AntSecurityManager


1   /*******************************************************************************
2    * Copyright (c) 2000, 2005 IBM Corporation and others.
3    * All rights reserved. This program and the accompanying materials
4    * are made available under the terms of the Eclipse Public License v1.0
5    * which accompanies this distribution, and is available at
6    * http://www.eclipse.org/legal/epl-v10.html
7    * 
8    * Contributors:
9    *     IBM Corporation - initial API and implementation
10   *******************************************************************************/
11  package org.eclipse.ant.internal.ui.antsupport;
12  
13  
14  import java.io.FileDescriptor  ;
15  import java.net.InetAddress  ;
16  import java.net.SocketPermission  ;
17  import java.security.Permission  ;
18  import java.util.PropertyPermission  ;
19  
20  /**
21   * A security manager that always throws an <code>AntSecurityException</code>
22   * if the calling thread attempts to cause the Java Virtual Machine to 
23   * exit/halt or if the restricted thread attempts to set a System property.
24   * Otherwise this manager just delegates to the pre-existing manager
25   * passed in the constructor or mimics the default security manager behavior
26   */
27  public class AntSecurityManager extends SecurityManager   {
28  
29      private SecurityManager   fSecurityManager= null;
30      private Thread   fRestrictedThread= null;
31      //ensure that the PropertyPermission class is loaded before we 
32      //start checking permissions: bug 85908
33      private static final PropertyPermission   fgPropertyPermission= new PropertyPermission  ("*", "write"); //$NON-NLS-1$ //$NON-NLS-2$
34      
35      private boolean fAllowSettingSystemProperties= true;
36      
37      public AntSecurityManager(SecurityManager   securityManager, Thread   restrictedThread, boolean allowSettingProperties) {
38          fSecurityManager= securityManager;
39          fRestrictedThread= restrictedThread;
40          fAllowSettingSystemProperties= allowSettingProperties;
41      }
42      
43      public AntSecurityManager(SecurityManager   securityManager, Thread   restrictedThread) {
44          this(securityManager, restrictedThread, true);
45      }
46      
47      /* (non-Javadoc)
48       * @see java.lang.SecurityManager#checkExit(int)
49       */
50      public void checkExit(int status) {
51          //no exit allowed from the restricted thread...System.exit is being called
52          //by some ant task...disallow the exit
53          if (Thread.currentThread() == fRestrictedThread) {
54              throw new AntSecurityException();
55          }
56          if (fSecurityManager != null) {
57              fSecurityManager.checkExit(status);
58          }
59      }
60      /* (non-Javadoc)
61       * @see java.lang.SecurityManager#checkAccept(java.lang.String, int)
62       */
63      public void checkAccept(String   host, int port) {
64          if (fSecurityManager != null) {
65              fSecurityManager.checkAccept(host, port);
66          }
67      }
68  
69      /* (non-Javadoc)
70       * @see java.lang.SecurityManager#checkAccess(java.lang.Thread)
71       */
72      public void checkAccess(Thread   t) {
73          if (fSecurityManager != null) {
74              fSecurityManager.checkAccess(t);
75          }
76      }
77  
78      /* (non-Javadoc)
79       * @see java.lang.SecurityManager#checkAccess(java.lang.ThreadGroup)
80       */
81      public void checkAccess(ThreadGroup   g) {
82          if (fSecurityManager != null) {
83              fSecurityManager.checkAccess(g);
84          }
85      }
86  
87      /* (non-Javadoc)
88       * @see java.lang.SecurityManager#checkAwtEventQueueAccess()
89       */
90      public void checkAwtEventQueueAccess() {
91          if (fSecurityManager != null) {
92              fSecurityManager.checkAwtEventQueueAccess();
93          }
94      }
95  
96      /* (non-Javadoc)
97       * @see java.lang.SecurityManager#checkConnect(java.lang.String, int, java.lang.Object)
98       */
99      public void checkConnect(String   host, int port, Object   context) {
100         if (fSecurityManager != null) {
101             fSecurityManager.checkConnect(host, port, context);
102         }
103     }
104 
105     /* (non-Javadoc)
106      * @see java.lang.SecurityManager#checkConnect(java.lang.String, int)
107      */
108     public void checkConnect(String   host, int port) {
