* as its run object, has the specified {@code name} as its name,
* and belongs to the thread group referred to by {@code group}.
*
* <p>If there is a security manager, its
* {@link SecurityManager#checkAccess(ThreadGroup) checkAccess}
* method is invoked with the ThreadGroup as its argument.
*
* <p>In addition, its {@code checkPermission} method is invoked with
* the {@code RuntimePermission("enableContextClassLoaderOverride")}
* permission when invoked directly or indirectly by the constructor
* of a subclass which overrides the {@code getContextClassLoader}
* or {@code setContextClassLoader} methods.
*
* <p>The priority of the newly created thread is the smaller of
* priority of the thread creating it and the maximum permitted
* priority of the thread group. The method {@linkplain #setPriority
@ -1304,11 +1243,7 @@ public class Thread implements Runnable {
* <pre>{@code Thread.ofPlatform().group(group).name(name).unstarted(task); }</pre>
*
* @param group
* the thread group. If {@code null} and there is a security
* manager, the group is determined by {@linkplain
* SecurityManager#getThreadGroup SecurityManager.getThreadGroup()}.
* If there is not a security manager or {@code
* SecurityManager.getThreadGroup()} returns {@code null}, the group
* the thread group. If {@code null}, the group
* is set to the current thread's thread group.
*
* @param task
@ -1318,10 +1253,6 @@ public class Thread implements Runnable {
* @param name
* the name of the new thread
*
* @throws SecurityException
* if the current thread cannot create a thread in the specified
* thread group or cannot override the context class loader methods.
*
* @see <a href="#inheritance">Inheritance when creating threads</a>
*/
public Thread(ThreadGroup group, Runnable task, String name) {
@ -1381,11 +1312,7 @@ public class Thread implements Runnable {
* <pre>{@code Thread.ofPlatform().group(group).name(name).stackSize(stackSize).unstarted(task); }</pre>
*
* @param group
* the thread group. If {@code null} and there is a security
* manager, the group is determined by {@linkplain
* SecurityManager#getThreadGroup SecurityManager.getThreadGroup()}.
* If there is not a security manager or {@code
* SecurityManager.getThreadGroup()} returns {@code null}, the group
* the thread group. If {@code null}, the group
* is set to the current thread's thread group.
*
* @param task
@ -1399,10 +1326,6 @@ public class Thread implements Runnable {
* the desired stack size for the new thread, or zero to indicate
* that this parameter is to be ignored.
*
* @throws SecurityException
* if the current thread cannot create a thread in the specified
* thread group
*
* @since 1.4
* @see <a href="#inheritance">Inheritance when creating threads</a>
*/
@ -1441,11 +1364,7 @@ public class Thread implements Runnable {
* .unstarted(task); }</pre>
*
* @param group
* the thread group. If {@code null} and there is a security
* manager, the group is determined by {@linkplain
* SecurityManager#getThreadGroup SecurityManager.getThreadGroup()}.
* If there is not a security manager or {@code
* SecurityManager.getThreadGroup()} returns {@code null}, the group
* the thread group. If {@code null}, the group
* is set to the current thread's thread group.
*
* @param task
@ -1464,10 +1383,6 @@ public class Thread implements Runnable {
* thread-locals from the constructing thread, otherwise no initial
* values are inherited
*
* @throws SecurityException
* if the current thread cannot create a thread in the specified
* thread group
*
* @since 9
* @see <a href="#inheritance">Inheritance when creating threads</a>
*/
@ -1602,7 +1517,6 @@ public class Thread implements Runnable {
void clearReferences() {
threadLocals = null;
inheritableThreadLocals = null;
inheritedAccessControlContext = null;
if (uncaughtExceptionHandler != null)
uncaughtExceptionHandler = null;
if (nioBlocker != null)
@ -1669,11 +1583,6 @@ public class Thread implements Runnable {
/**
* Interrupts this thread.
*
* <p> Unless the current thread is interrupting itself, which is
* always permitted, the {@link #checkAccess() checkAccess} method
* of this thread is invoked, which may cause a {@link
* SecurityException} to be thrown.
*
* <p> If this thread is blocked in an invocation of the {@link
* Object#wait() wait()}, {@link Object#wait(long) wait(long)}, or {@link
* Object#wait(long, int) wait(long, int)} methods of the {@link Object}
@ -1702,15 +1611,8 @@ public class Thread implements Runnable {
* @implNote In the JDK Reference Implementation, interruption of a thread
* that is not alive still records that the interrupt request was made and
* will report it via {@link #interrupted()} and {@link #isInterrupted()}.
*
* @throws SecurityException
* if the current thread cannot modify this thread
*/
public void interrupt() {
if (this != Thread.currentThread()) {
checkAccess();
}
// Setting the interrupt status must be done before reading nioBlocker.
interrupted = true;
interrupt0(); // inform VM of interrupt
@ -1818,14 +1720,10 @@ public class Thread implements Runnable {
* @param newPriority the new thread priority
* @throws IllegalArgumentException if the priority is not in the
* range {@code MIN_PRIORITY} to {@code MAX_PRIORITY}.
* @throws SecurityException
* if {@link #checkAccess} determines that the current
* thread cannot modify this thread
* @see #setPriority(int)
* @see ThreadGroup#getMaxPriority()
*/
public final void setPriority(int newPriority) {
checkAccess();
if (newPriority > MAX_PRIORITY || newPriority < MIN_PRIORITY) {
throw new IllegalArgumentException();
}
@ -1863,10 +1761,6 @@ public class Thread implements Runnable {
/**
* Changes the name of this thread to be equal to the argument {@code name}.
* <p>
* First the {@code checkAccess} method of this thread is called
* with no arguments. This may result in throwing a
* {@code SecurityException}.
*
* @implNote In the JDK Reference Implementation, if this thread is the
* current thread, and it's a platform thread that was not attached to the
@ -1877,15 +1771,11 @@ public class Thread implements Runnable {
* purposes.
*
* @param name the new name for this thread.
* @throws SecurityException if the current thread cannot modify this
* thread.
*
* @spec jni/index.html Java Native Interface Specification
* @see #getName
* @see #checkAccess()
*/
public final synchronized void setName(String name) {
checkAccess();
if (name == null) {
throw new NullPointerException("name cannot be null");
}
@ -1964,10 +1854,6 @@ public class Thread implements Runnable {
* an array into which to put the list of threads
*
* @return the number of threads put into the array
*
* @throws SecurityException
* if {@link java.lang.ThreadGroup#checkAccess} determines that
* the current thread cannot access its thread group
*/
public static int enumerate(Thread[] tarray) {
return currentThread().getThreadGroup().enumerate(tarray);
@ -2173,12 +2059,8 @@ public class Thread implements Runnable {
* if this is a virtual thread and {@code on} is false
* @throws IllegalThreadStateException
* if this thread is {@linkplain #isAlive alive}
* @throws SecurityException
* if {@link #checkAccess} determines that the current
* thread cannot modify this thread
*/
public final void setDaemon(boolean on) {
checkAccess();
if (isVirtual() && !on)
throw new IllegalArgumentException("'false' not legal for virtual threads");
if (isAlive())
@ -2208,31 +2090,16 @@ public class Thread implements Runnable {
}
/**
* Determines if the currently running thread has permission to
* modify this thread.
* <p>
* If there is a security manager, its {@code checkAccess} method
* is called with this thread as its argument. This may result in
* throwing a {@code SecurityException}.
* Does nothing.
*
* @throws SecurityException if the current thread is not allowed to
* access this thread.
* @see SecurityManager#checkAccess(Thread)
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
* @deprecated This method originally determined if the currently running
* thread had permission to modify this thread. This method was only useful
* in conjunction with {@linkplain SecurityManager the Security Manager},
* which is no longer supported. There is no replacement for the Security
* Manager or this method.
*/
@Deprecated(since="17", forRemoval=true)
public final void checkAccess() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkAccess(this);
}
}
public final void checkAccess() { }
/**
* Returns a string representation of this thread. The string representation
@ -2271,12 +2138,6 @@ public class Thread implements Runnable {
* indicating the system class loader (or, failing that, the
* bootstrap class loader)
*
* @throws SecurityException
* if a security manager is present, and the caller's class loader
* is not {@code null} and is not the same as or an ancestor of the
* context class loader, and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 1.2
*/
@CallerSensitive
@ -2299,19 +2160,10 @@ public class Thread implements Runnable {
* <p> The context {@code ClassLoader} may be set by the creator of the thread
* for use by code running in this thread when loading classes and resources.
*
* <p> If a security manager is present, its {@link
* SecurityManager#checkPermission(java.security.Permission) checkPermission}
* method is invoked with a {@link RuntimePermission RuntimePermission}{@code
* ("setContextClassLoader")} permission to see if setting the context
* ClassLoader is permitted.
*
* @param cl
* the context ClassLoader for this Thread, or null indicating the
* system class loader (or, failing that, the bootstrap class loader)
*
* @throws SecurityException
* if the current thread cannot set the context ClassLoader
*
* @since 1.2
*/
public void setContextClassLoader(ClassLoader cl) {
@ -2354,12 +2206,6 @@ public class Thread implements Runnable {
* represents the bottom of the stack, which is the least recent method
* invocation in the sequence.
*
* <p>If there is a security manager, and this thread is not
* the current thread, then the security manager's
* {@code checkPermission} method is called with a
* {@code RuntimePermission("getStackTrace")} permission
* to see if it's ok to get the stack trace.
*
* <p>Some virtual machines may, under some circumstances, omit one
* or more stack frames from the stack trace. In the extreme case,
* a virtual machine that has no stack trace information concerning
@ -2369,12 +2215,7 @@ public class Thread implements Runnable {
* @return an array of {@code StackTraceElement},
* each represents one stack frame.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* getting the stack trace of thread.
* @see Throwable#getStackTrace
*
* @since 1.5
*/
public StackTraceElement[] getStackTrace() {
@ -2434,20 +2275,10 @@ public class Thread implements Runnable {
* array will be returned in the map value if the virtual machine has
* no stack trace information about a thread.
*
* <p>If there is a security manager, then the security manager's
* {@code checkPermission} method is called with a
* {@code RuntimePermission("getStackTrace")} permission as well as
* {@code RuntimePermission("modifyThreadGroup")} permission
* to see if it is ok to get the stack trace of all threads.
*
* @return a {@code Map} from {@code Thread} to an array of
* {@code StackTraceElement} that represents the stack trace of
* the corresponding thread.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* getting the stack trace of thread.
* @see #getStackTrace
* @see Throwable#getStackTrace
*
@ -2766,9 +2597,6 @@ public class Thread implements Runnable {
* @param ueh the object to use as the default uncaught exception handler.
* If {@code null} then there is no default handler.
*
* @throws SecurityException if a security manager is present and it denies
* {@link RuntimePermission}{@code ("setDefaultUncaughtExceptionHandler")}
*
* @see #setUncaughtExceptionHandler
* @see #getUncaughtExceptionHandler
* @see ThreadGroup#uncaughtException
@ -2824,14 +2652,11 @@ public class Thread implements Runnable {
* object acts as its handler.
* @param ueh the object to use as this thread's uncaught exception
* handler. If {@code null} then this thread has no explicit handler.
* @throws SecurityException if the current thread is not allowed to
* modify this thread.
* @see #setDefaultUncaughtExceptionHandler
* @see ThreadGroup#uncaughtException
* @since 1.5
*/
public void setUncaughtExceptionHandler(UncaughtExceptionHandler ueh) {
checkAccess();
uncaughtExceptionHandler(ueh);
}
@ -2855,27 +2680,12 @@ public class Thread implements Runnable {
// Thread group for virtual threads.
static final ThreadGroup VTHREAD_GROUP;
// AccessControlContext that doesn't support any permissions.
@SuppressWarnings("removal")
static final AccessControlContext NO_PERMISSIONS_ACC;
static {
var getThreadGroup = new PrivilegedAction<ThreadGroup>() {
@Override
public ThreadGroup run() {
ThreadGroup parent = Thread.currentCarrierThread().getThreadGroup();
for (ThreadGroup p; (p = parent.getParent()) != null; )
parent = p;
return parent;
}
};
@SuppressWarnings("removal")
ThreadGroup root = AccessController.doPrivileged(getThreadGroup);
ThreadGroup root = Thread.currentCarrierThread().getThreadGroup();
for (ThreadGroup p; (p = root.getParent()) != null; ) {
root = p;
}
VTHREAD_GROUP = new ThreadGroup(root, "VirtualThreads", MAX_PRIORITY, false);
NO_PERMISSIONS_ACC = new AccessControlContext(new ProtectionDomain[] {
new ProtectionDomain(null, null)
});
}
}

107
src/java.base/share/classes/java/lang/ThreadGroup.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -106,7 +106,7 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
}
/**
* Creates a ThreadGroup without any permission or other checks.
* Creates a ThreadGroup.
*/
ThreadGroup(ThreadGroup parent, String name, int maxPriority, boolean daemon) {
this.parent = parent;
@ -124,26 +124,11 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
}
}
private ThreadGroup(Void unused, ThreadGroup parent, String name) {
this(parent, name, parent.maxPriority, parent.daemon);
}
private static Void checkParentAccess(ThreadGroup parent) {
parent.checkAccess();
return null;
}
/**
* Constructs a new thread group. The parent of this new group is
* the thread group of the currently running thread.
* <p>
* The {@code checkAccess} method of the parent thread group is
* called with no arguments; this may result in a security exception.
*
* @param name the name of the new thread group, can be {@code null}
* @throws SecurityException if the current thread cannot create a
* thread in the specified thread group.
* @see java.lang.ThreadGroup#checkAccess()
*/
public ThreadGroup(String name) {
this(Thread.currentThread().getThreadGroup(), name);
@ -152,19 +137,13 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
/**
* Creates a new thread group. The parent of this new group is the
* specified thread group.
* <p>
* The {@code checkAccess} method of the parent thread group is
* called with no arguments; this may result in a security exception.
*
* @param parent the parent thread group.
* @param name the name of the new thread group, can be {@code null}
* @throws SecurityException if the current thread cannot create a
* thread in the specified thread group.
* @see java.lang.ThreadGroup#checkAccess()
*/
@SuppressWarnings("this-escape")
public ThreadGroup(ThreadGroup parent, String name) {
this(checkParentAccess(parent), parent, name);
this(parent, name, parent.maxPriority, parent.daemon);
}
/**
@ -178,22 +157,11 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
/**
* Returns the parent of this thread group.
* <p>
* First, if the parent is not {@code null}, the
* {@code checkAccess} method of the parent thread group is
* called with no arguments; this may result in a security exception.
*
* @return the parent of this thread group. The top-level thread group
* is the only thread group whose parent is {@code null}.
* @throws SecurityException if the current thread cannot modify
* this thread group.
* @see java.lang.ThreadGroup#checkAccess()
* @see java.lang.SecurityException
* @see java.lang.RuntimePermission
*/
public final ThreadGroup getParent() {
if (parent != null)
parent.checkAccess();
return parent;
}
@ -245,15 +213,8 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
/**
* Sets the daemon status of this thread group.
* The daemon status is not used for anything.
* <p>
* First, the {@code checkAccess} method of this thread group is
* called with no arguments; this may result in a security exception.
*
* @param daemon the daemon status
* @throws SecurityException if the current thread cannot modify
* this thread group.
* @see java.lang.SecurityException
* @see java.lang.ThreadGroup#checkAccess()
*
* @deprecated This method originally configured whether the thread group is
* a <i>daemon thread group</i> that is automatically destroyed
@ -264,7 +225,6 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
*/
@Deprecated(since="16", forRemoval=true)
public final void setDaemon(boolean daemon) {
checkAccess();
this.daemon = daemon;
}
@ -275,9 +235,6 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* Threads in the thread group (or subgroups) that already have a higher
* priority are not affected by this method.
* <p>
* First, the {@code checkAccess} method of this thread group is
* called with no arguments; this may result in a security exception.
* <p>
* If the {@code pri} argument is less than
* {@link Thread#MIN_PRIORITY} or greater than
* {@link Thread#MAX_PRIORITY}, the maximum priority of the group
@ -292,14 +249,9 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* every thread group that belongs to this thread group.
*
* @param pri the new priority of the thread group.
* @throws SecurityException if the current thread cannot modify
* this thread group.
* @see #getMaxPriority
* @see java.lang.SecurityException
* @see java.lang.ThreadGroup#checkAccess()
*/
public final void setMaxPriority(int pri) {
checkAccess();
if (pri >= Thread.MIN_PRIORITY && pri <= Thread.MAX_PRIORITY) {
synchronized (this) {
if (parent == null) {
@ -331,31 +283,16 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
}
/**
* Determines if the currently running thread has permission to
* modify this thread group.
* <p>
* If there is a security manager, its {@code checkAccess} method
* is called with this thread group as its argument. This may result
* in throwing a {@code SecurityException}.
* Does nothing.
*
* @throws SecurityException if the current thread is not allowed to
* access this thread group.
* @see java.lang.SecurityManager#checkAccess(java.lang.ThreadGroup)
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
* @deprecated This method originally determined if the currently running
* thread had permission to modify this thread group. This method was only
* useful in conjunction with {@linkplain SecurityManager the Security Manager},
* which is no longer supported. There is no replacement for the Security
* Manager or this method.
*/
@Deprecated(since="17", forRemoval=true)
public final void checkAccess() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkAccess(this);
}
}
public final void checkAccess() { }
/**
* Returns an estimate of the number of {@linkplain Thread#isAlive() live}
@ -400,10 +337,6 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* an array into which to put the list of threads
*
* @return the number of threads put into the array
*
* @throws SecurityException
* if {@linkplain #checkAccess checkAccess} determines that
* the current thread cannot access this thread group
*/
public int enumerate(Thread[] list) {
return enumerate(list, true);
@ -435,14 +368,9 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* thread group
*
* @return the number of threads put into the array
*
* @throws SecurityException
* if {@linkplain #checkAccess checkAccess} determines that
* the current thread cannot access this thread group
*/
public int enumerate(Thread[] list, boolean recurse) {
Objects.requireNonNull(list);
checkAccess();
int n = 0;
if (list.length > 0) {
for (Thread thread : Thread.getAllThreads()) {
@ -494,10 +422,6 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* an array into which to put the list of thread groups
*
* @return the number of thread groups put into the array
*
* @throws SecurityException
* if {@linkplain #checkAccess checkAccess} determines that
* the current thread cannot access this thread group
*/
public int enumerate(ThreadGroup[] list) {
return enumerate(list, true);
@ -528,14 +452,9 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* if {@code true}, recursively enumerate all subgroups
*
* @return the number of thread groups put into the array
*
* @throws SecurityException
* if {@linkplain #checkAccess checkAccess} determines that
* the current thread cannot access this thread group
*/
public int enumerate(ThreadGroup[] list, boolean recurse) {
Objects.requireNonNull(list);
checkAccess();
return enumerate(list, 0, recurse);
}
@ -559,16 +478,10 @@ public class ThreadGroup implements Thread.UncaughtExceptionHandler {
* Interrupts all {@linkplain Thread#isAlive() live} platform threads in
* this thread group and its subgroups.
*
* @throws SecurityException if the current thread is not allowed
* to access this thread group or any of the threads in
* the thread group.
* @see java.lang.Thread#interrupt()
* @see java.lang.SecurityException
* @see java.lang.ThreadGroup#checkAccess()
* @since 1.2
*/
public final void interrupt() {
checkAccess();
for (Thread thread : Thread.getAllThreads()) {
ThreadGroup g = thread.getThreadGroup();
if (parentOf(g)) {

2
src/java.base/share/classes/java/lang/VirtualThread.java
View File

@ -1016,8 +1016,6 @@ final class VirtualThread extends BaseVirtualThread {
@SuppressWarnings("removal")
public void interrupt() {
if (Thread.currentThread() != this) {
checkAccess();
// if current thread is a virtual thread then prevent it from being
// suspended or unmounted when entering or holding interruptLock
Interruptible blocker;

8
src/java.base/share/classes/java/lang/invoke/LambdaMetafactory.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2012, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2012, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -316,9 +316,6 @@ public final class LambdaMetafactory {
* handle referencing a method or constructor, or if the linkage
* invariants are violated, as defined {@link LambdaMetafactory above}.
* @throws NullPointerException If any argument is {@code null}.
* @throws SecurityException If a security manager is present, and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* from {@code caller} to the package of {@code implementation}.
*/
public static CallSite metafactory(MethodHandles.Lookup caller,
String interfaceMethodName,
@ -467,9 +464,6 @@ public final class LambdaMetafactory {
* of {@code args} do not follow the above rules, or if
* {@code altInterfaceCount} or {@code altMethodCount} are negative
* integers.
* @throws SecurityException If a security manager is present, and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* from {@code caller} to the package of {@code implementation}.
*/
public static CallSite altMetafactory(MethodHandles.Lookup caller,
String interfaceMethodName,

