securitymanager.java

来自「gcc3.2.1源代码」· Java 代码 · 共 777 行 · 第 1/2 页

/* java.lang.SecurityManager
   Copyright (C) 1998, 1999, 2001 Free Software Foundation, Inc.

This file is part of GNU Classpath.

GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
 
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
General Public License for more details.

You should have received a copy of the GNU General Public License
along with GNU Classpath; see the file COPYING.  If not, write to the
Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
02111-1307 USA.

Linking this library statically or dynamically with other modules is
making a combined work based on this library.  Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.

As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module.  An independent module is a module which is not derived from
or based on this library.  If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so.  If you do not wish to do so, delete this
exception statement from your version. */


package java.lang;

import java.net.*;
import java.util.*;
import java.io.*;

/**
 ** SecurityManager is a class you can extend to create
 ** your own Java security policy.  By default, there is
 ** no SecurityManager installed in 1.1, which means that
 ** all things are permitted to all people.<P>
 **
 ** The default methods in this class deny all
 ** things to all people.
 **
 ** @author  John Keiser
 ** @version 1.1.0, 31 May 1998
 ** @since JDK1.0
 **/
public class SecurityManager {
	/** Tells whether or not the SecurityManager is currently
	 ** performing a security check.
	 **/
	protected boolean inCheck;

	/** Tells whether or not the SecurityManager is currently
	 ** performing a security check.
	 **
	 ** @return whether or not the SecurityManager is
	 **         currently performing a security check.
	 **/
	public boolean getInCheck() {
		return inCheck;
	}

	/** Get a list of all the classes currently executing
	 ** methods on the Java stack.  getClassContext()[0] is
	 ** the currently executing method
	 ** <STRONG>Spec Note:</STRONG> does not say whether
	 ** the stack will include the getClassContext() call or
	 ** the one just before it.
	 **
	 ** @return an array containing all the methods on classes
	 **         on the Java execution stack.
	 **/
	protected Class[] getClassContext() {
		return VMSecurityManager.getClassContext();
	}

	/** Find the ClassLoader for the most recent class on the
	 ** stack that was loaded by an explicit ClassLoader.  If
	 ** everything on the stack was loaded by the system
	 ** classloader, null is returned.
	 **
	 ** @return the most recent ClassLoader on the execution
	 **         stack.
	 **/
	protected ClassLoader currentClassLoader() {
		return VMSecurityManager.currentClassLoader();
	}

	/** Find the most recent class on the stack that was
	 ** loaded by an explicit ClassLoader.  If everything on
	 ** the stack was loaded by the system classloader, null
	 ** is returned.
	 **
	 ** @return the most recent loaded Class on the execution
	 **         stack.
	 **/
	protected Class currentLoadedClass() {
		Class[] c = getClassContext();
		for(int i=0;i<c.length;i++) {
			if(c[i].getClassLoader() != null) {
				return c[i];
			}
		}
		return null;
	}

	/** Get the depth on the execution stack of the most
	 ** recent class that was loaded by an explicit
	 ** ClassLoader.  This can be used as an index into
	 ** getClassContext().
	 **
	 ** @return the index of the most recent loaded Class on
	 **         the execution stack.
	 **/
	protected int classLoaderDepth() {
		Class[] c = getClassContext();
		for(int i=0;i<c.length;i++) {
			if(c[i].getClassLoader() != null) {
				return i;
			}
		}
		return -1;
	}

	/** Tell whether there is a class loaded with an explicit
	 ** ClassLoader on the stack.
	 **
	 ** @return whether there is a class loaded with an
	 **         explicit ClassLoader on the stack.
	 **/
	protected boolean inClassLoader() {
		return classLoaderDepth() != -1;
	}


	/** Get the depth of a particular class on the execution
	 ** stack.
	 **
	 ** @param className the fully-qualified name of the class
	 **        to search for on the stack.
	 ** @return the index of the class on the stack, or -1 if
	 **         the class is not on the stack.
	 **/
	protected int classDepth(String className) {
		Class[] c = getClassContext();
		for(int i=0;i<c.length;i++) {
			if(className.equals(c[i].getName())) {
				return i;
			}
		}
		return -1;
	}

	/** Tell whether the specified class is on the execution
	 ** stack.
	 **
	 ** @param className the fully-qualified name of the class
	 **        to search for on the stack.
	 ** @return whether the specified class is on the
	 **         execution stack.
	 **/
	protected boolean inClass(String className) {
		return classDepth(className) != -1;
	}

	/** Get an implementation-dependent Object that contains
	 ** enough information about the current environment to be
	 ** able to perform standard security checks later.  This
	 ** is used by trusted methods that need to verify that
	 ** their callers have sufficient access to perform
	 ** certain operations.<P>
	 **
	 ** Currently the only methods that use this are checkRead()
	 ** and checkConnect().
	 **
	 ** @see checkConnect(java.lang.String,int,java.lang.Object)
	 ** @see checkRead(java.lang.String,java.lang.Object)
	 **/
	public Object getSecurityContext() {
		return new SecurityContext(getClassContext());
	}

	/** Check if the current thread is allowed to create a
	 ** ClassLoader.<P>
	 **
	 ** This method is called from ClassLoader.ClassLoader(),
	 ** in other words, whenever a ClassLoader is created.<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.lang.ClassLoader#ClassLoader()
	 **/
	public void checkCreateClassLoader() {
		throw new SecurityException("Cannot create new ClassLoaders.");
	}