109         if (fSecurityManager != null) {
110             fSecurityManager.checkConnect(host, port);
111         }
112     }
113 
114     /* (non-Javadoc)
115      * @see java.lang.SecurityManager#checkCreateClassLoader()
116      */
117     public void checkCreateClassLoader() {
118         if (fSecurityManager != null) {
119             fSecurityManager.checkCreateClassLoader();
120         }
121     }
122 
123     /* (non-Javadoc)
124      * @see java.lang.SecurityManager#checkDelete(java.lang.String)
125      */
126     public void checkDelete(String   file) {
127         if (fSecurityManager != null) {
128             fSecurityManager.checkDelete(file);
129         }
130     }
131 
132     /* (non-Javadoc)
133      * @see java.lang.SecurityManager#checkExec(java.lang.String)
134      */
135     public void checkExec(String   cmd) {
136         if (fSecurityManager != null) {
137             fSecurityManager.checkExec(cmd);
138         }
139     }
140 
141     /* (non-Javadoc)
142      * @see java.lang.SecurityManager#checkLink(java.lang.String)
143      */
144     public void checkLink(String   lib) {
145         if (fSecurityManager != null) {
146             fSecurityManager.checkLink(lib);
147         }
148     }
149 
150     /* (non-Javadoc)
151      * @see java.lang.SecurityManager#checkListen(int)
152      */
153     public void checkListen(int port) {
154         if (fSecurityManager != null) {
155             fSecurityManager.checkListen(port);
156         }
157     }
158 
159     /* (non-Javadoc)
160      * @see java.lang.SecurityManager#checkMemberAccess(java.lang.Class, int)
161      */
162     public void checkMemberAccess(Class   clazz, int which) {
163         if (fSecurityManager != null) {
164             fSecurityManager.checkMemberAccess(clazz, which);
165         }
166     }
167 
168     /**
169      * @see java.lang.SecurityManager#checkMulticast(java.net.InetAddress, byte)
170      * @deprecated
171      */
172     public void checkMulticast(InetAddress   maddr, byte ttl) {
173         if (fSecurityManager != null) {
174             String   host = maddr.getHostAddress();
175             if (!host.startsWith("[") && host.indexOf(':') != -1) { //$NON-NLS-1$
176                 host = "[" + host + "]"; //$NON-NLS-1$ //$NON-NLS-2$
177             }
178             checkPermission(new SocketPermission  (host, "accept,connect")); //$NON-NLS-1$
179         }
180     }
181 
182     /* (non-Javadoc)
183      * @see java.lang.SecurityManager#checkMulticast(java.net.InetAddress)
184      */
185     public void checkMulticast(InetAddress   maddr) {
186         if (fSecurityManager != null) {
187             fSecurityManager.checkMulticast(maddr);
188         }
189     }
190 
191     /* (non-Javadoc)
192      * @see java.lang.SecurityManager#checkPackageAccess(java.lang.String)
193      */
194     public void checkPackageAccess(String   pkg) {
195         if (fSecurityManager != null) {
196             fSecurityManager.checkPackageAccess(pkg);
197         }
198     }
199 
200     /* (non-Javadoc)
201      * @see java.lang.SecurityManager#checkPackageDefinition(java.lang.String)
202      */
203     public void checkPackageDefinition(String   pkg) {
204         if (fSecurityManager != null) {
205             fSecurityManager.checkPackageDefinition(pkg);
206         }
207     }
208 
209     /* (non-Javadoc)
210      * @see java.lang.SecurityManager#checkPermission(java.security.Permission, java.lang.Object)
211      */
212     public void checkPermission(Permission   perm, Object   context) {
213         if (fSecurityManager != null) {
214             fSecurityManager.checkPermission(perm, context);
215         }
216     }
217 
218     /* (non-Javadoc)
219      * @see java.lang.SecurityManager#checkPermission(java.security.Permission)
220      */
221     public void checkPermission(Permission   perm) {
222         if (!fAllowSettingSystemProperties && fgPropertyPermission.implies(perm) && fRestrictedThread == Thread.currentThread()) {
223             //attempting to write a system property
224             throw new AntSecurityException();
225         }
226         if (fSecurityManager != null) {
227             fSecurityManager.checkPermission(perm);
228         }
229     }
230 
231     /* (non-Javadoc)
232      * @see java.lang.SecurityManager#checkPrintJobAccess()
233      */
234     public void checkPrintJobAccess() {
235         if (fSecurityManager != null) {