5
src/java.base/share/classes/java/lang/invoke/MethodHandleProxies.java
View File

@ -147,11 +147,6 @@ public class MethodHandleProxies {
* such as abstract classes with single abstract methods.
* Future versions of this API may also equip wrapper instances
* with one or more additional public "marker" interfaces.
* <p>
* If a security manager is installed, this method is caller sensitive.
* During any invocation of the target method handle via the returned wrapper,
* the original creator of the wrapper (the caller) will be visible
* to context checks requested by the security manager.
*
* @param <T> the desired type of the wrapper, a single-method interface
* @param intfc a class object representing {@code T}

128
src/java.base/share/classes/java/lang/invoke/MethodHandles.java
View File

@ -165,8 +165,6 @@ public class MethodHandles {
* <em>Discussion:</em>
* The lookup class can be changed to any other class {@code C} using an expression of the form
* {@link Lookup#in publicLookup().in(C.class)}.
* A public lookup object is always subject to
* <a href="MethodHandles.Lookup.html#secmgr">security manager checks</a>.
* Also, it cannot access
* <a href="MethodHandles.Lookup.html#callsens">caller sensitive methods</a>.
* @return a lookup object which is trusted minimally
@ -186,9 +184,6 @@ public class MethodHandles {
* allowed to do deep reflection on module {@code M2} and package of the target class
* if and only if all of the following conditions are {@code true}:
* <ul>
* <li>If there is a security manager, its {@code checkPermission} method is
* called to check {@code ReflectPermission("suppressAccessChecks")} and
* that must return normally.
* <li>The caller lookup object must have {@linkplain Lookup#hasFullPrivilegeAccess()
* full privilege access}. Specifically:
* <ul>
@ -238,7 +233,6 @@ public class MethodHandles {
* @return a lookup object for the target class, with private access
* @throws IllegalArgumentException if {@code targetClass} is a primitive type or void or array class
* @throws NullPointerException if {@code targetClass} or {@code caller} is {@code null}
* @throws SecurityException if denied by the security manager
* @throws IllegalAccessException if any of the other access checks specified above fails
* @since 9
* @see Lookup#dropLookupMode
@ -459,14 +453,10 @@ public class MethodHandles {
* on the target to obtain its symbolic reference, and then called
* {@link java.lang.invoke.MethodHandleInfo#reflectAs MethodHandleInfo.reflectAs}
* to resolve the symbolic reference to a member.
* <p>
* If there is a security manager, its {@code checkPermission} method
* is called with a {@code ReflectPermission("suppressAccessChecks")} permission.
* @param <T> the desired type of the result, either {@link Member} or a subtype
* @param expected a class object representing the desired result type {@code T}
* @param target a direct method handle to crack into symbolic reference components
* @return a reference to the method, constructor, or field object
* @throws SecurityException if the caller is not privileged to call {@code setAccessible}
* @throws NullPointerException if either argument is {@code null}
* @throws IllegalArgumentException if the target is not a direct method handle
* @throws ClassCastException if the member is not of the expected type
@ -616,10 +606,6 @@ public class MethodHandles {
* the lookup can still succeed.
* For example, lookups for {@code MethodHandle.invokeExact} and
* {@code MethodHandle.invoke} will always succeed, regardless of requested type.
* <li>If there is a security manager installed, it can forbid the lookup
* on various grounds (<a href="MethodHandles.Lookup.html#secmgr">see below</a>).
* By contrast, the {@code ldc} instruction on a {@code CONSTANT_MethodHandle}
* constant is not subject to security manager checks.
* <li>If the looked-up method has a
* <a href="MethodHandle.html#maxarity">very large arity</a>,
* the method handle creation may fail with an
@ -1317,74 +1303,6 @@ public class MethodHandles {
* all access modes are dropped.</li>
* </ul>
*
* <h2><a id="secmgr"></a>Security manager interactions</h2>
* Although bytecode instructions can only refer to classes in
* a related class loader, this API can search for methods in any
* class, as long as a reference to its {@code Class} object is
* available. Such cross-loader references are also possible with the
* Core Reflection API, and are impossible to bytecode instructions
* such as {@code invokestatic} or {@code getfield}.
* There is a {@linkplain java.lang.SecurityManager security manager API}
* to allow applications to check such cross-loader references.
* These checks apply to both the {@code MethodHandles.Lookup} API
* and the Core Reflection API
* (as found on {@link java.lang.Class Class}).
* <p>
* If a security manager is present, member and class lookups are subject to
* additional checks.
* From one to three calls are made to the security manager.
* Any of these calls can refuse access by throwing a
* {@link java.lang.SecurityException SecurityException}.
* Define {@code smgr} as the security manager,
* {@code lookc} as the lookup class of the current lookup object,
* {@code refc} as the containing class in which the member
* is being sought, and {@code defc} as the class in which the
* member is actually defined.
* (If a class or other type is being accessed,
* the {@code refc} and {@code defc} values are the class itself.)
* The value {@code lookc} is defined as <em>not present</em>
* if the current lookup object does not have
* {@linkplain #hasFullPrivilegeAccess() full privilege access}.
* The calls are made according to the following rules:
* <ul>
* <li><b>Step 1:</b>
* If {@code lookc} is not present, or if its class loader is not
* the same as or an ancestor of the class loader of {@code refc},
* then {@link SecurityManager#checkPackageAccess
* smgr.checkPackageAccess(refcPkg)} is called,
* where {@code refcPkg} is the package of {@code refc}.
* <li><b>Step 2a:</b>
* If the retrieved member is not public and
* {@code lookc} is not present, then
* {@link SecurityManager#checkPermission smgr.checkPermission}
* with {@code RuntimePermission("accessDeclaredMembers")} is called.
* <li><b>Step 2b:</b>
* If the retrieved class has a {@code null} class loader,
* and {@code lookc} is not present, then
* {@link SecurityManager#checkPermission smgr.checkPermission}
* with {@code RuntimePermission("getClassLoader")} is called.
* <li><b>Step 3:</b>
* If the retrieved member is not public,
* and if {@code lookc} is not present,
* and if {@code defc} and {@code refc} are different,
* then {@link SecurityManager#checkPackageAccess
* smgr.checkPackageAccess(defcPkg)} is called,
* where {@code defcPkg} is the package of {@code defc}.
* </ul>
* Security checks are performed after other access checks have passed.
* Therefore, the above rules presuppose a member or class that is public,
* or else that is being accessed from a lookup class that has
* rights to access the member or class.
* <p>
* If a security manager is present and the current lookup object does not have
* {@linkplain #hasFullPrivilegeAccess() full privilege access}, then
* {@link #defineClass(byte[]) defineClass},
* {@link #defineHiddenClass(byte[], boolean, ClassOption...) defineHiddenClass},
* {@link #defineHiddenClassWithClassData(byte[], Object, boolean, ClassOption...)
* defineHiddenClassWithClassData}
* calls {@link SecurityManager#checkPermission smgr.checkPermission}
* with {@code RuntimePermission("defineClass")}.
*
* <h2><a id="callsens"></a>Caller sensitive methods</h2>
* A small number of Java methods have a special property called caller sensitivity.
* A <em>caller-sensitive</em> method can behave differently depending on the
@ -1825,10 +1743,6 @@ public class MethodHandles {
* run at a later time, as detailed in section 12.4 of the <em>The Java Language
* Specification</em>. </p>
*
* <p> If there is a security manager and this lookup does not have {@linkplain
* #hasFullPrivilegeAccess() full privilege access}, its {@code checkPermission} method
* is first called to check {@code RuntimePermission("defineClass")}. </p>
*
* @param bytes the class bytes
* @return the {@code Class} object for the class
* @throws IllegalAccessException if this lookup does not have {@code PACKAGE} access
@ -1838,8 +1752,6 @@ public class MethodHandles {
* ({@code ACC_MODULE} flag is set in the value of the {@code access_flags} item)
* @throws VerifyError if the newly created class cannot be verified
* @throws LinkageError if the newly created class cannot be linked for any other reason
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if {@code bytes} is {@code null}
* @since 9
* @see MethodHandles#privateLookupIn
@ -2097,8 +2009,6 @@ public class MethodHandles {
*
* @throws IllegalAccessException if this {@code Lookup} does not have
* {@linkplain #hasFullPrivilegeAccess() full privilege} access
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws ClassFormatError if {@code bytes} is not a {@code ClassFile} structure
* @throws UnsupportedClassVersionError if {@code bytes} is not of a supported major or minor version
* @throws IllegalArgumentException if {@code bytes} denotes a class in a different package
@ -2180,8 +2090,6 @@ public class MethodHandles {
*
* @throws IllegalAccessException if this {@code Lookup} does not have
* {@linkplain #hasFullPrivilegeAccess() full privilege} access
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws ClassFormatError if {@code bytes} is not a {@code ClassFile} structure
* @throws UnsupportedClassVersionError if {@code bytes} is not of a supported major or minor version
* @throws IllegalArgumentException if {@code bytes} denotes a class in a different package
@ -2631,8 +2539,6 @@ assertEquals("[x, y]", MH_asList.invoke("x", "y").toString());
* or if the method is not {@code static},
* or if the method's variable arity modifier bit
* is set and {@code asVarargsCollector} fails
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
*/
public MethodHandle findStatic(Class<?> refc, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException {
@ -2715,8 +2621,6 @@ assertEquals("", (String) MH_newString.invokeExact());
* or if the method is {@code static},
* or if the method's variable arity modifier bit
* is set and {@code asVarargsCollector} fails
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
*/
public MethodHandle findVirtual(Class<?> refc, String name, MethodType type) throws NoSuchMethodException, IllegalAccessException {
@ -2789,8 +2693,6 @@ assertEquals("[x, y, z]", pb.command().toString());
* @throws IllegalAccessException if access checking fails
* or if the method's variable arity modifier bit
* is set and {@code asVarargsCollector} fails
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
*/
public MethodHandle findConstructor(Class<?> refc, MethodType type) throws NoSuchMethodException, IllegalAccessException {
@ -2819,8 +2721,6 @@ assertEquals("[x, y, z]", pb.command().toString());
* @param targetName the {@linkplain ClassLoader##binary-name binary name} of the class
* or the string representing an array class
* @return the requested class.
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws LinkageError if the linkage fails
* @throws ClassNotFoundException if the class cannot be loaded by the lookup class' loader.
* @throws IllegalAccessException if the class is not accessible, using the allowed access
@ -2856,8 +2756,6 @@ assertEquals("[x, y, z]", pb.command().toString());
* {@linkplain #accessClass accessible} to this lookup
* @throws ExceptionInInitializerError if the class initialization provoked
* by this method fails
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @since 15
* @jvms 5.5 Initialization
*/
@ -2966,8 +2864,6 @@ assertEquals("[x, y, z]", pb.command().toString());
* @return {@code targetClass} that has been access-checked
* @throws IllegalAccessException if the class is not accessible from the lookup class
* and previous lookup class, if present, using the allowed access modes.
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if {@code targetClass} is {@code null}
* @since 9
* @see <a href="#cross-module-lookup">Cross-module lookups</a>
@ -3050,8 +2946,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* or if the method is {@code static},
* or if the method's variable arity modifier bit
* is set and {@code asVarargsCollector} fails
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
*/
public MethodHandle findSpecial(Class<?> refc, String name, MethodType type,
@ -3075,8 +2969,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* @return a method handle which can load values from the field
* @throws NoSuchFieldException if the field does not exist
* @throws IllegalAccessException if access checking fails, or if the field is {@code static}
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
* @see #findVarHandle(Class, String, Class)
*/
@ -3099,8 +2991,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* @throws NoSuchFieldException if the field does not exist
* @throws IllegalAccessException if access checking fails, or if the field is {@code static}
* or {@code final}
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
* @see #findVarHandle(Class, String, Class)
*/
@ -3172,8 +3062,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* @return a VarHandle giving access to non-static fields.
* @throws NoSuchFieldException if the field does not exist
* @throws IllegalAccessException if access checking fails, or if the field is {@code static}
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
* @since 9
*/
@ -3198,8 +3086,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* @return a method handle which can load values from the field
* @throws NoSuchFieldException if the field does not exist
* @throws IllegalAccessException if access checking fails, or if the field is not {@code static}
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
*/
public MethodHandle findStaticGetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException {
@ -3223,8 +3109,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* @throws NoSuchFieldException if the field does not exist
* @throws IllegalAccessException if access checking fails, or if the field is not {@code static}
* or is {@code final}
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
*/
public MethodHandle findStaticSetter(Class<?> refc, String name, Class<?> type) throws NoSuchFieldException, IllegalAccessException {
@ -3297,8 +3181,6 @@ assertEquals(""+l, (String) MH_this.invokeExact(subl)); // Listie method
* @return a VarHandle giving access to a static field
* @throws NoSuchFieldException if the field does not exist
* @throws IllegalAccessException if access checking fails, or if the field is not {@code static}
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
* @since 9
*/
@ -3351,8 +3233,6 @@ return mh1;
* @throws IllegalAccessException if access checking fails
* or if the method's variable arity modifier bit
* is set and {@code asVarargsCollector} fails
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws NullPointerException if any argument is null
* @see MethodHandle#bindTo
* @see #findVirtual
@ -3685,8 +3565,6 @@ return mh1;
* and was created by a lookup object for a different class.
* @param target a direct method handle to crack into symbolic reference components
* @return a symbolic reference which can be used to reconstruct this method handle from this lookup object
* @throws SecurityException if a security manager is present and it
* <a href="MethodHandles.Lookup.html#secmgr">refuses access</a>
* @throws IllegalArgumentException if the target is not a direct method handle or if access checking fails
* @throws NullPointerException if the target is {@code null}
* @see MethodHandleInfo
@ -4656,7 +4534,7 @@ int spreadArgCount = type.parameterCount() - leadingArgCount;
invoker = invoker.asSpreader(Object[].class, spreadArgCount);
return invoker;
* }
* This method throws no reflective or security exceptions.
* This method throws no reflective exceptions.
* @param type the desired target type
* @param leadingArgCount number of fixed arguments, to be passed unchanged to the target
* @return a method handle suitable for invoking any method handle of the given type
@ -4702,7 +4580,7 @@ return invoker;
* on the declared {@code invokeExact} or {@code invoke} method will raise an
* {@link java.lang.UnsupportedOperationException UnsupportedOperationException}.)</em>
* <p>
* This method throws no reflective or security exceptions.
* This method throws no reflective exceptions.
* @param type the desired target type
* @return a method handle suitable for invoking any method handle of the given type
* @throws IllegalArgumentException if the resulting method handle's type would have
@ -4740,7 +4618,7 @@ return invoker;
* on the declared {@code invokeExact} or {@code invoke} method will raise an
* {@link java.lang.UnsupportedOperationException UnsupportedOperationException}.)</em>
* <p>
* This method throws no reflective or security exceptions.
* This method throws no reflective exceptions.
* @param type the desired target type
* @return a method handle suitable for invoking any method handle convertible to the given type
* @throws IllegalArgumentException if the resulting method handle's type would have

3
src/java.base/share/classes/java/lang/invoke/MethodType.java
View File

@ -1178,9 +1178,6 @@ class MethodType
* @throws NullPointerException if the string is {@code null}
* @throws IllegalArgumentException if the string is not a method descriptor
* @throws TypeNotPresentException if a named type cannot be found
* @throws SecurityException if the security manager is present and
* {@code loader} is {@code null} and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
* @jvms 4.3.3 Method Descriptors
*/
public static MethodType fromMethodDescriptorString(String descriptor, ClassLoader loader)

11
src/java.base/share/classes/java/lang/module/Configuration.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -244,8 +244,6 @@ public final class Configuration {
* @throws ResolutionException
* If resolution fails any of the consistency checks specified by
* the static {@code resolve} method
* @throws SecurityException
* If locating a module is denied by the security manager
*/
public Configuration resolve(ModuleFinder before,
ModuleFinder after,
@ -287,8 +285,6 @@ public final class Configuration {
* @throws ResolutionException
* If resolution fails any of the consistency checks specified by
* the static {@code resolve} method
* @throws SecurityException
* If locating a module is denied by the security manager
*/
public Configuration resolveAndBind(ModuleFinder before,
ModuleFinder after,
@ -399,9 +395,6 @@ public final class Configuration {
* If the list of parents is empty, or the list has two or more
* parents with modules for different target operating systems,
* architectures, or versions
*
* @throws SecurityException
* If locating a module is denied by the security manager
*/
public static Configuration resolve(ModuleFinder before,
List<Configuration> parents,
@ -471,8 +464,6 @@ public final class Configuration {
* If the list of parents is empty, or the list has two or more
* parents with modules for different target operating systems,
* architectures, or versions
* @throws SecurityException
* If locating a module is denied by the security manager
*/
public static Configuration resolveAndBind(ModuleFinder before,
List<Configuration> parents,

17
src/java.base/share/classes/java/lang/module/ModuleFinder.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -99,9 +99,6 @@ public interface ModuleFinder {
*
* @throws FindException
* If an error occurs finding the module
*
* @throws SecurityException
* If denied by the security manager
*/
Optional<ModuleReference> find(String name);
@ -123,9 +120,6 @@ public interface ModuleFinder {
*
* @throws FindException
* If an error occurs finding all modules
*
* @throws SecurityException
* If denied by the security manager
*/
Set<ModuleReference> findAll();
@ -134,16 +128,7 @@ public interface ModuleFinder {
* system modules are the modules in the Java run-time image.
* The module finder will always find {@code java.base}.
*
* <p> If there is a security manager set then its {@link
* SecurityManager#checkPermission(Permission) checkPermission} method is
* invoked to check that the caller has been granted
* {@link RuntimePermission RuntimePermission("accessSystemModules")}
* to access the system modules. </p>
*
* @return A {@code ModuleFinder} that locates the system modules
*
* @throws SecurityException
* If denied by the security manager
*/
@SuppressWarnings("removal")
static ModuleFinder ofSystem() {

19
src/java.base/share/classes/java/lang/module/ModuleReader.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -60,11 +60,6 @@ import java.util.stream.Stream;
* try-with-resources} statement provides a useful construct to ensure that
* module readers are closed. </p>
*
* <p> A {@code ModuleReader} implementation may require permissions to access
* resources in the module. Consequently the {@link #find find}, {@link #open
* open}, {@link #read read}, and {@link #list list} methods may throw {@code
* SecurityException} if access is denied by the security manager. </p>
*
* @implSpec Implementations of {@code ModuleReader} should take great care
* when translating an abstract resource name to the location of a resource in
* a packaged module or on the file system. Implementations are advised to
@ -95,8 +90,6 @@ public interface ModuleReader extends Closeable {
*
* @throws IOException
* If an I/O error occurs or the module reader is closed
* @throws SecurityException
* If denied by the security manager
*
* @see ClassLoader#getResource(String)
*/
@ -122,8 +115,6 @@ public interface ModuleReader extends Closeable {
*
* @throws IOException
* If an I/O error occurs or the module reader is closed
* @throws SecurityException
* If denied by the security manager
*/
default Optional<InputStream> open(String name) throws IOException {
Optional<URI> ouri = find(name);
@ -162,8 +153,6 @@ public interface ModuleReader extends Closeable {
*
* @throws IOException
* If an I/O error occurs or the module reader is closed
* @throws SecurityException
* If denied by the security manager
* @throws OutOfMemoryError
* If the resource is larger than {@code Integer.MAX_VALUE},
* the maximum capacity of a byte buffer
@ -209,9 +198,7 @@ public interface ModuleReader extends Closeable {
* when using the stream to list the module contents. If this occurs then
* the {@code IOException} will be wrapped in an {@link
* java.io.UncheckedIOException} and thrown from the method that caused the
* access to be attempted. {@code SecurityException} may also be thrown
* when using the stream to list the module contents and access is denied
* by the security manager. </p>
* access to be attempted.
*
* <p> The returned stream may contain references to one or more open directories
* in the module. The directories are closed by closing the stream. </p>
@ -229,8 +216,6 @@ public interface ModuleReader extends Closeable {
*
* @throws IOException
* If an I/O error occurs or the module reader is closed
* @throws SecurityException
* If denied by the security manager
*/
Stream<String> list() throws IOException;