	/** Check if the current thread is allowed to modify this
	 ** other Thread.<P>
	 **
	 ** Called by Thread.stop(), suspend(), resume(), and
	 ** interrupt(), destroy(), setPriority(), setName() and
	 ** setDaemon().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param g the Thread to check against
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.lang.Thread#stop()
	 ** @see java.lang.Thread#suspend()
	 ** @see java.lang.Thread#resume()
	 ** @see java.lang.Thread#interrupt()
	 ** @see java.lang.Thread#destroy()
	 ** @see java.lang.Thread#setPriority(int)
	 ** @see java.lang.Thread#setName(java.lang.String)
	 ** @see java.lang.Thread#setDaemon(boolean)
	 **/
	public void checkAccess(Thread t) {
		throw new SecurityException("Cannot modify Threads.");
	}

	/** Check if the current thread is allowed to modify this
	 ** ThreadGroup.<P>
	 **
	 ** Called by Thread.Thread() (to add a thread to the
	 ** ThreadGroup), ThreadGroup.ThreadGroup() (to add this
	 ** ThreadGroup to a parent), ThreadGroup.stop(),
	 ** suspend(), resume(), interrupt(), destroy(),
	 ** setDaemon(), and setMaxPriority().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param g the ThreadGroup to check against
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.lang.Thread#Thread()
	 ** @see java.lang.ThreadGroup#ThreadGroup()
	 ** @see java.lang.ThreadGroup#stop()
	 ** @see java.lang.ThreadGroup#suspend()
	 ** @see java.lang.ThreadGroup#resume()
	 ** @see java.lang.ThreadGroup#interrupt()
	 ** @see java.lang.ThreadGroup#setDaemon(boolean)
	 ** @see java.lang.ThreadGroup#setMaxPriority(int)
	 **/
	public void checkAccess(ThreadGroup g) {
		throw new SecurityException("Cannot modify ThreadGroups.");
	}

	/** Check if the current thread is allowed to exit the
	 ** JVM with the given status.<P>
	 **
	 ** This method is called from Runtime.exit().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param status the status to exit with
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.lang.Runtime#exit()
	 ** @see java.lang.Runtime#exit(int)
	 **/
	public void checkExit(int status) {
		throw new SecurityException("Cannot exit JVM.");
	}

	/** Check if the current thread is allowed to execute the
	 ** given program.<P>
	 **
	 ** This method is called from Runtime.exec().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param program the name of the program to exec
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.lang.Runtime#exec(java.lang.String[],java.lang.String[])
	 **/
	public void checkExec(String program) {
		throw new SecurityException("Cannot execute programs.");
	}

	/** Check if the current thread is allowed to link in the
	 ** given native library.<P>
	 **
	 ** This method is called from Runtime.load() (and hence,
	 ** by loadLibrary() as well).<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param filename the full name of the library to load
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.lang.Runtime#load(java.lang.String)
	 **/
	public void checkLink(String filename) {
		throw new SecurityException("Cannot link native libraries.");
	}

	/** Check if the current thread is allowed to read the
	 ** given file using the FileDescriptor.<P>
	 **
	 ** This method is called from
	 ** FileInputStream.FileInputStream().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param desc the FileDescriptor representing the file
	 **        to access
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.io.FileInputStream#FileInputStream(java.io.FileDescriptor)
	 **/
	public void checkRead(FileDescriptor desc) {
		throw new SecurityException("Cannot read files via file descriptors.");
	}

	/** Check if the current thread is allowed to read the
	 ** given file.<P>
	 **
	 ** This method is called from
	 ** FileInputStream.FileInputStream(),
	 ** RandomAccessFile.RandomAccessFile(), File.exists(),
	 ** canRead(), isFile(), isDirectory(), lastModified(),
	 ** length() and list().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param filename the full name of the file to access
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.io.File
	 ** @see java.io.FileInputStream#FileInputStream(java.lang.String)
	 ** @see java.io.RandomAccessFile#RandomAccessFile(java.lang.String)
	 **/
	public void checkRead(String filename) {
		throw new SecurityException("Cannot read files via file names.");
	}

	/** Check if the current thread is allowed to read the
	 ** given file. using the given SecurityContext.<P>
	 **
	 ** I know of no core class that calls this method.<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param filename the full name of the file to access
	 ** @param securityContext the Security Context to
	 **        determine access for.
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 **/
	public void checkRead(String filename, Object securityContext) {
		throw new SecurityException("Cannot read files via file names.");
	}

	/** Check if the current thread is allowed to write to the
	 ** given file using the FileDescriptor.<P>
	 **
	 ** This method is called from
	 ** FileOutputStream.FileOutputStream().<P>
	 **
	 ** SecurityManager's implementation always denies access.
	 **
	 ** @param desc the FileDescriptor representing the file
	 **        to access
	 ** @exception SecurityException if the operation is not
	 **            permitted.
	 ** @see java.io.FileOutputStream#FileOutputStream(java.io.FileDescriptor)
	 **/
	public void checkWrite(FileDescriptor desc) {
		throw new SecurityException("Cannot write files via file descriptors.");
	}

	/** Check if the current thread is allowed to write to the
	 ** given file.<P>
	 **