236             fSecurityManager.checkPrintJobAccess();
237         }
238     }
239 
240     /* (non-Javadoc)
241      * @see java.lang.SecurityManager#checkPropertiesAccess()
242      */
243     public void checkPropertiesAccess() {
244         if (fSecurityManager != null) {
245             fSecurityManager.checkPropertiesAccess();
246         }
247         super.checkPropertiesAccess();
248     }
249 
250     /* (non-Javadoc)
251      * @see java.lang.SecurityManager#checkPropertyAccess(java.lang.String)
252      */
253     public void checkPropertyAccess(String   key) {
254         if (fSecurityManager != null) {
255             fSecurityManager.checkPropertyAccess(key);
256         }
257     }
258 
259     /* (non-Javadoc)
260      * @see java.lang.SecurityManager#checkRead(java.io.FileDescriptor)
261      */
262     public void checkRead(FileDescriptor   fd) {
263         if (fSecurityManager != null) {
264             fSecurityManager.checkRead(fd);
265         }
266     }
267 
268     /* (non-Javadoc)
269      * @see java.lang.SecurityManager#checkRead(java.lang.String, java.lang.Object)
270      */
271     public void checkRead(String   file, Object   context) {
272         if (fSecurityManager != null) {
273             fSecurityManager.checkRead(file, context);
274         }
275     }
276 
277     /* (non-Javadoc)
278      * @see java.lang.SecurityManager#checkRead(java.lang.String)
279      */
280     public void checkRead(String   file) {
281         if (fSecurityManager != null) {
282             fSecurityManager.checkRead(file);
283         }
284     }
285 
286     /* (non-Javadoc)
287      * @see java.lang.SecurityManager#checkSecurityAccess(java.lang.String)
288      */
289     public void checkSecurityAccess(String   target) {
290         if (fSecurityManager != null) {
291             fSecurityManager.checkSecurityAccess(target);
292         }
293     }
294 
295     /* (non-Javadoc)
296      * @see java.lang.SecurityManager#checkSetFactory()
297      */
298     public void checkSetFactory() {
299         if (fSecurityManager != null) {
300             fSecurityManager.checkSetFactory();
301         }
302     }
303 
304     /* (non-Javadoc)
305      * @see java.lang.SecurityManager#checkSystemClipboardAccess()
306      */
307     public void checkSystemClipboardAccess() {
308         if (fSecurityManager != null) {
309             fSecurityManager.checkSystemClipboardAccess();
310         }
311     }
312 
313     /* (non-Javadoc)
314      * @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object)
315      */
316     public boolean checkTopLevelWindow(Object   window) {
317         if (fSecurityManager != null) {
318             return fSecurityManager.checkTopLevelWindow(window);
319         }
320         return super.checkTopLevelWindow(window);
321     }
322 
323     /* (non-Javadoc)
324      * @see java.lang.SecurityManager#checkWrite(java.io.FileDescriptor)
325      */
326     public void checkWrite(FileDescriptor   fd) {
327         if (fSecurityManager != null) {
328             fSecurityManager.checkWrite(fd);
329         }
330     }
331 
332     /* (non-Javadoc)
333      * @see java.lang.SecurityManager#checkWrite(java.lang.String)
334      */
335     public void checkWrite(String   file) {
336         if (fSecurityManager != null) {
337             fSecurityManager.checkWrite(file);
338         }
339     }
340 
341     /**
342      * @see java.lang.SecurityManager#getInCheck()
343      * @deprecated
344      */
345     public boolean getInCheck() {
346         if (fSecurityManager != null) {
347             return fSecurityManager.getInCheck();
348         }
349         return super.getInCheck();
350     }
351 
352     /* (non-Javadoc)
353      * @see java.lang.SecurityManager#getSecurityContext()
354      */
355     public Object   getSecurityContext() {
356         if (fSecurityManager != null) {
357             return fSecurityManager.getSecurityContext();
358         }
359         return super.getSecurityContext();
360     }
361 
362     /* (non-Javadoc)
363      * @see java.lang.SecurityManager#getThreadGroup()
364      */
365     public ThreadGroup   getThreadGroup() {
366         if (fSecurityManager != null) {
367             fSecurityManager.getThreadGroup();
368         }
369         return super.getThreadGroup();
370     }
371 }
372
A to Z: JavaDoc & Examples Daily Java News & Articles Open Source Projects Open Source Codes Free Computer Books Remove Frame
Popular Tags