10
src/java.base/share/classes/java/lang/module/ModuleReference.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2014, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -76,12 +76,6 @@ public abstract class ModuleReference {
/**
* Returns the location of this module's content, if known.
*
* <p> This URI, when present, can be used as the {@linkplain
* java.security.CodeSource#getLocation location} value of a {@link
* java.security.CodeSource CodeSource} so that a module's classes can be
* granted specific permissions when loaded by a {@link
* java.security.SecureClassLoader SecureClassLoader}.
*
* @return The location or an empty {@code Optional} if not known
*/
public final Optional<URI> location() {
@ -95,8 +89,6 @@ public abstract class ModuleReference {
*
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If denied by the security manager
*/
public abstract ModuleReader open() throws IOException;
}

10
src/java.base/share/classes/java/lang/package-info.java
View File

@ -53,12 +53,10 @@
* StringBuilder} similarly provide commonly used operations on
* character strings.
*
* <p>Classes {@link ClassLoader}, {@link Process}, {@link
* ProcessBuilder}, {@link Runtime}, {@link SecurityManager}, and
* {@link System} provide "system operations" that manage the dynamic
* loading of classes, creation of external processes, host
* environment inquiries such as the time of day, and enforcement of
* security policies.
* <p>Classes {@link ClassLoader}, {@link Process}, {@link ProcessBuilder},
* {@link Runtime}, and {@link System} provide "system operations" that
* manage the dynamic loading of classes, creation of external processes,
* and host environment inquiries such as the time of day.
*
* <p>Class {@link Throwable} encompasses objects that may be thrown
* by the {@code throw} statement. Subclasses of {@code Throwable}

10
src/java.base/share/classes/java/lang/ref/Cleaner.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -163,17 +163,11 @@ public final class Cleaner {
* The {@linkplain java.lang.Thread#getContextClassLoader context class loader}
* of the thread is set to the
* {@linkplain ClassLoader#getSystemClassLoader() system class loader}.
* The thread has no permissions, enforced only if a
* {@linkplain java.lang.System#setSecurityManager(SecurityManager)
* {@code SecurityManager} is set}.
* <p>
* The cleaner terminates when it is phantom reachable and all of the
* registered cleaning actions are complete.
*
* @return a new {@code Cleaner}
*
* @throws SecurityException if the current thread is not allowed to
* create or start the thread.
*/
public static Cleaner create() {
Cleaner cleaner = new Cleaner();
@ -199,8 +193,6 @@ public final class Cleaner {
*
* @throws IllegalThreadStateException if the thread from the thread
* factory was {@linkplain Thread.State#NEW not a new thread}.
* @throws SecurityException if the current thread is not allowed to
* create or start the thread.
*/
public static Cleaner create(ThreadFactory threadFactory) {
Objects.requireNonNull(threadFactory, "threadFactory");

25
src/java.base/share/classes/java/lang/reflect/AccessibleObject.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -94,17 +94,13 @@ public class AccessibleObject implements AnnotatedElement {
/**
* Convenience method to set the {@code accessible} flag for an
* array of reflected objects with a single security check (for efficiency).
* array of reflected objects.
*
* <p> This method may be used to enable access to all reflected objects in
* the array when access to each reflected object can be enabled as
* specified by {@link #setAccessible(boolean) setAccessible(boolean)}. </p>
*
* <p>If there is a security manager, its
* {@code checkPermission} method is first called with a
* {@code ReflectPermission("suppressAccessChecks")} permission.
*
* <p>A {@code SecurityException} is also thrown if any of the elements of
* <p>A {@code SecurityException} is thrown if any of the elements of
* the input {@code array} is a {@link java.lang.reflect.Constructor}
* object for the class {@code java.lang.Class} and {@code flag} is true.
*
@ -113,11 +109,8 @@ public class AccessibleObject implements AnnotatedElement {
* in each object
* @throws InaccessibleObjectException if access cannot be enabled for all
* objects in the array
* @throws SecurityException if the request is denied by the security manager
* or an element in the array is a constructor for {@code
* @throws SecurityException if an element in the array is a constructor for {@code
* java.lang.Class}
* @see SecurityManager#checkPermission
* @see ReflectPermission
*/
@CallerSensitive
public static void setAccessible(AccessibleObject[] array, boolean flag) {
@ -194,13 +187,8 @@ public class AccessibleObject implements AnnotatedElement {
* control checks to only enable {@linkplain Field#get <em>read</em>} access to
* these non-modifiable final fields.
*
* <p> If there is a security manager, its
* {@code checkPermission} method is first called with a
* {@code ReflectPermission("suppressAccessChecks")} permission.
*
* @param flag the new value for the {@code accessible} flag
* @throws InaccessibleObjectException if access cannot be enabled
* @throws SecurityException if the request is denied by the security manager
*
* @spec jni/index.html Java Native Interface Specification
* @see #trySetAccessible
@ -260,13 +248,8 @@ public class AccessibleObject implements AnnotatedElement {
* only be set if the member and the declaring class are public, and
* the class is in a package that is exported unconditionally. </p>
*
* <p> If there is a security manager, its {@code checkPermission} method
* is first called with a {@code ReflectPermission("suppressAccessChecks")}
* permission. </p>
*
* @return {@code true} if the {@code accessible} flag is set to {@code true};
* {@code false} if access cannot be enabled.
* @throws SecurityException if the request is denied by the security manager
*
* @spec jni/index.html Java Native Interface Specification
* @since 9

6
src/java.base/share/classes/java/lang/reflect/Constructor.java
View File

@ -169,16 +169,14 @@ public final class Constructor<T> extends Executable {
/**
* {@inheritDoc}
*
* <p> A {@code SecurityException} is also thrown if this object is a
* <p> A {@code SecurityException} is thrown if this object is a
* {@code Constructor} object for the class {@code Class} and {@code flag}
* is true. </p>
*
* @param flag {@inheritDoc}
*
* @throws InaccessibleObjectException {@inheritDoc}
* @throws SecurityException if the request is denied by the security manager
* or this is a constructor for {@code java.lang.Class}
*
* @throws SecurityException if this is a constructor for {@code java.lang.Class}
*/
@Override
@CallerSensitive

1
src/java.base/share/classes/java/lang/reflect/Field.java
View File

@ -166,7 +166,6 @@ class Field extends AccessibleObject implements Member {
/**
* @throws InaccessibleObjectException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
*/
@Override
@CallerSensitive

1
src/java.base/share/classes/java/lang/reflect/Method.java
View File

@ -169,7 +169,6 @@ public final class Method extends Executable {
/**
* @throws InaccessibleObjectException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
*/
@Override
@CallerSensitive

48
src/java.base/share/classes/java/lang/reflect/Proxy.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1999, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1999, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -117,9 +117,7 @@ import static java.lang.module.ModuleDescriptor.Modifier.SYNTHETIC;
*
* <li>The {@link java.security.ProtectionDomain} of a proxy class
* is the same as that of system classes loaded by the bootstrap class
* loader, such as {@code java.lang.Object}, because the code for a
* proxy class is generated by trusted system code. This protection
* domain will typically be granted {@code java.security.AllPermission}.
* loader, such as {@code java.lang.Object}.
*
* <li>The {@link Proxy#isProxyClass Proxy.isProxyClass} method can be used
* to determine if a given class is a proxy class.
@ -354,21 +352,6 @@ public class Proxy implements java.io.Serializable {
* and that implements the specified interfaces
* @throws IllegalArgumentException if any of the <a href="#restrictions">
* restrictions</a> on the parameters are violated
* @throws SecurityException if a security manager, <em>s</em>, is present
* and any of the following conditions is met:
* <ul>
* <li> the given {@code loader} is {@code null} and
* the caller's class loader is not {@code null} and the
* invocation of {@link SecurityManager#checkPermission
* s.checkPermission} with
* {@code RuntimePermission("getClassLoader")} permission
* denies access.</li>
* <li> for each proxy interface, {@code intf},
* the caller's class loader is not the same as or an
* ancestor of the class loader for {@code intf} and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to {@code intf}.</li>
* </ul>
* @throws NullPointerException if the {@code interfaces} array
* argument or any of its elements are {@code null}
*
@ -989,27 +972,6 @@ public class Proxy implements java.io.Serializable {
* and that implements the specified interfaces
* @throws IllegalArgumentException if any of the <a href="#restrictions">
* restrictions</a> on the parameters are violated
* @throws SecurityException if a security manager, <em>s</em>, is present
* and any of the following conditions is met:
* <ul>
* <li> the given {@code loader} is {@code null} and
* the caller's class loader is not {@code null} and the
* invocation of {@link SecurityManager#checkPermission
* s.checkPermission} with
* {@code RuntimePermission("getClassLoader")} permission
* denies access;</li>
* <li> for each proxy interface, {@code intf},
* the caller's class loader is not the same as or an
* ancestor of the class loader for {@code intf} and
* invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to {@code intf};</li>
* <li> any of the given proxy interfaces is non-public and the
* caller class is not in the same {@linkplain Package runtime package}
* as the non-public interface and the invocation of
* {@link SecurityManager#checkPermission s.checkPermission} with
* {@code ReflectPermission("newProxyInPackage.{package name}")}
* permission denies access.</li>
* </ul>
* @throws NullPointerException if the {@code interfaces} array
* argument or any of its elements are {@code null}, or
* if the invocation handler, {@code h}, is
@ -1112,12 +1074,6 @@ public class Proxy implements java.io.Serializable {
* @return the invocation handler for the proxy instance
* @throws IllegalArgumentException if the argument is not a
* proxy instance
* @throws SecurityException if a security manager, <em>s</em>, is present
* and the caller's class loader is not the same as or an
* ancestor of the class loader for the invocation handler
* and invocation of {@link SecurityManager#checkPackageAccess
* s.checkPackageAccess()} denies access to the invocation
* handler's class.
*/
@SuppressWarnings("removal")
@CallerSensitive

46
src/java.base/share/classes/java/lang/reflect/ReflectPermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -27,52 +27,14 @@ package java.lang.reflect;
/**
* The Permission class for reflective operations.
* <P>
* The following table
* provides a summary description of what the permission allows,
* and discusses the risks of granting code the permission.
*
* <table class="striped">
* <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption>
* <thead>
* <tr>
* <th scope="col">Permission Target Name</th>
* <th scope="col">What the Permission Allows</th>
* <th scope="col">Risks of Allowing this Permission</th>
* </tr>
* </thead>
* <tbody>
*
* <tr>
* <th scope="row">suppressAccessChecks</th>
* <td>ability to suppress the standard Java language access checks
* on fields and methods in a class; allow access not only public members
* but also allow access to default (package) access, protected,
* and private members.</td>
* <td>This is dangerous in that information (possibly confidential) and
* methods normally unavailable would be accessible to malicious code.</td>
* </tr>
* <tr>
* <th scope="row">newProxyInPackage.{package name}</th>
* <td>ability to create a proxy instance in the specified package of which
* the non-public interface that the proxy class implements.</td>
* <td>This gives code access to classes in packages to which it normally
* does not have access and the dynamic proxy class is in the system
* protection domain. Malicious code may use these classes to
* help in its attempt to compromise security in the system.</td>
* </tr>
*
* </tbody>
* </table>
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @see java.security.Permission
* @see java.security.BasicPermission
* @see AccessibleObject
* @see Field#get
* @see Field#set
* @see Method#invoke
* @see Constructor#newInstance
* @see Proxy#newProxyInstance
*
* @since 1.2
*/

5
src/java.base/share/classes/java/lang/reflect/package-info.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1998, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1998, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -37,9 +37,6 @@
* members of a target object (based on its runtime class) or the
* members declared by a given class.
*
* <p>{@link AccessibleObject} allows suppression of access checks if
* the necessary {@link ReflectPermission} is available.
*
* <p>{@link Array} provides static methods to dynamically create and
* access arrays.
*

79
src/java.base/share/classes/java/net/Authenticator.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -107,22 +107,9 @@ class Authenticator {
/**
* Sets the authenticator that will be used by the networking code
* when a proxy or an HTTP server asks for authentication.
* <p>
* First, if there is a security manager, its {@code checkPermission}
* method is called with a
* {@code NetPermission("setDefaultAuthenticator")} permission.
* This may result in a java.lang.SecurityException.
*
* @param a The authenticator to be set. If a is {@code null} then
* any previously set authenticator is removed.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* setting the default authenticator.
*
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
*/
public static synchronized void setDefault(Authenticator a) {
@SuppressWarnings("removal")
@ -138,22 +125,9 @@ class Authenticator {
/**
* Gets the default authenticator.
* First, if there is a security manager, its {@code checkPermission}
* method is called with a
* {@code NetPermission("requestPasswordAuthentication")} permission.
* This may result in a java.lang.SecurityException.
* Then the default authenticator, if set, is returned.
* Otherwise, {@code null} is returned.
*
* @return The default authenticator, if set, {@code null} otherwise.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* requesting password authentication.
* @since 9
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
*/
public static Authenticator getDefault() {
@SuppressWarnings("removal")
@ -169,11 +143,6 @@ class Authenticator {
/**
* Ask the authenticator that has been registered with the system
* for a password.
* <p>
* First, if there is a security manager, its {@code checkPermission}
* method is called with a
* {@code NetPermission("requestPasswordAuthentication")} permission.
* This may result in a java.lang.SecurityException.
*
* @param addr The InetAddress of the site requesting authorization,
* or null if not known.
@ -184,14 +153,6 @@ class Authenticator {
* @param scheme The authentication scheme
*
* @return The username/password, or null if one can't be gotten.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* the password authentication request.
*
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
*/
public static PasswordAuthentication requestPasswordAuthentication(
InetAddress addr,
@ -229,11 +190,6 @@ class Authenticator {
* for a password. This is the preferred method for requesting a password
* because the hostname can be provided in cases where the InetAddress
* is not available.
* <p>
* First, if there is a security manager, its {@code checkPermission}
* method is called with a
* {@code NetPermission("requestPasswordAuthentication")} permission.
* This may result in a java.lang.SecurityException.
*
* @param host The hostname of the site requesting authentication.
* @param addr The InetAddress of the site requesting authentication,
@ -246,13 +202,6 @@ class Authenticator {
*
* @return The username/password, or null if one can't be gotten.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* the password authentication request.
*
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
* @since 1.4
*/
public static PasswordAuthentication requestPasswordAuthentication(
@ -291,11 +240,6 @@ class Authenticator {
/**
* Ask the authenticator that has been registered with the system
* for a password.
* <p>
* First, if there is a security manager, its {@code checkPermission}
* method is called with a
* {@code NetPermission("requestPasswordAuthentication")} permission.
* This may result in a java.lang.SecurityException.
*
* @param host The hostname of the site requesting authentication.
* @param addr The InetAddress of the site requesting authorization,
@ -311,14 +255,6 @@ class Authenticator {
*
* @return The username/password, or null if one can't be gotten.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* the password authentication request.
*
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
*
* @since 1.5
*/
public static PasswordAuthentication requestPasswordAuthentication(
@ -363,11 +299,6 @@ class Authenticator {
* {@code authenticator} is null, the authenticator, if any, that has been
* registered with the system using {@link #setDefault(java.net.Authenticator)
* setDefault} is used.
* <p>
* First, if there is a security manager, its {@code checkPermission}
* method is called with a
* {@code NetPermission("requestPasswordAuthentication")} permission.
* This may result in a java.lang.SecurityException.
*
* @param authenticator the authenticator, or {@code null}.
* @param host The hostname of the site requesting authentication.
@ -384,14 +315,6 @@ class Authenticator {
*
* @return The username/password, or {@code null} if one can't be gotten.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* the password authentication request.
*
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
*
* @since 9
*/
public static PasswordAuthentication requestPasswordAuthentication(

6
src/java.base/share/classes/java/net/ContentHandler.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -67,10 +67,6 @@ import java.io.IOException;
* If no user-defined content handler is found, then the system
* tries to load a specific <i>content-type</i> handler from one
* of the built-in handlers, if one exists.
* <p>
* If the loading of the content handler class would be performed by
* a classloader that is outside of the delegation chain of the caller,
* the JVM will need the RuntimePermission "getClassLoader".
*
* @author James Gosling
* @see java.net.ContentHandler#getContent(java.net.URLConnection)

8
src/java.base/share/classes/java/net/CookieHandler.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -70,9 +70,6 @@ public abstract class CookieHandler {
*
* @return the system-wide cookie handler; A null return means
* there is no system-wide cookie handler currently set.
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link NetPermission}{@code ("getCookieHandler")}
* @see #setDefault(CookieHandler)
*/
public static synchronized CookieHandler getDefault() {
@ -91,9 +88,6 @@ public abstract class CookieHandler {
*
* @param cHandler The HTTP cookie handler, or
* {@code null} to unset.
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link NetPermission}{@code ("setCookieHandler")}
* @see #getDefault()
*/
public static synchronized void setDefault(CookieHandler cHandler) {

129
src/java.base/share/classes/java/net/DatagramSocket.java
View File

@ -271,17 +271,8 @@ public class DatagramSocket implements java.io.Closeable {
* on the local host machine. The socket will be bound to the
* {@link InetAddress#isAnyLocalAddress wildcard} address.
*
* <p>If there is a security manager,
* its {@code checkListen} method is first called
* with 0 as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @throws SocketException if the socket could not be opened,
* or the socket could not be bound.
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
*
* @see SecurityManager#checkListen
*/
public DatagramSocket() throws SocketException {
this(new InetSocketAddress(0));
@ -305,23 +296,14 @@ public class DatagramSocket implements java.io.Closeable {
* <p>
* If the address is {@code null} an unbound socket will be created.
*
* <p>If there is a security manager,
* its {@code checkListen} method is first called
* with the port from the socket address
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param bindaddr local socket address to bind, or {@code null}
* for an unbound socket.
*
* @throws SocketException if the socket could not be opened,
* or the socket could not bind to the specified local port.
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if bindaddr is a
* SocketAddress subclass not supported by this socket.
*
* @see SecurityManager#checkListen
* @since 1.4
*/
public DatagramSocket(SocketAddress bindaddr) throws SocketException {
@ -333,21 +315,11 @@ public class DatagramSocket implements java.io.Closeable {
* on the local host machine. The socket will be bound to the
* {@link InetAddress#isAnyLocalAddress wildcard} address.
*
* <p>If there is a security manager,
* its {@code checkListen} method is first called
* with the {@code port} argument
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param port local port to use in the bind operation.
* @throws SocketException if the socket could not be opened,
* or the socket could not bind to the specified local port.
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if port is <a href="#PortRange">
* out of range.</a>
*
* @see SecurityManager#checkListen
*/
public DatagramSocket(int port) throws SocketException {
this(port, null);
@ -364,23 +336,13 @@ public class DatagramSocket implements java.io.Closeable {
* address, or is {@code null}, the socket will be bound to the wildcard
* address.
*
* <p>If there is a security manager,
* its {@code checkListen} method is first called
* with the {@code port} argument
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param port local port to use in the bind operation.
* @param laddr local address to bind (can be {@code null})
*
* @throws SocketException if the socket could not be opened,
* or the socket could not bind to the specified local port.
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if port is <a href="#PortRange">
* out of range.</a>
*
* @see SecurityManager#checkListen
* @since 1.1
*/
public DatagramSocket(int port, InetAddress laddr) throws SocketException {
@ -396,8 +358,6 @@ public class DatagramSocket implements java.io.Closeable {
* @param addr The address and port to bind to.
* @throws SocketException if any error happens during the bind, or if the
* socket is already bound or is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if addr is a SocketAddress subclass
* not supported by this socket.
* @since 1.4
@ -427,19 +387,6 @@ public class DatagramSocket implements java.io.Closeable {
* this socket is unknown - it may or may not be connected to the address
* that it was previously connected to.
*
* <p> If a security manager has been installed then it is invoked to check
* access to the remote address. Specifically, if the given {@code address}
* is a {@link InetAddress#isMulticastAddress multicast address},
* the security manager's {@link
* java.lang.SecurityManager#checkMulticast(InetAddress)
* checkMulticast} method is invoked with the given {@code address}.
* Otherwise, the security manager's {@link
* java.lang.SecurityManager#checkConnect(String,int) checkConnect}
* and {@link java.lang.SecurityManager#checkAccept checkAccept} methods
* are invoked, with the given {@code address} and {@code port}, to
* verify that datagrams are permitted to be sent and received
* respectively.
*
* <p> Care should be taken to ensure that a connected datagram socket
* is not shared with untrusted code. When a socket is connected,
* {@link #receive receive} and {@link #send send} <b>will not perform
@ -461,10 +408,6 @@ public class DatagramSocket implements java.io.Closeable {
* if the address is null, or the port is <a href="#PortRange">
* out of range.</a>
*
* @throws SecurityException
* if a security manager has been installed and it does
* not permit access to the given remote address
*
* @throws UncheckedIOException
* if the port is 0 or connect fails, for example, if the
* destination address is non-routable
@ -503,10 +446,6 @@ public class DatagramSocket implements java.io.Closeable {
* if {@code addr} is {@code null}, or {@code addr} is a SocketAddress
* subclass not supported by this socket
*
* @throws SecurityException
* if a security manager has been installed and it does
* not permit access to the given remote address
*
* @since 1.4
*/
public void connect(SocketAddress addr) throws SocketException {
@ -638,25 +577,9 @@ public class DatagramSocket implements java.io.Closeable {
* data to be sent, its length, the IP address of the remote host,
* and the port number on the remote host.
*
* <p>If there is a security manager, and the socket is not currently
* connected to a remote address, this method first performs some
* security checks. First, if {@code p.getAddress().isMulticastAddress()}
* is true, this method calls the
* security manager's {@code checkMulticast} method
* with {@code p.getAddress()} as its argument.
* If the evaluation of that expression is false,
* this method instead calls the security manager's
* {@code checkConnect} method with arguments
* {@code p.getAddress().getHostAddress()} and
* {@code p.getPort()}. Each call to a security manager method
* could result in a SecurityException if the operation is not allowed.
*
* @param p the {@code DatagramPacket} to be sent.
*
* @throws IOException if an I/O error occurs, or the socket is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkMulticast} or {@code checkConnect}
* method doesn't allow the send.
* @throws PortUnreachableException may be thrown if the socket is connected
* to a currently unreachable destination. Note, there is no
* guarantee that the exception will be thrown.
@ -670,8 +593,6 @@ public class DatagramSocket implements java.io.Closeable {
* range.</a>
*
* @see java.net.DatagramPacket
* @see SecurityManager#checkMulticast(InetAddress)
* @see SecurityManager#checkConnect
*/
public void send(DatagramPacket p) throws IOException {
delegate().send(p);
@ -704,12 +625,6 @@ public class DatagramSocket implements java.io.Closeable {
* {@code SocketException} with the interrupt status set.
* </ol>
*
* <p> If there is a security manager, and the socket is not currently
* connected to a remote address, a packet cannot be received if the
* security manager's {@code checkAccept} method does not allow it.
* Datagrams that are not permitted by the security manager are silently
* discarded.
*
* @param p the {@code DatagramPacket} into which to place
* the incoming data.
* @throws IOException if an I/O error occurs, or the socket is closed.
@ -737,19 +652,11 @@ public class DatagramSocket implements java.io.Closeable {
* When {@link #disconnect()} is called, the bound address reverts
* to the wildcard address.
*
* <p>If there is a security manager, its
* {@code checkConnect} method is first called
* with the host address and {@code -1}
* as its arguments to see if the operation is allowed.
*
* @see SecurityManager#checkConnect
* @return the local address to which the socket is bound,
* {@code null} if the socket is closed, or
* an {@code InetAddress} representing
* {@link InetAddress#isAnyLocalAddress wildcard}
* address if either the socket is not bound, or
* the security manager {@code checkConnect}
* method does not allow the operation
* address if the socket is not bound
* @since 1.1
*/
public InetAddress getLocalAddress() {
@ -1155,19 +1062,11 @@ public class DatagramSocket implements java.io.Closeable {
* Passing {@code null} to the method is a no-op unless the factory
* was already set.
*
* <p>If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param fac the desired factory.
* @throws IOException if an I/O error occurs when setting the
* datagram socket factory.
* @throws SocketException if the factory is already defined.
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't allow the operation.
* @see java.net.DatagramSocketImplFactory#createDatagramSocketImpl()
* @see SecurityManager#checkSetFactory
* @since 1.3
*
* @deprecated Use {@link DatagramChannel}, or subclass {@code DatagramSocket}
@ -1214,12 +1113,6 @@ public class DatagramSocket implements java.io.Closeable {
*
* @throws IOException if an I/O error occurs, or if the socket is closed.
*
* @throws SecurityException if a security manager is set and if the socket
* option requires a security permission and if the caller does
* not have the required permission.
* {@link java.net.StandardSocketOptions StandardSocketOptions}
* do not require any security permission.
*
* @throws NullPointerException if name is {@code null}
*
* @since 9
@ -1246,12 +1139,6 @@ public class DatagramSocket implements java.io.Closeable {
*
* @throws NullPointerException if name is {@code null}
*
* @throws SecurityException if a security manager is set and if the socket
* option requires a security permission and if the caller does
* not have the required permission.
* {@link java.net.StandardSocketOptions StandardSocketOptions}
* do not require any security permission.
*
* @since 9
*/
public <T> T getOption(SocketOption<T> name) throws IOException {
@ -1301,10 +1188,6 @@ public class DatagramSocket implements java.io.Closeable {
* in several different networks. However, if the socket is already a
* member of the group, an {@link IOException} will be thrown.
*
* <p>If there is a security manager, this method first
* calls its {@code checkMulticast} method with the {@code mcastaddr}
* argument as its argument.
*
* @apiNote The default interface for sending outgoing multicast datagrams
* can be configured with {@link #setOption(SocketOption, Object)}
* with {@link StandardSocketOptions#IP_MULTICAST_IF}.
@ -1315,11 +1198,8 @@ public class DatagramSocket implements java.io.Closeable {
* @throws IOException if there is an error joining, or when the address
* is not a multicast address, or the platform does not support
* multicasting, or the socket is closed
* @throws SecurityException if a security manager exists and its
* {@code checkMulticast} method doesn't allow the join.
* @throws IllegalArgumentException if mcastaddr is {@code null} or is a
* SocketAddress subclass not supported by this socket
* @see SecurityManager#checkMulticast(InetAddress)
* @see DatagramChannel#join(InetAddress, NetworkInterface)
* @see StandardSocketOptions#IP_MULTICAST_IF
* @since 17
@ -1332,10 +1212,6 @@ public class DatagramSocket implements java.io.Closeable {
/**
* Leave a multicast group on a specified local interface.
*
* <p>If there is a security manager, this method first
* calls its {@code checkMulticast} method with the
* {@code mcastaddr} argument as its argument.
*
* @apiNote
* The {@code mcastaddr} and {@code netIf} arguments should identify
* a multicast group that was previously {@linkplain
@ -1359,11 +1235,8 @@ public class DatagramSocket implements java.io.Closeable {
* may fail with a {@code SocketException}.
* @throws IOException if there is an error leaving or when the address
* is not a multicast address, or the socket is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkMulticast} method doesn't allow the operation.
* @throws IllegalArgumentException if mcastaddr is {@code null} or is a
* SocketAddress subclass not supported by this socket.
* @see SecurityManager#checkMulticast(InetAddress)
* @see #joinGroup(SocketAddress, NetworkInterface)
* @see StandardSocketOptions#IP_MULTICAST_IF
* @since 17

24
src/java.base/share/classes/java/net/HttpURLConnection.java
View File

@ -50,18 +50,6 @@ import java.util.Date;
* <a href="doc-files/net-properties.html#Proxies">Proxy settings</a> as well as
* <a href="doc-files/net-properties.html#MiscHTTP"> various other settings</a>.
* </P>
* <p>
* <b>Security permissions</b>
* <p>
* If a security manager is installed, and if a method is called which results in an
* attempt to open a connection, the caller must possess either:
* <ul><li>a "connect" {@link SocketPermission} to the host/port combination of the
* destination URL or</li>
* <li>a {@link URLPermission} that permits this request.</li>
* </ul><p>
* If automatic redirection is enabled, and this request is redirected to another
* destination, then the caller must also have permission to connect to the
* redirected host/URL.
*
* @see java.net.HttpURLConnection#disconnect()
* @since 1.1
@ -374,18 +362,9 @@ public abstract class HttpURLConnection extends URLConnection {
/**
* Sets whether HTTP redirects (requests with response code 3xx) should
* be automatically followed by this class. True by default.
* <p>
* If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param set a {@code boolean} indicating whether or not
* to follow HTTP redirects.
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't
* allow the operation.
* @see SecurityManager#checkSetFactory
* @see #getFollowRedirects()
*/
public static void setFollowRedirects(boolean set) {
@ -460,9 +439,6 @@ public abstract class HttpURLConnection extends URLConnection {
* @param method the HTTP method
* @throws ProtocolException if the method cannot be reset or if
* the requested method isn't valid for HTTP.
* @throws SecurityException if a security manager is set and the
* method is "TRACE", but the "allowHttpTrace"
* NetPermission is not granted.
* @see #getRequestMethod()
*/
public void setRequestMethod(String method) throws ProtocolException {

76
src/java.base/share/classes/java/net/InetAddress.java
View File

@ -180,12 +180,8 @@ import static java.net.spi.InetAddressResolver.LookupPolicy.IPV6_FIRST;
* The InetAddress class has a cache to store successful as well as
* unsuccessful host name resolutions.
*
* <p> By default, when a security manager is installed, in order to
* protect against DNS spoofing attacks,
* the result of positive host name resolutions are
* cached forever. When a security manager is not installed, the default
* behavior is to cache entries for a finite (implementation dependent)
* period of time. The result of unsuccessful host
* <p> The default behavior is to cache entries for a finite (implementation
* dependent) period of time. The result of unsuccessful host
* name resolution is cached for a very short period of time (10
* seconds) to improve performance.
*
@ -736,19 +732,9 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* is required, call
* {@link #getCanonicalHostName() getCanonicalHostName}.
*
* <p>If there is a security manager, its
* {@code checkConnect} method is first called
* with the hostname and {@code -1}
* as its arguments to see if the operation is allowed.
* If the operation is not allowed, it will return
* the textual representation of the IP address.
*
* @return the host name for this IP address, or if the operation
* is not allowed by the security check, the textual
* representation of the IP address.
* @return the host name for this IP address
*
* @see InetAddress#getCanonicalHostName
* @see SecurityManager#checkConnect
*/
public String getHostName() {
return getHostName(true);
@ -761,21 +747,11 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* this is package private so SocketPermission can make calls into
* here without a security check.
*
* <p>If there is a security manager, this method first
* calls its {@code checkConnect} method
* with the hostname and {@code -1}
* as its arguments to see if the calling code is allowed to know
* the hostname for this IP address, i.e., to connect to the host.
* If the operation is not allowed, it will return
* the textual representation of the IP address.
*
* @return the host name for this IP address, or if the operation
* is not allowed by the security check, the textual
* representation of the IP address.
*
* @param check make security check if true
*
* @see SecurityManager#checkConnect
*/
String getHostName(boolean check) {
if (holder().getHostName() == null) {
@ -795,22 +771,11 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* domain name, this method returns the {@linkplain #getHostAddress() textual representation}
* of the IP address.
*
* <p>If there is a security manager, this method first
* calls its {@code checkConnect} method
* with the hostname and {@code -1}
* as its arguments to see if the calling code is allowed to know
* the hostname for this IP address, i.e., to connect to the host.
* If the operation is not allowed, it will return
* the textual representation of the IP address.
*
* @return the fully qualified domain name for this IP address.
* If either the operation is not allowed by the security check
* or the system-wide resolver wasn't able to determine the
* If the system-wide resolver wasn't able to determine the
* fully qualified domain name for the IP address, the textual
* representation of the IP address is returned instead.
*
* @see SecurityManager#checkConnect
*
* @since 1.4
*/
public String getCanonicalHostName() {
@ -824,14 +789,6 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
/**
* Returns the fully qualified domain name for the given address.
*
* <p>If there is a security manager, this method first
* calls its {@code checkConnect} method
* with the hostname and {@code -1}
* as its arguments to see if the calling code is allowed to know
* the hostname for the given IP address, i.e., to connect to the host.
* If the operation is not allowed, it will return
* the textual representation of the IP address.
*
* @param check make security check if true
*
* @return the fully qualified domain name for the given IP address.
@ -839,8 +796,6 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* or the system-wide resolver wasn't able to determine the
* fully qualified domain name for the IP address, the textual
* representation of the IP address is returned instead.
*
* @see SecurityManager#checkConnect
*/
private static String getHostFromNameService(InetAddress addr, boolean check) {
String host;
@ -1557,18 +1512,11 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* section&nbsp;2 and <a href="http://www.ietf.org/rfc/rfc2373.txt">RFC&nbsp;2373</a>
* section&nbsp;2.5.3.
*
* <p> If there is a security manager, and {@code host} is not {@code null}
* or {@code host.length() } is not equal to zero, the security manager's
* {@code checkConnect} method is called with the hostname and {@code -1}
* as its arguments to determine if the operation is allowed.
*
* @param host the specified host, or {@code null}.
* @return an IP address for the given host name.
* @throws UnknownHostException if no IP address for the
* {@code host} could be found, or if a scope_id was specified
* for a global IPv6 address.
* @throws SecurityException if a security manager exists
* and its checkConnect method doesn't allow the operation
*
* @spec https://www.rfc-editor.org/info/rfc2373 RFC 2373: IP Version 6 Addressing Architecture
* @spec https://www.rfc-editor.org/info/rfc3330 RFC 3330: Special-Use IPv4 Addresses
@ -1601,23 +1549,15 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* section&nbsp;2 and <a href="http://www.ietf.org/rfc/rfc2373.txt">RFC&nbsp;2373</a>
* section&nbsp;2.5.3. </p>
*
* <p> If there is a security manager, and {@code host} is not {@code null}
* or {@code host.length() } is not equal to zero, the security manager's
* {@code checkConnect} method is called with the hostname and {@code -1}
* as its arguments to determine if the operation is allowed.
*
* @param host the name of the host, or {@code null}.
* @return an array of all the IP addresses for a given host name.
*
* @throws UnknownHostException if no IP address for the
* {@code host} could be found, or if a scope_id was specified
* for a global IPv6 address.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the operation.
*
* @spec https://www.rfc-editor.org/info/rfc2373 RFC 2373: IP Version 6 Addressing Architecture
* @spec https://www.rfc-editor.org/info/rfc3330 RFC 3330: Special-Use IPv4 Addresses
* @see SecurityManager#checkConnect
*/
public static InetAddress[] getAllByName(String host)
throws UnknownHostException {
@ -1874,19 +1814,11 @@ public sealed class InetAddress implements Serializable permits Inet4Address, In
* <P>Note: The resolved address may be cached for a short period of time.
* </P>
*
* <p>If there is a security manager, its
* {@code checkConnect} method is called
* with the local host name and {@code -1}
* as its arguments to see if the operation is allowed.
* If the operation is not allowed, an InetAddress representing
* the loopback address is returned.
*
* @return the address of the local host.
*
* @throws UnknownHostException if the local host name could not
* be resolved into an address.
*
* @see SecurityManager#checkConnect
* @see java.net.InetAddress#getByName(java.lang.String)
*/
public static InetAddress getLocalHost() throws UnknownHostException {

9
src/java.base/share/classes/java/net/InetSocketAddress.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -204,10 +204,6 @@ public class InetSocketAddress
* <p>
* An attempt will be made to resolve the hostname into an InetAddress.
* If that attempt fails, the address will be flagged as <I>unresolved</I>.
* <p>
* If there is a security manager, its {@code checkConnect} method
* is called with the host name as its argument to check the permission
* to resolve it. This could result in a SecurityException.
* <P>
* A valid port value is between 0 and 65535.
* A port number of {@code zero} will let the system pick up an
@ -217,9 +213,6 @@ public class InetSocketAddress
* @param port The port number
* @throws IllegalArgumentException if the port parameter is outside the range
* of valid port values, or if the hostname parameter is {@code null}.
* @throws SecurityException if a security manager is present and
* permission to resolve the host name is
* denied.
* @see #isUnresolved()
*/
public InetSocketAddress(String hostname, int port) {

58
src/java.base/share/classes/java/net/MulticastSocket.java
View File

@ -131,19 +131,12 @@ public class MulticastSocket extends DatagramSocket {
* {@link InetAddress#isAnyLocalAddress wildcard} address.
*
* <p>
* If there is a security manager, its {@code checkListen} method is first
* called with 0 as its argument to ensure the operation is allowed. This
* could result in a SecurityException.
* <p>
* When the socket is created the
* {@link DatagramSocket#setReuseAddress(boolean)} method is called to
* enable the SO_REUSEADDR socket option.
*
* @throws IOException if an I/O exception occurs while creating the
* MulticastSocket
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @see SecurityManager#checkListen
* @see java.net.DatagramSocket#setReuseAddress(boolean)
* @see java.net.DatagramSocketImpl#setOption(SocketOption, Object)
*/
@ -156,11 +149,6 @@ public class MulticastSocket extends DatagramSocket {
* on the local host machine. The socket will be bound to the
* {@link InetAddress#isAnyLocalAddress wildcard} address.
*
* <p>If there is a security manager,
* its {@code checkListen} method is first called
* with the {@code port} argument
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
* <p>
* When the socket is created the
* {@link DatagramSocket#setReuseAddress(boolean)} method is
@ -169,12 +157,9 @@ public class MulticastSocket extends DatagramSocket {
* @param port port to use
* @throws IOException if an I/O exception occurs
* while creating the MulticastSocket
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if port is <a href="DatagramSocket.html#PortRange">
* out of range.</a>
*
* @see SecurityManager#checkListen
* @see java.net.DatagramSocket#setReuseAddress(boolean)
*/
public MulticastSocket(int port) throws IOException {
@ -186,11 +171,6 @@ public class MulticastSocket extends DatagramSocket {
* socket address.
* <p>
* If the address is {@code null} an unbound socket will be created.
*
* <p>If there is a security manager,
* its {@code checkListen} method is first called
* with the SocketAddress port as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
* <p>
* When the socket is created the
* {@link DatagramSocket#setReuseAddress(boolean)} method is
@ -200,9 +180,6 @@ public class MulticastSocket extends DatagramSocket {
* an unbound socket.
* @throws IOException if an I/O exception occurs
* while creating the MulticastSocket
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the operation.
* @see SecurityManager#checkListen
* @see java.net.DatagramSocket#setReuseAddress(boolean)
*
* @since 1.4
@ -299,10 +276,6 @@ public class MulticastSocket extends DatagramSocket {
* Joins a multicast group. Its behavior may be affected by
* {@code setInterface} or {@code setNetworkInterface}.
*
* <p>If there is a security manager, this method first
* calls its {@code checkMulticast} method with the
* {@code mcastaddr} argument as its argument.
*
* @apiNote
* Calling this method is equivalent to calling
* {@link #joinGroup(SocketAddress, NetworkInterface)
@ -312,12 +285,9 @@ public class MulticastSocket extends DatagramSocket {
* @throws IOException if there is an error joining,
* or when the address is not a multicast address,
* or the platform does not support multicasting, or the socket is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkMulticast} method doesn't allow the join.
* @deprecated This method does not accept the network interface on
* which to join the multicast group. Use
* {@link #joinGroup(SocketAddress, NetworkInterface)} instead.
* @see SecurityManager#checkMulticast(InetAddress)
*/
@Deprecated(since="14")
public void joinGroup(InetAddress mcastaddr) throws IOException {
@ -328,10 +298,6 @@ public class MulticastSocket extends DatagramSocket {
* Leave a multicast group. Its behavior may be affected by
* {@code setInterface} or {@code setNetworkInterface}.
*
* <p>If there is a security manager, this method first
* calls its {@code checkMulticast} method with the
* {@code mcastaddr} argument as its argument.
*
* @apiNote
* Calling this method is equivalent to calling
* {@link #leaveGroup(SocketAddress, NetworkInterface)
@ -340,12 +306,9 @@ public class MulticastSocket extends DatagramSocket {
* @param mcastaddr is the multicast address to leave
* @throws IOException if there is an error leaving
* or when the address is not a multicast address, or the socket is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkMulticast} method doesn't allow the operation.
* @deprecated This method does not accept the network interface on which
* to leave the multicast group. Use
* {@link #leaveGroup(SocketAddress, NetworkInterface)} instead.
* @see SecurityManager#checkMulticast(InetAddress)
*/
@Deprecated(since="14")
public void leaveGroup(InetAddress mcastaddr) throws IOException {
@ -355,9 +318,7 @@ public class MulticastSocket extends DatagramSocket {
/**
* {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
* @throws IllegalArgumentException {@inheritDoc}
* @see SecurityManager#checkMulticast(InetAddress)
* @see DatagramChannel#join(InetAddress, NetworkInterface)
* @see StandardSocketOptions#IP_MULTICAST_IF
* @see #setNetworkInterface(NetworkInterface)
@ -374,9 +335,7 @@ public class MulticastSocket extends DatagramSocket {
* {@inheritDoc}
* @apiNote {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
* @throws IllegalArgumentException {@inheritDoc}
* @see SecurityManager#checkMulticast(InetAddress)
* @see #joinGroup(SocketAddress, NetworkInterface)
* @since 1.4
*/
@ -517,18 +476,6 @@ public class MulticastSocket extends DatagramSocket {
* </B> alter the default TTL for the socket. Its behavior may be
* affected by {@code setInterface}.
*
* <p>If there is a security manager, this method first performs some
* security checks. First, if {@code p.getAddress().isMulticastAddress()}
* is true, this method calls the
* security manager's {@code checkMulticast} method
* with {@code p.getAddress()} and {@code ttl} as its arguments.
* If the evaluation of that expression is false,
* this method instead calls the security manager's
* {@code checkConnect} method with arguments
* {@code p.getAddress().getHostAddress()} and
* {@code p.getPort()}. Each call to a security manager method
* could result in a SecurityException if the operation is not allowed.
*
* @param p is the packet to be sent. The packet should contain
* the destination multicast ip address and the data to be sent.
* One does not need to be the member of the group to send
@ -537,9 +484,6 @@ public class MulticastSocket extends DatagramSocket {
* default ttl is 1.
*
* @throws IOException if an I/O error occurs, or the socket is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkMulticast} or {@code checkConnect}
* method doesn't allow the send.
* @throws PortUnreachableException may be thrown if the socket is connected
* to a currently unreachable destination. Note, there is no
* guarantee that the exception will be thrown.
@ -559,8 +503,6 @@ public class MulticastSocket extends DatagramSocket {
*
* @see DatagramSocket#send
* @see DatagramSocket#receive
* @see SecurityManager#checkMulticast(java.net.InetAddress, byte)
* @see SecurityManager#checkConnect
*/
@Deprecated(forRemoval = true, since = "1.4")
public void send(DatagramPacket p, byte ttl)

155
src/java.base/share/classes/java/net/NetPermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -26,9 +26,6 @@
package java.net;
import java.security.*;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.StringTokenizer;
/**
* This class is for various network permissions.
@ -36,150 +33,16 @@ import java.util.StringTokenizer;
* no actions list; you either have the named permission
* or you don't.
* <P>
* The target name is the name of the network permission (see below). The naming
* convention follows the hierarchical property naming convention.
* Also, an asterisk
* may appear at the end of the name, following a ".", or by itself, to
* signify a wildcard match. For example: "foo.*" and "*" signify a wildcard
* The target name is the name of the network permission. The naming convention
* follows the hierarchical property naming convention, typically the reverse
* domain name notation, to avoid name clashes.
* An asterisk may appear at the end of the name, following a ".", or by itself,
* to signify a wildcard match. For example: "foo.*" and "*" signify a wildcard
* match, while "*foo" and "a*b" do not.
* <P>
* The following table lists the standard NetPermission target names,
* and for each provides a description of what the permission allows
* and a discussion of the risks of granting code the permission.
*
* <table class="striped">
* <caption style="display:none">Permission target name, what the permission allows, and associated risks</caption>
* <thead>
* <tr>
* <th scope="col">Permission Target Name</th>
* <th scope="col">What the Permission Allows</th>
* <th scope="col">Risks of Allowing this Permission</th>
* </tr>
* </thead>
* <tbody>
* <tr>
* <th scope="row">allowHttpTrace</th>
* <td>The ability to use the HTTP TRACE method in HttpURLConnection.</td>
* <td>Malicious code using HTTP TRACE could get access to security sensitive
* information in the HTTP headers (such as cookies) that it might not
* otherwise have access to.</td>
* </tr>
*
* <tr>
* <th scope="row">accessUnixDomainSocket</th>
* <td>The ability to accept, bind, connect or get the local address
* of a <i>Unix Domain</i> socket.
* </td>
* <td>Malicious code could connect to local processes using Unix domain sockets
* or impersonate local processes, by binding to the same pathnames (assuming they
* have the required Operating System permissions.</td>
* </tr>
*
* <tr>
* <th scope="row">getCookieHandler</th>
* <td>The ability to get the cookie handler that processes highly
* security sensitive cookie information for an Http session.</td>
* <td>Malicious code can get a cookie handler to obtain access to
* highly security sensitive cookie information. Some web servers
* use cookies to save user private information such as access
* control information, or to track user browsing habit.</td>
* </tr>
*
* <tr>
* <th scope="row">getNetworkInformation</th>
* <td>The ability to retrieve all information about local network interfaces.</td>
* <td>Malicious code can read information about network hardware such as
* MAC addresses, which could be used to construct local IPv6 addresses.</td>
* </tr>
*
* <tr>
* <th scope="row">getProxySelector</th>
* <td>The ability to get the proxy selector used to make decisions
* on which proxies to use when making network connections.</td>
* <td>Malicious code can get a ProxySelector to discover proxy
* hosts and ports on internal networks, which could then become
* targets for attack.</td>
* </tr>
*
* <tr>
* <th scope="row">getResponseCache</th>
* <td>The ability to get the response cache that provides
* access to a local response cache.</td>
* <td>Malicious code getting access to the local response cache
* could access security sensitive information.</td>
* </tr>
*
* <tr>
* <th scope="row">requestPasswordAuthentication</th>
* <td>The ability
* to ask the authenticator registered with the system for
* a password</td>
* <td>Malicious code may steal this password.</td>
* </tr>
*
* <tr>
* <th scope="row">setCookieHandler</th>
* <td>The ability to set the cookie handler that processes highly
* security sensitive cookie information for an Http session.</td>
* <td>Malicious code can set a cookie handler to obtain access to
* highly security sensitive cookie information. Some web servers
* use cookies to save user private information such as access
* control information, or to track user browsing habit.</td>
* </tr>
*
* <tr>
* <th scope="row">setDefaultAuthenticator</th>
* <td>The ability to set the
* way authentication information is retrieved when
* a proxy or HTTP server asks for authentication</td>
* <td>Malicious
* code can set an authenticator that monitors and steals user
* authentication input as it retrieves the input from the user.</td>
* </tr>
*
* <tr>
* <th scope="row">setProxySelector</th>
* <td>The ability to set the proxy selector used to make decisions
* on which proxies to use when making network connections.</td>
* <td>Malicious code can set a ProxySelector that directs network
* traffic to an arbitrary network host.</td>
* </tr>
*
* <tr>
* <th scope="row">setResponseCache</th>
* <td>The ability to set the response cache that provides access to
* a local response cache.</td>
* <td>Malicious code getting access to the local response cache
* could access security sensitive information, or create false
* entries in the response cache.</td>
* </tr>
*
* <tr>
* <th scope="row">setSocketImpl</th>
* <td>The ability to create a sub-class of Socket or ServerSocket with a
* user specified SocketImpl.</td>
* <td>Malicious user-defined SocketImpls can change the behavior of
* Socket and ServerSocket in surprising ways, by virtue of their
* ability to access the protected fields of SocketImpl.</td>
* </tr>
*
* <tr>
* <th scope="row">specifyStreamHandler</th>
* <td>The ability
* to specify a stream handler when constructing a URL</td>
* <td>Malicious code may create a URL with resources that it would
* normally not have access to (like file:/foo/fum/), specifying a
* stream handler that gets the actual bytes from someplace it does
* have access to. Thus it might be able to trick the system into
* creating a ProtectionDomain/CodeSource for a class even though
* that class really didn't come from that location.</td>
* </tr>
* </tbody>
* </table>
*
* @implNote
* Implementations may define additional target names, but should use naming
* conventions such as reverse domain name notation to avoid name clashes.
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @see java.security.BasicPermission
* @see java.security.Permission

25
src/java.base/share/classes/java/net/NetworkInterface.java
View File

@ -120,13 +120,6 @@ public final class NetworkInterface {
/**
* Get an Enumeration with all, or a subset, of the InetAddresses bound to
* this network interface.
* <p>
* If there is a security manager, its {@code checkConnect}
* method is called for each InetAddress. Only InetAddresses where
* the {@code checkConnect} doesn't throw a SecurityException
* will be returned in the Enumeration. However, if the caller has the
* {@link NetPermission}("getNetworkInformation") permission, then all
* InetAddresses are returned.
*
* @implNote
* The returned enumeration contains all, or a subset, of the InetAddresses that were
@ -144,13 +137,6 @@ public final class NetworkInterface {
/**
* Get a Stream of all, or a subset, of the InetAddresses bound to this
* network interface.
* <p>
* If there is a security manager, its {@code checkConnect}
* method is called for each InetAddress. Only InetAddresses where
* the {@code checkConnect} doesn't throw a SecurityException will be
* returned in the Stream. However, if the caller has the
* {@link NetPermission}("getNetworkInformation") permission, then all
* InetAddresses are returned.
*
* @implNote
* The stream contains all, or a subset, of the InetAddresses that were
@ -193,11 +179,6 @@ public final class NetworkInterface {
/**
* Get a List of all, or a subset, of the {@code InterfaceAddresses}
* of this network interface.
* <p>
* If there is a security manager, its {@code checkConnect}
* method is called with the InetAddress for each InterfaceAddress.
* Only InterfaceAddresses where the {@code checkConnect} doesn't throw
* a SecurityException will be returned in the List.
*
* @return a {@code List} object with all, or a subset, of the
* InterfaceAddress of this network interface
@ -567,13 +548,9 @@ public final class NetworkInterface {
/**
* Returns the hardware address (usually MAC) of the interface if it
* has one and if it can be accessed given the current privileges.
* If a security manager is set, then the caller must have
* the permission {@link NetPermission}("getNetworkInformation").
*
* @return a byte array containing the address, or {@code null} if
* the address doesn't exist, is not accessible or a security
* manager is set and the caller does not have the permission
* NetPermission("getNetworkInformation")
* the address doesn't exist or is not accessible
*
* @throws SocketException if an I/O error occurs.
* @since 1.6

9
src/java.base/share/classes/java/net/ProxySelector.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -89,9 +89,6 @@ public abstract class ProxySelector {
/**
* Gets the system-wide proxy selector.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link NetPermission}{@code ("getProxySelector")}
* @see #setDefault(ProxySelector)
* @return the system-wide {@code ProxySelector}
* @since 1.5
@ -113,10 +110,6 @@ public abstract class ProxySelector {
* @param ps The HTTP proxy selector, or
* {@code null} to unset the proxy selector.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link NetPermission}{@code ("setProxySelector")}
*
* @see #getDefault()
* @since 1.5
*/

10
src/java.base/share/classes/java/net/ResponseCache.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2003, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2003, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -79,10 +79,6 @@ public abstract class ResponseCache {
/**
* Gets the system-wide response cache.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link NetPermission}{@code ("getResponseCache")}
*
* @see #setDefault(ResponseCache)
* @return the system-wide {@code ResponseCache}
* @since 1.5
@ -104,10 +100,6 @@ public abstract class ResponseCache {
* @param responseCache The response cache, or
* {@code null} to unset the cache.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link NetPermission}{@code ("setResponseCache")}
*
* @see #getDefault()
* @since 1.5
*/

104
src/java.base/share/classes/java/net/ServerSocket.java
View File

@ -103,9 +103,6 @@ public class ServerSocket implements java.io.Closeable {
*
* @throws NullPointerException if impl is {@code null}.
*
* @throws SecurityException if a security manager is set and
* its {@code checkPermission} method doesn't allow
* {@code NetPermission("setSocketImpl")}.
* @since 12
*/
protected ServerSocket(SocketImpl impl) {
@ -145,26 +142,14 @@ public class ServerSocket implements java.io.Closeable {
* {@linkplain SocketImplFactory#createSocketImpl() createSocketImpl} method
* is called to create the actual socket implementation. Otherwise a system-default
* socket implementation is created.
* <p>
* If there is a security manager,
* its {@code checkListen} method is called
* with the {@code port} argument
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
*
* @param port the port number, or {@code 0} to use a port
* number that is automatically allocated.
*
* @throws IOException if an I/O error occurs when opening the socket.
* @throws SecurityException
* if a security manager exists and its {@code checkListen}
* method doesn't allow the operation.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
*
* @see SecurityManager#checkListen
*/
public ServerSocket(int port) throws IOException {
this(port, 50, null);
@ -188,12 +173,6 @@ public class ServerSocket implements java.io.Closeable {
* {@linkplain SocketImplFactory#createSocketImpl() createSocketImpl} method
* is called to create the actual socket implementation. Otherwise a system-default
* socket implementation is created.
* <p>
* If there is a security manager,
* its {@code checkListen} method is called
* with the {@code port} argument
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
* The {@code backlog} argument is the requested maximum number of
* pending connections on the socket. Its exact semantics are implementation
@ -208,14 +187,9 @@ public class ServerSocket implements java.io.Closeable {
* connections.
*
* @throws IOException if an I/O error occurs when opening the socket.
* @throws SecurityException
* if a security manager exists and its {@code checkListen}
* method doesn't allow the operation.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
*
* @see SecurityManager#checkListen
*/
public ServerSocket(int port, int backlog) throws IOException {
this(port, backlog, null);
@ -234,12 +208,6 @@ public class ServerSocket implements java.io.Closeable {
* This port number can then be retrieved by calling
* {@link #getLocalPort getLocalPort}.
*
* <P>If there is a security manager, this method
* calls its {@code checkListen} method
* with the {@code port} argument
* as its argument to ensure the operation is allowed.
* This could result in a SecurityException.
*
* The {@code backlog} argument is the requested maximum number of
* pending connections on the socket. Its exact semantics are implementation
* specific. In particular, an implementation may impose a maximum length
@ -253,15 +221,10 @@ public class ServerSocket implements java.io.Closeable {
* connections.
* @param bindAddr the local InetAddress the server will bind to
*
* @throws SecurityException if a security manager exists and
* its {@code checkListen} method doesn't allow the operation.
*
* @throws IOException if an I/O error occurs when opening the socket.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
*
* @see SecurityManager#checkListen
* @since 1.1
*/
@SuppressWarnings("this-escape")
@ -330,8 +293,6 @@ public class ServerSocket implements java.io.Closeable {
* @param endpoint The IP address and port number to bind to.
* @throws IOException if the bind operation fails, the socket
* is already bound or the socket is closed.
* @throws SecurityException if a {@code SecurityManager} is present and
* its {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if endpoint is a
* SocketAddress subclass not supported by this socket
* @since 1.4
@ -359,8 +320,6 @@ public class ServerSocket implements java.io.Closeable {
* incoming connections.
* @throws IOException if the bind operation fails, the socket
* is already bound or the socket is closed.
* @throws SecurityException if a {@code SecurityManager} is present and
* its {@code checkListen} method doesn't allow the operation.
* @throws IllegalArgumentException if endpoint is a
* SocketAddress subclass not supported by this socket
* @since 1.4
@ -397,17 +356,9 @@ public class ServerSocket implements java.io.Closeable {
* If the socket was bound prior to being {@link #close closed},
* then this method will continue to return the local address
* after the socket is closed.
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* the {@link InetAddress#getLoopbackAddress loopback} address is returned.
*
* @return the address to which this socket is bound,
* or the loopback address if denied by the security manager,
* or {@code null} if the socket is unbound.
*
* @see SecurityManager#checkConnect
*/
public InetAddress getInetAddress() {
if (!isBound())
@ -458,23 +409,13 @@ public class ServerSocket implements java.io.Closeable {
* If the socket was bound prior to being {@link #close closed},
* then this method will continue to return the address of the endpoint
* after the socket is closed.
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link InetAddress#getLoopbackAddress loopback} address and the local
* port to which the socket is bound is returned.
*
* @return a {@code SocketAddress} representing the local endpoint of
* this socket, or a {@code SocketAddress} representing the
* loopback address if denied by the security manager,
* or {@code null} if the socket is not bound yet.
* this socket, or {@code null} if the socket is not bound yet.
*
* @see #getInetAddress()
* @see #getLocalPort()
* @see #bind(SocketAddress)
* @see SecurityManager#checkConnect
* @since 1.4
*/
public SocketAddress getLocalSocketAddress() {
@ -503,14 +444,6 @@ public class ServerSocket implements java.io.Closeable {
* {@code SocketException} with the interrupt status set.
* </ol>
*
* <p> A new Socket {@code s} is created and, if there
* is a security manager,
* the security manager's {@code checkAccept} method is called
* with {@code s.getInetAddress().getHostAddress()} and
* {@code s.getPort()}
* as its arguments to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @implNote
* An instance of this class using a system-default {@code SocketImpl}
* accepts sockets with a {@code SocketImpl} of the same type, regardless
@ -519,8 +452,6 @@ public class ServerSocket implements java.io.Closeable {
*
* @throws IOException if an I/O error occurs when waiting for a
* connection, the socket is not bound or the socket is closed.
* @throws SecurityException if a security manager exists and its
* {@code checkAccept} method doesn't allow the operation.
* @throws SocketTimeoutException if a timeout was previously set with setSoTimeout and
* the timeout has been reached.
* @throws java.nio.channels.IllegalBlockingModeException
@ -529,7 +460,6 @@ public class ServerSocket implements java.io.Closeable {
* accepted
*
* @return the new Socket
* @see SecurityManager#checkAccept
*/
public Socket accept() throws IOException {
if (isClosed())
@ -681,10 +611,8 @@ public class ServerSocket implements java.io.Closeable {
/**
* Accepts a new connection so that the given SocketImpl is connected to
* the peer. The SocketImpl and connection are closed if the connection is
* denied by the security manager.
* the peer.
* @throws IOException if an I/O error occurs
* @throws SecurityException if the security manager's checkAccept method fails
*/
private void implAccept(SocketImpl si) throws IOException {
assert !(si instanceof DelegatingSocketImpl);
@ -904,14 +832,6 @@ public class ServerSocket implements java.io.Closeable {
/**
* Returns the implementation address and implementation port of
* this socket as a {@code String}.
* <p>
* If there is a security manager set, and this socket is
* {@linkplain #isBound bound}, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* an {@code InetAddress} representing the
* {@link InetAddress#getLoopbackAddress loopback} address is returned as
* the implementation address.
*
* @return a string representation of this socket.
*/
@ -943,20 +863,12 @@ public class ServerSocket implements java.io.Closeable {
* <p>
* Passing {@code null} to the method is a no-op unless the factory
* was already set.
* <p>
* If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param fac the desired factory.
* @throws IOException if an I/O error occurs when setting the
* socket factory.
* @throws SocketException if the factory has already been defined.
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't allow the operation.
* @see java.net.SocketImplFactory#createSocketImpl()
* @see SecurityManager#checkSetFactory
* @deprecated Use a {@link javax.net.ServerSocketFactory} and subclass {@code ServerSocket}
* directly.
* <br> This method provided a way in early JDK releases to replace the
@ -1112,12 +1024,6 @@ public class ServerSocket implements java.io.Closeable {
*
* @throws NullPointerException if name is {@code null}
*
* @throws SecurityException if a security manager is set and if the socket
* option requires a security permission and if the caller does
* not have the required permission.
* {@link java.net.StandardSocketOptions StandardSocketOptions}
* do not require any security permission.
*
* @since 9
*/
public <T> ServerSocket setOption(SocketOption<T> name, T value)
@ -1145,12 +1051,6 @@ public class ServerSocket implements java.io.Closeable {
*
* @throws NullPointerException if name is {@code null}
*
* @throws SecurityException if a security manager is set and if the socket
* option requires a security permission and if the caller does
* not have the required permission.
* {@link java.net.StandardSocketOptions StandardSocketOptions}
* do not require any security permission.
*
* @since 9
*/
public <T> T getOption(SocketOption<T> name) throws IOException {

106
src/java.base/share/classes/java/net/Socket.java
View File

@ -185,10 +185,6 @@ public class Socket implements java.io.Closeable {
* Creates an unconnected socket, specifying the type of proxy, if any,
* that should be used regardless of any other settings.
* <P>
* If there is a security manager, its {@code checkConnect} method
* is called with the proxy host address and port number
* as its arguments. This could result in a SecurityException.
* <P>
* Examples:
* <UL> <LI>{@code Socket s = new Socket(Proxy.NO_PROXY);} will create
* a plain socket ignoring any other proxy configuration.</LI>
@ -201,9 +197,6 @@ public class Socket implements java.io.Closeable {
* of proxying should be used.
* @throws IllegalArgumentException if the proxy is of an invalid type
* or {@code null}.
* @throws SecurityException if a security manager is present and
* permission to connect to the proxy is
* denied.
* @see java.net.ProxySelector
* @see java.net.Proxy
*
@ -263,9 +256,6 @@ public class Socket implements java.io.Closeable {
* @throws SocketException if there is an error in the underlying protocol,
* such as a TCP error.
*
* @throws SecurityException if {@code impl} is non-null and a security manager is set
* and its {@code checkPermission} method doesn't allow {@code NetPermission("setSocketImpl")}.
*
* @since 1.1
*/
protected Socket(SocketImpl impl) throws SocketException {
@ -298,11 +288,6 @@ public class Socket implements java.io.Closeable {
* {@linkplain SocketImplFactory#createSocketImpl() createSocketImpl}
* method is called to create the actual socket implementation. Otherwise
* a system-default socket implementation is created.
* <p>
* If there is a security manager, its
* {@code checkConnect} method is called
* with the host address and {@code port}
* as its arguments. This could result in a SecurityException.
*
* @param host the host name, or {@code null} for the loopback address.
* @param port the port number.
@ -311,12 +296,9 @@ public class Socket implements java.io.Closeable {
* the host could not be determined.
*
* @throws IOException if an I/O error occurs when creating the socket.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the operation.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
* @see SecurityManager#checkConnect
*/
@SuppressWarnings("this-escape")
public Socket(String host, int port)
@ -336,22 +318,14 @@ public class Socket implements java.io.Closeable {
* {@linkplain SocketImplFactory#createSocketImpl() createSocketImpl}
* method is called to create the actual socket implementation. Otherwise
* a system-default socket implementation is created.
* <p>
* If there is a security manager, its
* {@code checkConnect} method is called
* with the host address and {@code port}
* as its arguments. This could result in a SecurityException.
*
* @param address the IP address.
* @param port the port number.
* @throws IOException if an I/O error occurs when creating the socket.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the operation.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
* @throws NullPointerException if {@code address} is null.
* @see SecurityManager#checkConnect
*/
@SuppressWarnings("this-escape")
public Socket(InetAddress address, int port) throws IOException {
@ -372,11 +346,6 @@ public class Socket implements java.io.Closeable {
* <p>
* A local port number of {@code zero} will let the system pick up a
* free port in the {@code bind} operation.</p>
* <p>
* If there is a security manager, its
* {@code checkConnect} method is called
* with the host address and {@code port}
* as its arguments. This could result in a SecurityException.
*
* @param host the name of the remote host, or {@code null} for the loopback address.
* @param port the remote port
@ -385,14 +354,9 @@ public class Socket implements java.io.Closeable {
* @param localPort the local port the socket is bound to, or
* {@code zero} for a system selected free port.
* @throws IOException if an I/O error occurs when creating the socket.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the connection
* to the destination, or if its {@code checkListen} method
* doesn't allow the bind to the local port.
* @throws IllegalArgumentException if the port parameter or localPort
* parameter is outside the specified range of valid port values,
* which is between 0 and 65535, inclusive.
* @see SecurityManager#checkConnect
* @since 1.1
*/
@SuppressWarnings("this-escape")
@ -414,11 +378,6 @@ public class Socket implements java.io.Closeable {
* <p>
* A local port number of {@code zero} will let the system pick up a
* free port in the {@code bind} operation.</p>
* <p>
* If there is a security manager, its
* {@code checkConnect} method is called
* with the host address and {@code port}
* as its arguments. This could result in a SecurityException.
*
* @param address the remote address
* @param port the remote port
@ -427,15 +386,10 @@ public class Socket implements java.io.Closeable {
* @param localPort the local port the socket is bound to or
* {@code zero} for a system selected free port.
* @throws IOException if an I/O error occurs when creating the socket.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the connection
* to the destination, or if its {@code checkListen} method
* doesn't allow the bind to the local port.
* @throws IllegalArgumentException if the port parameter or localPort
* parameter is outside the specified range of valid port values,
* which is between 0 and 65535, inclusive.
* @throws NullPointerException if {@code address} is null.
* @see SecurityManager#checkConnect
* @since 1.1
*/
@SuppressWarnings("this-escape")
@ -465,11 +419,6 @@ public class Socket implements java.io.Closeable {
* method is called to create the actual socket implementation. Otherwise
* a system-default socket implementation is created.
* <p>
* If there is a security manager, its
* {@code checkConnect} method is called
* with the host address and {@code port}
* as its arguments. This could result in a SecurityException.
* <p>
* If a UDP socket is used, TCP/IP related socket options will not apply.
*
* @param host the host name, or {@code null} for the loopback address.
@ -477,12 +426,9 @@ public class Socket implements java.io.Closeable {
* @param stream a {@code boolean} indicating whether this is
* a stream socket or a datagram socket.
* @throws IOException if an I/O error occurs when creating the socket.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the operation.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
* @see SecurityManager#checkConnect
* @deprecated Use {@link DatagramSocket} instead for UDP transport.
*/
@Deprecated(forRemoval = true, since = "1.1")
@ -506,11 +452,6 @@ public class Socket implements java.io.Closeable {
* {@linkplain SocketImplFactory#createSocketImpl() createSocketImpl}
* method is called to create the actual socket implementation. Otherwise
* a system-default socket implementation is created.
*
* <p>If there is a security manager, its
* {@code checkConnect} method is called
* with {@code host.getHostAddress()} and {@code port}
* as its arguments. This could result in a SecurityException.
* <p>
* If UDP socket is used, TCP/IP related socket options will not apply.
*
@ -519,13 +460,10 @@ public class Socket implements java.io.Closeable {
* @param stream if {@code true}, create a stream socket;
* otherwise, create a datagram socket.
* @throws IOException if an I/O error occurs when creating the socket.
* @throws SecurityException if a security manager exists and its
* {@code checkConnect} method doesn't allow the operation.
* @throws IllegalArgumentException if the port parameter is outside
* the specified range of valid port values, which is between
* 0 and 65535, inclusive.
* @throws NullPointerException if {@code host} is null.
* @see SecurityManager#checkConnect
* @deprecated Use {@link DatagramSocket} instead for UDP transport.
*/
@Deprecated(forRemoval = true, since = "1.1")
@ -783,9 +721,6 @@ public class Socket implements java.io.Closeable {
* is already bound or the socket is closed.
* @throws IllegalArgumentException if bindpoint is a
* SocketAddress subclass not supported by this socket
* @throws SecurityException if a security manager exists and its
* {@code checkListen} method doesn't allow the bind
* to the local port.
*
* @since 1.4
* @see #isBound
@ -848,18 +783,10 @@ public class Socket implements java.io.Closeable {
/**
* Gets the local address to which the socket is bound.
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* the {@link InetAddress#getLoopbackAddress loopback} address is returned.
*
* @return the local address to which the socket is bound,
* the loopback address if denied by the security manager, or
* @return the local address to which the socket is bound, or
* the wildcard address if the socket is closed or not bound yet.
* @since 1.1
*
* @see SecurityManager#checkConnect
*/
public InetAddress getLocalAddress() {
// This is for backward compatibility
@ -957,23 +884,13 @@ public class Socket implements java.io.Closeable {
* {@code InetSocketAddress}'s address is the
* {@link InetAddress#isAnyLocalAddress wildcard} address
* and its port is the local port that it was bound to.
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link InetAddress#getLoopbackAddress loopback} address and the local
* port to which this socket is bound is returned.
*
* @return a {@code SocketAddress} representing the local endpoint of
* this socket, or a {@code SocketAddress} representing the
* loopback address if denied by the security manager, or
* {@code null} if the socket is not bound yet.
* this socket, or {@code null} if the socket is not bound yet.
*
* @see #getLocalAddress()
* @see #getLocalPort()
* @see #bind(SocketAddress)
* @see SecurityManager#checkConnect
* @since 1.4
*/
public SocketAddress getLocalSocketAddress() {
@ -1915,19 +1832,12 @@ public class Socket implements java.io.Closeable {
* <p>
* Passing {@code null} to the method is a no-op unless the factory
* was already set.
* <p>If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param fac the desired factory.
* @throws IOException if an I/O error occurs when setting the
* socket factory.
* @throws SocketException if the factory is already defined.
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't allow the operation.
* @see java.net.SocketImplFactory#createSocketImpl()
* @see SecurityManager#checkSetFactory
* @deprecated Use a {@link javax.net.SocketFactory} and subclass {@code Socket}
* directly.
* <br> This method provided a way in early JDK releases to replace the
@ -2018,12 +1928,6 @@ public class Socket implements java.io.Closeable {
*
* @throws NullPointerException if name is {@code null}
*
* @throws SecurityException if a security manager is set and if the socket
* option requires a security permission and if the caller does
* not have the required permission.
* {@link java.net.StandardSocketOptions StandardSocketOptions}
* do not require any security permission.
*
* @since 9
*/
public <T> Socket setOption(SocketOption<T> name, T value) throws IOException {
@ -2049,12 +1953,6 @@ public class Socket implements java.io.Closeable {
*
* @throws NullPointerException if name is {@code null}
*
* @throws SecurityException if a security manager is set and if the socket
* option requires a security permission and if the caller does
* not have the required permission.
* {@link java.net.StandardSocketOptions StandardSocketOptions}
* do not require any security permission.
*
* @since 9
*/
public <T> T getOption(SocketOption<T> name) throws IOException {

26
src/java.base/share/classes/java/net/SocketPermission.java
View File

@ -111,30 +111,10 @@ import sun.security.util.Debug;
* The action "resolve" refers to host/ip name service lookups.
* <P>
* The actions string is converted to lowercase before processing.
* <p>As an example of the creation and meaning of SocketPermissions,
* note that if the following permission:
*
* <pre>
* p1 = new SocketPermission("foo.example.com:7777", "connect,accept");
* </pre>
*
* is granted to some code, it allows that code to connect to port 7777 on
* {@code foo.example.com}, and to accept connections on that port.
*
* <p>Similarly, if the following permission:
*
* <pre>
* p2 = new SocketPermission("localhost:1024-", "accept,connect,listen");
* </pre>
*
* is granted to some code, it allows that code to
* accept connections on, connect to, or listen on any port between
* 1024 and 65535 on the local host.
*
* <p>Note: Granting code permission to accept or make connections to remote
* hosts may be dangerous because malevolent code can then more easily
* transfer and share confidential data among parties who may not
* otherwise have access to the data.
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @spec https://www.rfc-editor.org/info/rfc2732
* RFC 2732: Format for Literal IPv6 Addresses in URL's

35
src/java.base/share/classes/java/net/URL.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -459,12 +459,6 @@ public final class URL implements java.io.Serializable {
* {@link java.net.URL#URL(java.lang.String, java.lang.String, int,
* java.lang.String)}
*
* <p>If the handler is not null and there is a security manager,
* the security manager's {@code checkPermission}
* method is called with a
* {@code NetPermission("specifyStreamHandler")} permission.
* This may result in a SecurityException.
*
* No validation of the inputs is performed by this constructor.
*
* @param protocol the name of the protocol to use.
@ -476,18 +470,12 @@ public final class URL implements java.io.Serializable {
* is a negative number other than -1,
* or if the underlying stream handler implementation
* rejects, or is known to reject, the {@code URL}
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* specifying a stream handler explicitly.
* @see java.lang.System#getProperty(java.lang.String)
* @see java.net.URL#setURLStreamHandlerFactory(
* java.net.URLStreamHandlerFactory)
* @see java.net.URLStreamHandler
* @see java.net.URLStreamHandlerFactory#createURLStreamHandler(
* java.lang.String)
* @see SecurityManager#checkPermission
* @see java.net.NetPermission
* @deprecated
* Use {@link #of(URI, URLStreamHandler)} to construct an instance of URL
* associated with a custom protocol handler.
@ -673,10 +661,6 @@ public final class URL implements java.io.Serializable {
* underlying stream handler's {@linkplain
* URLStreamHandler#parseURL(URL, String, int, int)
* parseURL method} throws {@code IllegalArgumentException}
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* specifying a stream handler.
* @see java.net.URL#URL(java.lang.String, java.lang.String,
* int, java.lang.String)
* @see java.net.URLStreamHandler
@ -847,11 +831,6 @@ public final class URL implements java.io.Serializable {
* URLStreamHandler#parseURL(URL, String, int, int)
* parseURL method} throws {@code IllegalArgumentException}
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* specifying a stream handler
*
* @see java.net.URI#toURL()
*
* @since 20
@ -1272,9 +1251,6 @@ public final class URL implements java.io.Serializable {
* Proxy.NO_PROXY should be specified.
* @return a {@code URLConnection} to the URL.
* @throws IOException if an I/O exception occurs.
* @throws SecurityException if a security manager is present
* and the caller doesn't have permission to connect
* to the proxy.
* @throws IllegalArgumentException will be thrown if proxy is null,
* or proxy has the wrong type
* @throws UnsupportedOperationException if the subclass that
@ -1371,20 +1347,11 @@ public final class URL implements java.io.Serializable {
*<p> The {@code URLStreamHandlerFactory} instance is used to
*construct a stream protocol handler from a protocol name.
*
* <p> If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param fac the desired factory.
* @throws Error if the application has already set a factory.
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't allow
* the operation.
* @see java.net.URL#URL(java.lang.String, java.lang.String,
* int, java.lang.String)
* @see java.net.URLStreamHandlerFactory
* @see SecurityManager#checkSetFactory
*/
public static void setURLStreamHandlerFactory(URLStreamHandlerFactory fac) {
synchronized (streamHandlerLock) {

68
src/java.base/share/classes/java/net/URLClassLoader.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1997, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1997, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -68,13 +68,6 @@ import sun.security.util.SecurityConstants;
* This class loader supports the loading of classes and resources from the
* contents of a <a href="../util/jar/JarFile.html#multirelease">multi-release</a>
* JAR file that is referred to by a given URL.
* <p>
* The AccessControlContext of the thread that created the instance of
* URLClassLoader will be used when subsequently loading classes and
* resources.
* <p>
* The classes that are loaded are by default granted permission only to
* access the URLs specified when the URLClassLoader was created.
*
* @author David Connelly
* @since 1.2
@ -96,18 +89,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* the URL is assumed to refer to a JAR file which will be downloaded and
* opened as needed.
*
* <p>If there is a security manager, this method first
* calls the security manager's {@code checkCreateClassLoader} method
* to ensure creation of a class loader is allowed.
*
* @param urls the URLs from which to load classes and resources
* @param parent the parent class loader for delegation
* @throws SecurityException if a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow
* creation of a class loader.
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
* @see SecurityManager#checkCreateClassLoader
*/
@SuppressWarnings("removal")
public URLClassLoader(URL[] urls, ClassLoader parent) {
@ -132,18 +117,10 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* assumed to refer to a JAR file which will be downloaded and opened
* as needed.
*
* <p>If there is a security manager, this method first
* calls the security manager's {@code checkCreateClassLoader} method
* to ensure creation of a class loader is allowed.
*
* @param urls the URLs from which to load classes and resources
*
* @throws SecurityException if a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow
* creation of a class loader.
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
* @see SecurityManager#checkCreateClassLoader
*/
@SuppressWarnings("removal")
public URLClassLoader(URL[] urls) {
@ -165,20 +142,12 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* factory argument will be used as the stream handler factory to
* obtain protocol handlers when creating new jar URLs.
*
* <p>If there is a security manager, this method first
* calls the security manager's {@code checkCreateClassLoader} method
* to ensure creation of a class loader is allowed.
*
* @param urls the URLs from which to load classes and resources
* @param parent the parent class loader for delegation
* @param factory the URLStreamHandlerFactory to use when creating URLs
*
* @throws SecurityException if a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow
* creation of a class loader.
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
* @see SecurityManager#checkCreateClassLoader
*/
@SuppressWarnings("removal")
public URLClassLoader(URL[] urls, ClassLoader parent,
@ -205,10 +174,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
*
* @throws SecurityException if a security manager exists and its
* {@link SecurityManager#checkCreateClassLoader()} method doesn't
* allow creation of a class loader.
*
* @since 9
*/
@SuppressWarnings("removal")
@ -236,10 +201,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* @throws NullPointerException if {@code urls} or any of its
* elements is {@code null}.
*
* @throws SecurityException if a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow
* creation of a class loader.
*
* @since 9
*/
@SuppressWarnings("removal")
@ -335,9 +296,6 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* is caught, then the second and following exceptions are added
* as suppressed exceptions of the first one caught, which is then re-thrown.
*
* @throws SecurityException if a security manager is set, and it denies
* {@link RuntimePermission}{@code ("closeClassLoader")}
*
* @since 1.7
*/
public void close() throws IOException {
@ -689,24 +647,24 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
* The implementation of this method first calls super.getPermissions
* and then adds permissions based on the URL of the codesource.
* <p>
* If the protocol of this URL is "jar", then the permission granted
* If the protocol of this URL is "jar", then the permission returned
* is based on the permission that is required by the URL of the Jar
* file.
* <p>
* If the protocol is "file" and there is an authority component, then
* permission to connect to and accept connections from that authority
* may be granted. If the protocol is "file"
* may be returned. If the protocol is "file"
* and the path specifies a file, then permission to read that
* file is granted. If protocol is "file" and the path is
* a directory, permission is granted to read all files
* file is returned. If protocol is "file" and the path is
* a directory, then permission is returned to read all files
* and (recursively) all files and subdirectories contained in
* that directory.
* <p>
* If the protocol is not "file", then permission
* to connect to and accept connections from the URL's host is granted.
* to connect to and accept connections from the URL's host is returned.
* @param codesource the codesource
* @throws NullPointerException if {@code codesource} is {@code null}.
* @return the permissions granted to the codesource
* @return the permissions for the codesource
*/
@SuppressWarnings("removal")
protected PermissionCollection getPermissions(CodeSource codesource)
@ -778,11 +736,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
/**
* Creates a new instance of URLClassLoader for the specified
* URLs and parent class loader. If a security manager is
* installed, the {@code loadClass} method of the URLClassLoader
* returned by this method will invoke the
* {@code SecurityManager.checkPackageAccess} method before
* loading the class.
* URLs and parent class loader.
*
* @param urls the URLs to search for classes and resources
* @param parent the parent class loader for delegation
@ -808,11 +762,7 @@ public class URLClassLoader extends SecureClassLoader implements Closeable {
/**
* Creates a new instance of URLClassLoader for the specified
* URLs and default parent class loader. If a security manager is
* installed, the {@code loadClass} method of the URLClassLoader
* returned by this method will invoke the
* {@code SecurityManager.checkPackageAccess} before
* loading the class.
* URLs and default parent class loader.
*
* @param urls the URLs to search for classes and resources
* @throws NullPointerException if {@code urls} or any of its

18
src/java.base/share/classes/java/net/URLConnection.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1995, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -322,16 +322,8 @@ public abstract class URLConnection {
/**
* Sets the FileNameMap.
* <p>
* If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param map the FileNameMap to be set
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't allow the operation.
* @see SecurityManager#checkSetFactory
* @see #getFileNameMap()
* @since 1.2
*/
@ -1283,19 +1275,11 @@ public abstract class URLConnection {
* <p>
* The {@code ContentHandlerFactory} instance is used to
* construct a content handler from a content type.
* <p>
* If there is a security manager, this method first calls
* the security manager's {@code checkSetFactory} method
* to ensure the operation is allowed.
* This could result in a SecurityException.
*
* @param fac the desired factory.
* @throws Error if the factory has already been defined.
* @throws SecurityException if a security manager exists and its
* {@code checkSetFactory} method doesn't allow the operation.
* @see java.net.ContentHandlerFactory
* @see java.net.URLConnection#getContent()
* @see SecurityManager#checkSetFactory
*/
public static synchronized void setContentHandlerFactory(ContentHandlerFactory fac) {
if (factory != null) {

13
src/java.base/share/classes/java/net/URLPermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2013, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -142,12 +142,11 @@ import java.util.Objects;
* method names to upper-case and header names to the form defines in RFC2616 (lower case
* with initial letter of each word capitalized). Either list can contain a wild-card '*'
* character which signifies all request methods or headers respectively.
* <p>
* Note. Depending on the context of use, some request methods and headers may be permitted
* at all times, and others may not be permitted at any time. For example, the
* HTTP protocol handler might disallow certain headers such as Content-Length
* from being set by application code, regardless of whether the security policy
* in force, permits it.
*
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
*
* @spec https://www.rfc-editor.org/info/rfc2296
* RFC 2296: HTTP Remote Variant Selection Algorithm -- RVSA/1.0

5
src/java.base/share/classes/java/net/spi/InetAddressResolverProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2021, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2021, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -110,9 +110,6 @@ public abstract class InetAddressResolverProvider {
/**
* Creates a new instance of {@code InetAddressResolverProvider}.
*
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("inetAddressResolverProvider")}.
* @implNote It is recommended that an {@code InetAddressResolverProvider} service
* implementation initialization should be as simple as possible, in order to avoid
* possible risks of deadlock or class loading cycles during the instantiation of the

6
src/java.base/share/classes/java/net/spi/URLStreamHandlerProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2015, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2015, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -60,10 +60,6 @@ public abstract class URLStreamHandlerProvider
/**
* Initializes a new URL stream handler provider.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("setFactory")}.
*/
protected URLStreamHandlerProvider() {
this(checkPermission());

16
src/java.base/share/classes/java/nio/channels/AsynchronousFileChannel.java
View File

@ -240,14 +240,6 @@ public abstract class AsynchronousFileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*/
public static AsynchronousFileChannel open(Path file,
Set<? extends OpenOption> options,
@ -301,14 +293,6 @@ public abstract class AsynchronousFileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*/
public static AsynchronousFileChannel open(Path file, OpenOption... options)
throws IOException

27
src/java.base/share/classes/java/nio/channels/AsynchronousServerSocketChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -188,7 +188,6 @@ public abstract class AsynchronousServerSocketChannel
*
* @throws AlreadyBoundException {@inheritDoc}
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
*/
@ -225,9 +224,6 @@ public abstract class AsynchronousServerSocketChannel
* If the socket is already bound
* @throws UnsupportedAddressTypeException
* If the type of the given address is not supported
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies the operation
* @throws ClosedChannelException
* If the channel is closed
* @throws IOException
@ -265,14 +261,6 @@ public abstract class AsynchronousServerSocketChannel
* connection is accepted immediately (see <a
* href="AsynchronousChannelGroup.html#threading">Threading</a>).
*
* <p> If a security manager has been installed then it verifies that the
* address and port number of the connection's remote endpoint are permitted
* by the security manager's {@link SecurityManager#checkAccept checkAccept}
* method. The permission check is performed with privileges that are restricted
* by the calling context of this method. If the permission check fails then
* the connection is closed and the operation completes with a {@link
* SecurityException}.
*
* @param <A>
* The type of the attachment
* @param attachment
@ -312,18 +300,9 @@ public abstract class AsynchronousServerSocketChannel
/**
* {@inheritDoc}
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address if
* denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

31
src/java.base/share/classes/java/nio/channels/AsynchronousSocketChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -205,10 +205,6 @@ public abstract class AsynchronousSocketChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and its
* {@link SecurityManager#checkListen checkListen} method denies
* the operation
*/
@Override
public abstract AsynchronousSocketChannel bind(SocketAddress local)
@ -295,12 +291,6 @@ public abstract class AsynchronousSocketChannel
* established. If the connection cannot be established then the channel is
* closed.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.Socket} class. That is, if a security manager has been
* installed then this method verifies that its {@link
* java.lang.SecurityManager#checkConnect checkConnect} method permits
* connecting to the address and port number of the given remote endpoint.
*
* @param <A>
* The type of the attachment
* @param remote
@ -320,9 +310,6 @@ public abstract class AsynchronousSocketChannel
* If a connection operation is already in progress on this channel
* @throws ShutdownChannelGroupException
* If the channel group has terminated
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*
* @see #getRemoteAddress
*/
@ -353,9 +340,6 @@ public abstract class AsynchronousSocketChannel
* If this channel is already connected
* @throws ConnectionPendingException
* If a connection operation is already in progress on this channel
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*/
public abstract Future<Void> connect(SocketAddress remote);
@ -674,18 +658,9 @@ public abstract class AsynchronousSocketChannel
/**
* {@inheritDoc}
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address if
* denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

81
src/java.base/share/classes/java/nio/channels/DatagramChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -44,11 +44,10 @@ import static java.util.Objects.requireNonNull;
* connected. A datagram channel need not be connected in order for the {@link #send
* send} and {@link #receive receive} methods to be used. A datagram channel may be
* connected, by invoking its {@link #connect connect} method, in order to
* avoid the overhead of the security checks are otherwise performed as part of
* every send and receive operation. A datagram channel must be connected in
* order to use the {@link #read(java.nio.ByteBuffer) read} and {@link
* #write(java.nio.ByteBuffer) write} methods, since those methods do not
* accept or return socket addresses.
* avoid the overhead of checks performed as part of every send and receive operation.
* A datagram channel must be connected in order to use the {@link
* #read(java.nio.ByteBuffer) read} and {@link #write(java.nio.ByteBuffer) write}
* methods, since those methods do not accept or return socket addresses.
*
* <p> Once connected, a datagram channel remains connected until it is
* disconnected or closed. Whether or not a datagram channel is connected may
@ -220,10 +219,6 @@ public abstract class DatagramChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies the
* operation
*
* @since 1.7
*/
@ -268,18 +263,6 @@ public abstract class DatagramChannel
* this method, may be discarded. The channel's socket remains connected
* until it is explicitly disconnected or until it is closed.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.DatagramSocket#connect connect} method of the {@link
* java.net.DatagramSocket} class. That is, if a security manager has been
* installed then this method verifies that its {@link
* java.lang.SecurityManager#checkAccept checkAccept} and {@link
* java.lang.SecurityManager#checkConnect checkConnect} methods permit
* datagrams to be received from and sent to, respectively, the given
* remote address. Once connected, no further security checks are performed
* for datagrams received from, or sent to, the given remote address. Care
* should be taken to ensure that a connected datagram channel is not shared
* with untrusted code.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a read or write operation upon this channel, then an
* invocation of this method will block until any such operation is
@ -315,12 +298,6 @@ public abstract class DatagramChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed and it does not
* permit access to the given remote address, or if unbound,
* the security manager {@link SecurityManager#checkListen checkListen}
* method denies the operation
*
* @throws IOException
* If some other I/O error occurs
*/
@ -331,8 +308,7 @@ public abstract class DatagramChannel
* Disconnects this channel's socket.
*
* <p> The channel's socket is configured so that it can receive datagrams
* from, and sends datagrams to, any remote address so long as the security
* manager, if installed, permits it.
* from, and sends datagrams to, any remote address.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a read or write operation upon this channel, then an
@ -384,17 +360,6 @@ public abstract class DatagramChannel
* are fewer bytes remaining in the buffer than are required to hold the
* datagram then the remainder of the datagram is silently discarded.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.DatagramSocket#receive receive} method of the {@link
* java.net.DatagramSocket} class. That is, if the socket is not connected
* to a specific remote address and a security manager has been installed
* then for each datagram received this method verifies that the source's
* address and port number are permitted by the security manager's {@link
* java.lang.SecurityManager#checkAccept checkAccept} method. Datagrams
* that are not permitted by the security manager are silently discarded.
* The overhead of this security check can be avoided by first connecting
* the socket via the {@link #connect connect} method.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a read operation upon this channel, however, then an
* invocation of this method will block until the first operation is
@ -426,11 +391,6 @@ public abstract class DatagramChannel
* closing the channel and setting the current thread's
* interrupt status
*
* @throws SecurityException
* If unbound, and a security manager has been installed and
* its {@link SecurityManager#checkListen checkListen} method
* denies the operation
*
* @throws IOException
* If some other I/O error occurs
*/
@ -448,16 +408,6 @@ public abstract class DatagramChannel
* <p> The datagram is transferred from the byte buffer as if by a regular
* {@link WritableByteChannel#write(java.nio.ByteBuffer) write} operation.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.DatagramSocket#send send} method of the {@link
* java.net.DatagramSocket} class. That is, if the socket is not connected
* to a specific remote address and a security manager has been installed
* then for each datagram sent this method verifies that the target address
* and port number are permitted by the security manager's {@link
* java.lang.SecurityManager#checkConnect checkConnect} method. The
* overhead of this security check can be avoided by first connecting the
* socket via the {@link #connect connect} method.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a write operation upon this channel, however, then an
* invocation of this method will block until the first operation is
@ -501,12 +451,6 @@ public abstract class DatagramChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed and it does not permit
* datagrams to be sent to the given address, or if unbound, and
* the security manager's {@link SecurityManager#checkListen checkListen}
* method denies the operation
*
* @throws IOException
* If some other I/O error occurs
*/
@ -651,18 +595,9 @@ public abstract class DatagramChannel
* datagrams sent via this channel instead of the wildcard address.
* When {@link #disconnect} is called, the bound address reverts
* to the wildcard address.
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address if
* denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

16
src/java.base/share/classes/java/nio/channels/FileChannel.java
View File

@ -289,14 +289,6 @@ public abstract class FileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*
* @since 1.7
*/
@ -345,14 +337,6 @@ public abstract class FileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*
* @since 1.7
*/

10
src/java.base/share/classes/java/nio/channels/MulticastChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -182,10 +182,6 @@ public interface MulticastChannel
* If this channel is closed
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is set, and its
* {@link SecurityManager#checkMulticast(InetAddress) checkMulticast}
* method denies access to the multicast group
*/
MembershipKey join(InetAddress group, NetworkInterface interf)
throws IOException;
@ -231,10 +227,6 @@ public interface MulticastChannel
* If this channel is closed
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is set, and its
* {@link SecurityManager#checkMulticast(InetAddress) checkMulticast}
* method denies access to the multicast group
*/
MembershipKey join(InetAddress group, NetworkInterface interf, InetAddress source)
throws IOException;

6
src/java.base/share/classes/java/nio/channels/NetworkChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -77,10 +77,6 @@ public interface NetworkChannel
* If the channel is closed
* @throws IOException
* If some other I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission. An implementation of this interface should specify
* any required permissions.
*
* @see #getLocalAddress
*/

48
src/java.base/share/classes/java/nio/channels/ServerSocketChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -212,9 +212,6 @@ public abstract class ServerSocketChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and it denies the
* operation
*
* @since 1.7
*/
@ -275,12 +272,6 @@ public abstract class ServerSocketChannel
* If this channel is closed
* @throws IOException
* If some other I/O error occurs
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies
* the operation for an <i>Internet protocol</i> socket address,
* or for a <i>Unix domain</i> socket address if it denies
* {@link NetPermission}{@code("accessUnixDomainSocket")}.
*
* @since 1.7
*/
@ -322,16 +313,6 @@ public abstract class ServerSocketChannel
* <p> The socket channel returned by this method, if any, will be in
* blocking mode regardless of the blocking mode of this channel.
*
* <p> If bound to an <i>Internet protocol</i> socket address, this method
* performs exactly the same security checks as the {@link
* java.net.ServerSocket#accept accept} method of the {@link java.net.ServerSocket}
* class. That is, if a security manager has been installed then for each
* new connection this method verifies that the address and port number
* of the connection's remote endpoint are permitted by the security
* manager's {@link java.lang.SecurityManager#checkAccept checkAccept}
* method. If bound to a <i>Unix Domain</i> socket address, this method checks
* {@link NetPermission}{@code ("accessUnixDomainSocket")}.
*
* @return The socket channel for the new connection,
* or {@code null} if this channel is in non-blocking mode
* and no connection is available to be accepted
@ -352,14 +333,6 @@ public abstract class ServerSocketChannel
* @throws NotYetBoundException
* If this channel's socket has not yet been bound
*
* @throws SecurityException
* If a security manager has been installed and this
* channel is bound to an {@link InetSocketAddress}
* and the security manager denies access to the remote endpoint
* of the new connection, or if this channel is bound to a
* {@link UnixDomainSocketAddress} and the security manager
* denies {@link NetPermission}{@code ("accessUnixDomainSocket")}
*
* @throws IOException
* If some other I/O error occurs
*/
@ -368,24 +341,11 @@ public abstract class ServerSocketChannel
/**
* {@inheritDoc}
*
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* <p> Where the channel is bound to a <i>Unix Domain</i> socket address, the socket
* address is a {@link UnixDomainSocketAddress}. If there is a security manager
* set, its {@link SecurityManager#checkPermission(java.security.Permission)
* checkPermission} method is called with {@link NetPermission}{@code
* ("accessUnixDomainSocket")}. If the operation is not allowed an unnamed
* {@link UnixDomainSocketAddress} is returned.
* address is a {@link UnixDomainSocketAddress}.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address or empty
* path if denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to or {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

48
src/java.base/share/classes/java/nio/channels/SocketChannel.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -259,10 +259,6 @@ public abstract class SocketChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*
* @throws IOException
* If some other I/O error occurs
*
@ -355,12 +351,6 @@ public abstract class SocketChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies
* the operation for an <i>Internet protocol</i> socket address,
* or for a <i>Unix domain</i> socket address if it denies
* {@link NetPermission}{@code("accessUnixDomainSocket")}.
*
* @since 1.7
*/
@ -463,19 +453,6 @@ public abstract class SocketChannel
* method will block until the connection is established or an I/O error
* occurs.
*
* <p> For channels to <i>Internet protocol</i> sockets, this method performs
* exactly the same security checks as the {@link java.net.Socket} class.
* That is, if a security manager has been
* installed then this method verifies that its {@link
* java.lang.SecurityManager#checkConnect checkConnect} method permits
* connecting to the address and port number of the given remote endpoint.
*
* <p> For channels to <i>Unix Domain</i> sockets, this method checks
* {@link java.net.NetPermission NetPermission}{@code
* ("accessUnixDomainSocket")} with the security manager's {@link
* SecurityManager#checkPermission(java.security.Permission)
* checkPermission} method.
*
* <p> This method may be invoked at any time. If a read or write
* operation upon this channel is invoked while an invocation of this
* method is in progress then that operation will first block until this
@ -516,10 +493,6 @@ public abstract class SocketChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*
* @throws IOException
* If some other I/O error occurs
*/
@ -663,24 +636,11 @@ public abstract class SocketChannel
/**
* {@inheritDoc}
*
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* <p> Where the channel is bound to a Unix Domain socket address, the socket
* address is a {@link UnixDomainSocketAddress}. If there is a security manager
* set, its {@link SecurityManager#checkPermission(java.security.Permission)
* checkPermission} method is called with {@link NetPermission}{@code
* ("accessUnixDomainSocket")}. If the operation is not allowed an unnamed
* {@link UnixDomainSocketAddress} is returned.
* address is a {@link UnixDomainSocketAddress}.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address or empty
* path if denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

15
src/java.base/share/classes/java/nio/channels/spi/AsynchronousChannelProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -51,24 +51,11 @@ import java.security.PrivilegedAction;
*/
public abstract class AsynchronousChannelProvider {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("asynchronousChannelProvider"));
return null;
}
private AsynchronousChannelProvider(Void ignore) { }
/**
* Initializes a new instance of this class.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("asynchronousChannelProvider")}
*/
protected AsynchronousChannelProvider() {
this(checkPermission());
}
// lazy initialization of default provider

20
src/java.base/share/classes/java/nio/channels/spi/SelectorProvider.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -72,24 +72,10 @@ import java.util.ServiceConfigurationError;
public abstract class SelectorProvider {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("selectorProvider"));
return null;
}
private SelectorProvider(Void ignore) { }
/**
* Initializes a new instance of this class.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("selectorProvider")}
*/
protected SelectorProvider() {
this(checkPermission());
}
private static class Holder {
@ -315,10 +301,6 @@ public abstract class SelectorProvider {
* @throws IOException
* If an I/O error occurs
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("inheritedChannel")}
*
* @since 1.5
*/
public Channel inheritedChannel() throws IOException {

14
src/java.base/share/classes/java/nio/charset/spi/CharsetProvider.java
View File

@ -82,24 +82,10 @@ import java.util.Iterator;
public abstract class CharsetProvider {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("charsetProvider"));
return null;
}
private CharsetProvider(Void ignore) { }
/**
* Initializes a new charset provider.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("charsetProvider")}
*/
protected CharsetProvider() {
this(checkPermission());
}
/**

7
src/java.base/share/classes/java/nio/file/AccessDeniedException.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,11 +29,6 @@ package java.nio.file;
* Checked exception thrown when a file system operation is denied, typically
* due to a file permission or other access check.
*
* <p> This exception is not related to the {@link
* java.security.AccessControlException AccessControlException} or {@link
* SecurityException} thrown by access controllers or security managers when
* access to a file is denied.
*
* @since 1.7
*/

27
src/java.base/share/classes/java/nio/file/FileSystem.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -172,22 +172,15 @@ public abstract class FileSystem
*
* <p> A file system provides access to a file store that may be composed
* of a number of distinct file hierarchies, each with its own top-level
* root directory. Unless denied by the security manager, each element in
* the returned iterator corresponds to the root directory of a distinct
* file hierarchy. The order of the elements is not defined. The file
* hierarchies may change during the lifetime of the Java virtual machine.
* root directory. Each element in the returned iterator corresponds to the
* root directory of a distinct file hierarchy. The order of the elements is
* not defined. The file hierarchies may change during the lifetime of the
* ava virtual machine.
* For example, in some implementations, the insertion of removable media
* may result in the creation of a new file hierarchy with its own
* top-level directory. There is no guarantee that a root directory
* can be accessed.
*
* <p> When a security manager is installed, it is invoked to check access
* to the each root directory. If denied, the root directory is not returned
* by the iterator. In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check read access
* to each root directory. It is system dependent if the permission checks
* are done when the iterator is obtained or during iteration.
*
* @return An object to iterate over the root directories
*/
public abstract Iterable<Path> getRootDirectories();
@ -201,16 +194,6 @@ public abstract class FileSystem
* Java virtual machine. When an I/O error occurs, perhaps because a file
* store is not accessible, then it is not returned by the iterator.
*
* <p> In the case of the default provider, and a security manager is
* installed, the security manager is invoked to check {@link
* RuntimePermission}{@code ("getFileStoreAttributes")}. If denied, then
* no file stores are returned by the iterator. In addition, the security
* manager's {@link SecurityManager#checkRead(String)} method is invoked to
* check read access to the file store's <em>top-most</em> directory. If
* denied, the file store is not returned by the iterator. It is system
* dependent if the permission checks are done when the iterator is obtained
* or during iteration.
*
* <p> <b>Usage Example:</b>
* Suppose we want to print the space usage for all file stores:
* {@snippet lang=java :

28
src/java.base/share/classes/java/nio/file/FileSystems.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -206,11 +206,6 @@ public final class FileSystems {
* exception if invoked after the file system is closed (and before a new
* instance is created by the {@link #newFileSystem newFileSystem} method).
*
* <p> If a security manager is installed then a provider implementation
* may require to check a permission before returning a reference to an
* existing file system. In the case of the {@link FileSystems#getDefault
* default} file system, no permission check is required.
*
* @param uri the URI to locate the file system
*
* @return the reference to the file system
@ -221,9 +216,6 @@ public final class FileSystems {
* if the file system, identified by the URI, does not exist
* @throws ProviderNotFoundException
* if a provider supporting the URI scheme is not installed
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*/
public static FileSystem getFileSystem(URI uri) {
String scheme = uri.getScheme();
@ -278,9 +270,6 @@ public final class FileSystems {
* if a provider supporting the URI scheme is not installed
* @throws IOException
* if an I/O error occurs creating the file system
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required by the file system provider implementation
*/
public static FileSystem newFileSystem(URI uri, Map<String,?> env)
throws IOException
@ -323,9 +312,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* an I/O error occurs creating the file system
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required by the file system provider implementation
*/
public static FileSystem newFileSystem(URI uri, Map<String,?> env, ClassLoader loader)
throws IOException
@ -389,9 +375,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*/
public static FileSystem newFileSystem(Path path,
ClassLoader loader)
@ -428,9 +411,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*
* @since 13
*/
@ -465,9 +445,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*
* @since 13
*/
@ -510,9 +487,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*
* @since 13
*/

385
src/java.base/share/classes/java/nio/file/Files.java
View File

@ -149,10 +149,6 @@ public final class Files {
* if an unsupported option is specified
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static InputStream newInputStream(Path path, OpenOption... options)
throws IOException
@ -214,13 +210,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public static OutputStream newOutputStream(Path path, OpenOption... options)
throws IOException
@ -359,16 +348,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file is
* opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @see java.nio.channels.FileChannel#open(Path,Set,FileAttribute[])
*/
@ -406,16 +385,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file is
* opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @see java.nio.channels.FileChannel#open(Path,OpenOption[])
*/
@ -471,10 +440,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public static DirectoryStream<Path> newDirectoryStream(Path dir)
throws IOException
@ -526,10 +491,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public static DirectoryStream<Path> newDirectoryStream(Path dir, String glob)
throws IOException
@ -602,10 +563,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public static DirectoryStream<Path> newDirectoryStream(Path dir,
DirectoryStream.Filter<? super Path> filter)
@ -647,10 +604,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs or the parent directory does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the new file.
*/
public static Path createFile(Path path, FileAttribute<?>... attrs)
throws IOException
@ -689,10 +642,6 @@ public final class Files {
* that name already exists <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs or the parent directory does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the new directory.
*/
public static Path createDirectory(Path dir, FileAttribute<?>... attrs)
throws IOException
@ -733,17 +682,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* in the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked prior to attempting to create a directory and
* its {@link SecurityManager#checkRead(String) checkRead} is
* invoked for each parent directory that is checked. If {@code
* dir} is not an absolute path then its {@link Path#toAbsolutePath
* toAbsolutePath} may need to be invoked to get its absolute path.
* This may invoke the security manager's {@link
* SecurityManager#checkPropertyAccess(String) checkPropertyAccess}
* method to check access to the system property {@code user.dir}
*/
public static Path createDirectories(Path dir, FileAttribute<?>... attrs)
throws IOException
@ -865,10 +803,6 @@ public final class Files {
* when creating the directory
* @throws IOException
* if an I/O error occurs or {@code dir} does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file.
*/
public static Path createTempFile(Path dir,
String prefix,
@ -911,10 +845,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs or the temporary-file directory does not
* exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file.
*/
public static Path createTempFile(String prefix,
String suffix,
@ -963,11 +893,6 @@ public final class Files {
* when creating the directory
* @throws IOException
* if an I/O error occurs or {@code dir} does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access when creating the
* directory.
*/
public static Path createTempDirectory(Path dir,
String prefix,
@ -1005,11 +930,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs or the temporary-file directory does not
* exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access when creating the
* directory.
*/
public static Path createTempDirectory(String prefix,
FileAttribute<?>... attrs)
@ -1057,11 +977,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it denies {@link LinkPermission}{@code ("symbolic")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the path of the symbolic link.
*/
public static Path createSymbolicLink(Path link, Path target,
FileAttribute<?>... attrs)
@ -1102,12 +1017,6 @@ public final class Files {
* that name already exists <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it denies {@link LinkPermission}{@code ("hard")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to either the link or the
* existing file.
*/
public static Path createLink(Path link, Path existing) throws IOException {
provider(link).createLink(link, existing);
@ -1144,10 +1053,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String)} method
* is invoked to check delete access to the file
*/
public static void delete(Path path) throws IOException {
provider(path).delete(path);
@ -1183,10 +1088,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String)} method
* is invoked to check delete access to the file.
*/
public static boolean deleteIfExists(Path path) throws IOException {
return provider(path).deleteIfExists(path);
@ -1287,14 +1188,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the source file, the
* {@link SecurityManager#checkWrite(String) checkWrite} is invoked
* to check write access to the target file. If a symbolic link is
* copied the security manager is invoked to check {@link
* LinkPermission}{@code ("symbolic")}.
*/
public static Path copy(Path source, Path target, CopyOption... options)
throws IOException
@ -1422,11 +1315,6 @@ public final class Files {
* the file cannot be moved as an atomic file system operation.
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to both the source and
* target file.
*/
public static Path move(Path source, Path target, CopyOption... options)
throws IOException
@ -1465,10 +1353,6 @@ public final class Files {
* is not a symbolic link <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it checks that {@code FilePermission} has been
* granted with the "{@code readlink}" action to read the link.
*/
public static Path readSymbolicLink(Path link) throws IOException {
return provider(link).readSymbolicLink(link);
@ -1492,12 +1376,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file, and in
* addition it checks
* {@link RuntimePermission}{@code ("getFileStoreAttributes")}
*/
public static FileStore getFileStore(Path path) throws IOException {
return provider(path).getFileStore(path);
@ -1535,11 +1413,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to both files when the
* two paths are not equal
*
* @see java.nio.file.attribute.BasicFileAttributes#fileKey
*/
@ -1591,11 +1464,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to both files when the
* two paths are not equal
*
* @since 12
*/
@ -1644,10 +1512,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static boolean isHidden(Path path) throws IOException {
return provider(path).isHidden(path);
@ -1729,9 +1593,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission required by a file type detector implementation.
*
* @spec https://www.rfc-editor.org/info/rfc2045
* RFC 2045: Multipurpose Internet Mail Extensions (MIME) Part One:
@ -1850,12 +1711,6 @@ public final class Files {
* if an attributes of the given type are not supported
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file. If this
* method is invoked to read security sensitive attributes then the
* security manager may be invoked to check for additional permissions.
*/
public static <A extends BasicFileAttributes> A readAttributes(Path path,
Class<A> type,
@ -1919,12 +1774,6 @@ public final class Files {
* type
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file. If this method is invoked
* to set security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public static Path setAttribute(Path path, String attribute, Object value,
LinkOption... options)
@ -1980,12 +1829,6 @@ public final class Files {
* if the attribute name is not specified or is not recognized
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file. If this method is invoked
* to read security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public static Object getAttribute(Path path, String attribute,
LinkOption... options)
@ -2084,12 +1927,6 @@ public final class Files {
* specified
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file. If this method is invoked
* to read security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public static Map<String,Object> readAttributes(Path path, String attributes,
LinkOption... options)
@ -2125,12 +1962,6 @@ public final class Files {
* PosixFileAttributeView}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
public static Set<PosixFilePermission> getPosixFilePermissions(Path path,
LinkOption... options)
@ -2163,12 +1994,6 @@ public final class Files {
* PosixFilePermission}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
public static Path setPosixFilePermissions(Path path,
Set<PosixFilePermission> perms)
@ -2201,12 +2026,6 @@ public final class Files {
* FileOwnerAttributeView}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
public static UserPrincipal getOwner(Path path, LinkOption... options) throws IOException {
FileOwnerAttributeView view =
@ -2245,12 +2064,6 @@ public final class Files {
* FileOwnerAttributeView}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*
* @see FileSystem#getUserPrincipalLookupService
* @see java.nio.file.attribute.UserPrincipalLookupService
@ -2280,11 +2093,6 @@ public final class Files {
* @return {@code true} if the file is a symbolic link; {@code false} if
* the file does not exist, is not a symbolic link, or it cannot
* be determined if the file is a symbolic link or not.
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*/
public static boolean isSymbolicLink(Path path) {
try {
@ -2319,11 +2127,6 @@ public final class Files {
* @return {@code true} if the file is a directory; {@code false} if
* the file does not exist, is not a directory, or it cannot
* be determined if the file is a directory or not.
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*/
public static boolean isDirectory(Path path, LinkOption... options) {
try {
@ -2358,11 +2161,6 @@ public final class Files {
* @return {@code true} if the file is a regular file; {@code false} if
* the file does not exist, is not a regular file, or it
* cannot be determined if the file is a regular file or not.
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*/
public static boolean isRegularFile(Path path, LinkOption... options) {
try {
@ -2395,10 +2193,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*
* @see BasicFileAttributes#lastModifiedTime
*/
@ -2434,10 +2228,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkWrite(String)
* checkWrite} method denies write access to the file.
*
* @see BasicFileAttributeView#setTimes
*/
@ -2463,10 +2253,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*
* @see BasicFileAttributes#size
*/
@ -2514,11 +2300,6 @@ public final class Files {
* @return {@code true} if the file exists; {@code false} if the file does
* not exist or its existence cannot be determined.
*
* @throws SecurityException
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} is invoked to check
* read access to the file.
*
* @see #notExists
* @see FileSystemProvider#checkAccess
*/
@ -2551,11 +2332,6 @@ public final class Files {
*
* @return {@code true} if the file does not exist; {@code false} if the
* file exists or its existence cannot be determined
*
* @throws SecurityException
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} is invoked to check
* read access to the file.
*/
public static boolean notExists(Path path, LinkOption... options) {
try {
@ -2609,11 +2385,6 @@ public final class Files {
* if the file does not exist, read access would be denied because
* the Java virtual machine has insufficient privileges, or access
* cannot be determined
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* is invoked to check read access to the file.
*/
public static boolean isReadable(Path path) {
FileSystemProvider provider = provider(path);
@ -2644,11 +2415,6 @@ public final class Files {
* if the file does not exist, write access would be denied because
* the Java virtual machine has insufficient privileges, or access
* cannot be determined
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* is invoked to check write access to the file.
*/
public static boolean isWritable(Path path) {
FileSystemProvider provider = provider(path);
@ -2683,11 +2449,6 @@ public final class Files {
* if the file does not exist, execute access would be denied because
* the Java virtual machine has insufficient privileges, or access
* cannot be determined
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkExec(String)
* checkExec} is invoked to check execute access to the file.
*/
public static boolean isExecutable(Path path) {
FileSystemProvider provider = provider(path);
@ -2754,20 +2515,15 @@ public final class Files {
*
* <p> The {@code maxDepth} parameter is the maximum number of levels of
* directories to visit. A value of {@code 0} means that only the starting
* file is visited, unless denied by the security manager. A value of
* {@link Integer#MAX_VALUE MAX_VALUE} may be used to indicate that all
* levels should be visited. The {@code visitFile} method is invoked for all
* files, including directories, encountered at {@code maxDepth}, unless the
* basic file attributes cannot be read, in which case the {@code
* file is visited. A value of {@link Integer#MAX_VALUE MAX_VALUE} may be used
* to indicate that all levels should be visited. The {@code visitFile} method
* is invoked for all files, including directories, encountered at {@code maxDepth},
* unless the basic file attributes cannot be read, in which case the {@code
* visitFileFailed} method is invoked.
*
* <p> If a visitor returns a result of {@code null} then {@code
* NullPointerException} is thrown.
*
* <p> When a security manager is installed and it denies access to a file
* (or directory), then it is ignored and the visitor is not invoked for
* that file (or directory).
*
* @param start
* the starting file
* @param options
@ -2781,11 +2537,6 @@ public final class Files {
*
* @throws IllegalArgumentException
* if the {@code maxDepth} parameter is negative
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown by a visitor method
*/
@ -2867,11 +2618,6 @@ public final class Files {
*
* @return the starting file
*
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown by a visitor method
*/
@ -2907,10 +2653,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @see #readAllLines
*/
@ -2943,10 +2685,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 1.8
*/
@ -2994,13 +2732,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @see #write(Path,Iterable,Charset,OpenOption[])
*/
@ -3044,13 +2775,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 1.8
*/
@ -3117,13 +2841,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws UnsupportedOperationException
* if {@code options} contains a copy option that is not supported
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. Where the
* {@code REPLACE_EXISTING} option is specified, the security
* manager's {@link SecurityManager#checkDelete(String) checkDelete}
* method is invoked to check that an existing file can be deleted.
*/
public static long copy(InputStream in, Path target, CopyOption... options)
throws IOException
@ -3204,10 +2921,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs when reading or writing
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static long copy(Path source, OutputStream out) throws IOException {
// ensure not null before opening file
@ -3283,10 +2996,6 @@ public final class Files {
* @throws OutOfMemoryError
* if an array of the required size cannot be allocated, for
* example the file is larger that {@code 2GB}
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static byte[] readAllBytes(Path path) throws IOException {
try (SeekableByteChannel sbc = Files.newByteChannel(path);
@ -3318,10 +3027,6 @@ public final class Files {
* unmappable byte sequence is read
* @throws OutOfMemoryError
* if the file is extremely large, for example larger than {@code 2GB}
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 11
*/
@ -3356,10 +3061,6 @@ public final class Files {
* unmappable byte sequence is read
* @throws OutOfMemoryError
* if the file is extremely large, for example larger than {@code 2GB}
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 11
*/
@ -3405,10 +3106,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs reading from the file or a malformed or
* unmappable byte sequence is read
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @see #newBufferedReader
*/
@ -3446,10 +3143,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs reading from the file or a malformed or
* unmappable byte sequence is read
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 1.8
*/
@ -3499,13 +3192,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public static Path write(Path path, byte[] bytes, OpenOption... options)
throws IOException
@ -3567,13 +3253,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public static Path write(Path path, Iterable<? extends CharSequence> lines,
Charset cs, OpenOption... options)
@ -3619,13 +3298,6 @@ public final class Files {
* text cannot be encoded as {@code UTF-8}
* @throws UnsupportedOperationException
* if an unsupported option is specified
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 1.8
*/
@ -3662,13 +3334,6 @@ public final class Files {
* text cannot be encoded using UTF-8
* @throws UnsupportedOperationException
* if an unsupported option is specified
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 11
*/
@ -3714,13 +3379,6 @@ public final class Files {
* text cannot be encoded using the specified charset
* @throws UnsupportedOperationException
* if an unsupported option is specified
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 11
*/
@ -3784,10 +3442,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs when opening the directory
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*
* @see #newDirectoryStream(Path)
* @since 1.8
@ -3875,12 +3529,8 @@ public final class Files {
*
* <p> The {@code maxDepth} parameter is the maximum number of levels of
* directories to visit. A value of {@code 0} means that only the starting
* file is visited, unless denied by the security manager. A value of
* {@link Integer#MAX_VALUE MAX_VALUE} may be used to indicate that all
* levels should be visited.
*
* <p> When a security manager is installed and it denies access to a file
* (or directory), then it is ignored and not included in the stream.
* file is visited. A value of {@link Integer#MAX_VALUE MAX_VALUE} may be used
* to indicate that all levels should be visited.
*
* <p> The returned stream contains references to one or more open directories.
* The directories are closed by closing the stream.
@ -3906,11 +3556,6 @@ public final class Files {
*
* @throws IllegalArgumentException
* if the {@code maxDepth} parameter is negative
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown when accessing the starting file.
* @since 1.8
@ -3964,11 +3609,6 @@ public final class Files {
*
* @return the {@link Stream} of {@link Path}
*
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown when accessing the starting file.
*
@ -4022,11 +3662,6 @@ public final class Files {
*
* @throws IllegalArgumentException
* if the {@code maxDepth} parameter is negative
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown when accessing the starting file.
*
@ -4117,10 +3752,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @see #readAllLines(Path, Charset)
* @see #newBufferedReader(Path, Charset)
@ -4222,10 +3853,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 1.8
*/

38
src/java.base/share/classes/java/nio/file/LinkPermission.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,41 +30,11 @@ import java.security.BasicPermission;
/**
* The {@code Permission} class for link creation operations.
*
* <p> The following table provides a summary description of what the permission
* allows, and discusses the risks of granting code the permission.
*
* <table class="striped">
* <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption>
* <thead>
* <tr>
* <th scope="col">Permission Target Name</th>
* <th scope="col">What the Permission Allows</th>
* <th scope="col">Risks of Allowing this Permission</th>
* </tr>
* </thead>
* <tbody>
* <tr>
* <th scope="row">hard</th>
* <td> Ability to add an existing file to a directory. This is sometimes
* known as creating a link, or hard link. </td>
* <td> Extreme care should be taken when granting this permission. It allows
* linking to any file or directory in the file system thus allowing the
* attacker access to all files. </td>
* </tr>
* <tr>
* <th scope="row">symbolic</th>
* <td> Ability to create symbolic links. </td>
* <td> Extreme care should be taken when granting this permission. It allows
* linking to any file or directory in the file system thus allowing the
* attacker to access to all files. </td>
* </tr>
* </tbody>
* </table>
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @since 1.7
*
* @see Files#createLink
* @see Files#createSymbolicLink
*/
public final class LinkPermission extends BasicPermission {
@java.io.Serial

31
src/java.base/share/classes/java/nio/file/Path.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -188,9 +188,6 @@ public interface Path
* The file system, identified by the URI, does not exist and
* cannot be created automatically, or the provider identified by
* the URI's scheme component is not installed
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission to access the file system
*
* @since 11
*/
@ -747,11 +744,6 @@ public interface Path
* file system is constructed to access the contents of a file as
* a file system, and the URI of the enclosing file system cannot be
* obtained
*
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, the {@link #toAbsolutePath toAbsolutePath} method
* throws a security exception.
*/
URI toUri();
@ -769,12 +761,6 @@ public interface Path
*
* @throws java.io.IOError
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager
* is installed, and this path is not absolute, then the security
* manager's {@link SecurityManager#checkPropertyAccess(String)
* checkPropertyAccess} method is invoked to check access to the
* system property {@code user.dir}
*/
Path toAbsolutePath();
@ -814,13 +800,6 @@ public interface Path
*
* @throws IOException
* if the file does not exist or an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file, and where
* this path is not absolute, its {@link SecurityManager#checkPropertyAccess(String)
* checkPropertyAccess} method is invoked to check access to the
* system property {@code user.dir}
*/
Path toRealPath(LinkOption... options) throws IOException;
@ -913,10 +892,6 @@ public interface Path
* and the file is not a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
@Override
WatchKey register(WatchService watcher,
@ -969,10 +944,6 @@ public interface Path
* and the file is not a directory <i>(optional specific exception)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
@Override
default WatchKey register(WatchService watcher,

5
src/java.base/share/classes/java/nio/file/Paths.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -88,9 +88,6 @@ public final class Paths {
* The file system, identified by the URI, does not exist and
* cannot be created automatically, or the provider identified by
* the URI's scheme component is not installed
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission to access the file system
*
* @see Path#of(URI)
*/

31
src/java.base/share/classes/java/nio/file/SecureDirectoryStream.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -47,11 +47,6 @@ import java.io.IOException;
* newDirectoryStream} method will be a {@code SecureDirectoryStream} and must
* be cast to that type in order to invoke the methods defined by this interface.
*
* <p> In the case of the default {@link java.nio.file.spi.FileSystemProvider
* provider}, and a security manager is set, then the permission checks are
* performed using the path obtained by resolving the given relative path
* against the <i>original path</i> of the directory (irrespective of if the
* directory is moved since it was opened).
* @param <T> The type of element returned by the iterator
*
* @since 1.7
@ -90,10 +85,6 @@ public interface SecureDirectoryStream<T>
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
SecureDirectoryStream<T> newDirectoryStream(T path, LinkOption... options)
throws IOException;
@ -138,13 +129,6 @@ public interface SecureDirectoryStream<T>
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file
* is opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing.
*/
SeekableByteChannel newByteChannel(T path,
Set<? extends OpenOption> options,
@ -171,10 +155,6 @@ public interface SecureDirectoryStream<T>
* if the file does not exist <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String) checkDelete}
* method is invoked to check delete access to the file
*/
void deleteFile(T path) throws IOException;
@ -199,10 +179,6 @@ public interface SecureDirectoryStream<T>
* not empty <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String) checkDelete}
* method is invoked to check delete access to the directory
*/
void deleteDirectory(T path) throws IOException;
@ -238,11 +214,6 @@ public interface SecureDirectoryStream<T>
* if the file cannot be moved as an atomic file system operation
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to both the source and
* target file.
*/
void move(T srcpath, SecureDirectoryStream<T> targetdir, T targetpath)
throws IOException;

10
src/java.base/share/classes/java/nio/file/Watchable.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -81,10 +81,6 @@ public interface Watchable {
* if the watch service is closed
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required to monitor this object. Implementations of
* this interface should specify the permission checks.
*/
WatchKey register(WatchService watcher,
WatchEvent.Kind<?>[] events,
@ -118,10 +114,6 @@ public interface Watchable {
* if the watch service is closed
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required to monitor this object. Implementations of
* this interface should specify the permission checks.
*/
WatchKey register(WatchService watcher, WatchEvent.Kind<?>... events)
throws IOException;

12
src/java.base/share/classes/java/nio/file/attribute/AclFileAttributeView.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -170,11 +170,6 @@ public interface AclFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
List<AclEntry> getAcl() throws IOException;
@ -206,11 +201,6 @@ public interface AclFileAttributeView
*
* @throws IOException
* if an I/O error occurs or the ACL is invalid
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, it denies {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
void setAcl(List<AclEntry> acl) throws IOException;
}

10
src/java.base/share/classes/java/nio/file/attribute/BasicFileAttributeView.java
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -121,10 +121,6 @@ public interface BasicFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file
*/
BasicFileAttributes readAttributes() throws IOException;
@ -169,10 +165,6 @@ public interface BasicFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file
*
* @see java.nio.file.Files#setLastModifiedTime
*/

Some files were not shown because too many files have changed in this diff Show More