securitymanager.java
来自「《移动Agent技术》一书的所有章节源代码。」· Java 代码 · 共 839 行 · 第 1/3 页
JAVA
839 行
/*
* @(#)SecurityManager.java 1.50 98/08/17
*
* Copyright 1995-1998 by Sun Microsystems, Inc.,
* 901 San Antonio Road, Palo Alto, California, 94303, U.S.A.
* All rights reserved.
*
* This software is the confidential and proprietary information
* of Sun Microsystems, Inc. ("Confidential Information"). You
* shall not disclose such Confidential Information and shall use
* it only in accordance with the terms of the license agreement
* you entered into with Sun.
*/
package java.lang;
import java.io.FileDescriptor;
import java.util.Hashtable;
import java.net.InetAddress;
import java.lang.reflect.Member;
/**
* The security manager is an abstract class that allows
* applications to implement a security policy. It allows an
* application to determine, before performing a possibly unsafe or
* sensitive operation, what the operation is and whether the
* operation is being performed by a class created via a class loader
* rather than installed locally. Classes loaded via a class loader
* (especially if they have been downloaded over a network) may be
* less trustworthy than classes from files installed locally. The
* application can allow or disallow the operation.
* <p>
* The <code>SecurityManager</code> class contains many methods with
* names that begin with the word <code>check</code>. These methods
* are called by various methods in the Java libraries before those
* methods perform certain potentially sensitive operations. The
* invocation of such a check method typically looks like this:
* <p><blockquote><pre>
* SecurityManager security = System.getSecurityManager();
* if (security != null) {
* security.check</code><i>XXX</i><code>(argument, . . . );
* }
* </pre></blockquote>
* <p>
* The security manager is thereby given an opportunity to prevent
* completion of the operation by throwing an exception. A security
* manager routine simply returns if the operation is permitted, but
* throws a <code>SecurityException</code> if the operation is not
* permitted. The only exception to this convention is
* <code>checkTopLevelWindow</code>, which returns a
* <code>boolean</code> value.
* <p>
* The current security manager is set by the
* <code>setSecurityManager</code> method in class
* <code>System</code>. The current security manager is obtained
* by the <code>getSecurityManager</code> method.
* <p>
* The default implementation of each of the
* <code>check</code><i>XXX</i> methods is to assume that the caller
* does <i>not</i> have permission to perform the requested operation.
*
* @author Arthur van Hoff
* @version 1.50, 08/17/98
* @see java.lang.ClassLoader
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkTopLevelWindow(java.lang.Object)
* @see java.lang.System#getSecurityManager()
* @see java.lang.System#setSecurityManager(java.lang.SecurityManager)
* @since JDK1.0
*/
public abstract
class SecurityManager {
/**
* This field is <code>true</code> if there is a security check in
* progress; <code>false</code> otherwise.
*
* @since JDK1.0
*/
protected boolean inCheck;
/*
* Have we been initialized. Effective against finalizer attacks.
*/
private boolean initialized = false;
/**
* Tests if there is a security check in progress.
*
* @return the value of the <code>inCheck</code> field. This field should
* contain <code>true</code> if a security check is in progress;
* <code>false</code> otherwise.
* @see java.lang.SecurityManager#inCheck
* @since JDK1.0
*/
public boolean getInCheck() {
return inCheck;
}
/**
* Constructs a new <code>SecurityManager</code>. An application is
* not allowed to create a new security manager if there is already a
* current security manager.
*
* @exception SecurityException if a security manager already exists.
* @see java.lang.System#getSecurityManager()
* @since JDK1.0
*/
protected SecurityManager() {
if (System.getSecurityManager() != null) {
throw new SecurityException("security manager already installed.");
}
initialized = true;
}
/**
* Returns the current execution stack as an array of classes.
* <p>
* The length of the array is the number of methods on the execution
* stack. The element at index <code>0</code> is the class of the
* currently executing method, the element at index <code>1</code> is
* the class of that method's caller, and so on.
*
* @return the execution stack.
* @since JDK1.0
*/
protected native Class[] getClassContext();
/**
* Returns an object describing the most recent class loader executing
* on the stack.
*
* @return the class loader of the most recent occurrence on the stack
* of a method from a class defined using a class loader;
* returns <code>null</code> if there is no occurrence on the
* stack of a method from a class defined using a class loader.
* @since JDK1.0
*/
protected native ClassLoader currentClassLoader();
/**
* Returns the current Class with a ClassLoader on the execution stack.
*
* @since JDK1.1
*/
protected Class currentLoadedClass() {
return currentLoadedClass0();
}
/**
* Returns the stack depth of the specified class.
*
* @param name the fully qualified name of the class to search for.
* @return the depth on the stack frame of the first occurrence of a
* method from a class with the specified name;
* <code>-1</code> if such a frame cannot be found.
* @since JDK1.0
*/
protected native int classDepth(String name);
/**
* Returns the stack depth of the most recently executing method
* from a class defined using a class loader.
*
* @return the depth on the stack frame of the most recent occurrence of a
* method from a class defined using a class loader; returns
* <code>-1</code> if there is no occurrence of a method from
* a class defined using a class loader.
* @since JDK1.0
*/
protected native int classLoaderDepth();
/**
* Tests if the specified String is in this Class.
*
* @param name the fully qualified name of the class.
* @return <code>true</code> if a method from a class with the specified
* name is on the execution stack; <code>false</code> otherwise.
* @since JDK1.0
*/
protected boolean inClass(String name) {
return classDepth(name) >= 0;
}
/**
* Tests if the current ClassLoader is equal to
* <code>null</code>.
*
* @return <code>true</code> if a method from a class defined using a
* class loader is on the execution stack.
* @since JDK1.0
*/
protected boolean inClassLoader() {
return currentClassLoader() != null;
}
/**
* Creates an object that encapsulates the current execution
* environment. The result of this method is used by the
* three-argument <code>checkConnect</code> method and by the
* two-argument <code>checkRead</code> method.
* <p>
* These methods are needed because a trusted method may be called
* on to read a file or open a socket on behalf of another method.
* The trusted method needs to determine if the other (possibly
* untrusted) method would be allowed to perform the operation on its
* own.
*
* @return an implementation-dependent object that encapsulates
* sufficient information about the current execution environment
* to perform some security checks later.
* @see java.lang.SecurityManager#checkConnect(java.lang.String, int, java.lang.Object)
* @see java.lang.SecurityManager#checkRead(java.lang.String, java.lang.Object)
* @since JDK1.0
*/
public Object getSecurityContext() {
return null;
}
/**
* Throws a <code>SecurityException</code> if the
* calling thread is not allowed to create a new class loader.
* <p>
* The <code>checkCreateClassLoader</code> method for class
* <code>SecurityManager</code> always throws a
* <code>SecurityException</code>.
*
* @exception SecurityException if the caller does not have permission
* to create a new class loader.
* @see java.lang.ClassLoader#ClassLoader()
* @since JDK1.0
*/
public void checkCreateClassLoader() {
throw new SecurityException();
}
/**
* Throws a <code>SecurityException</code> if the
* calling thread is not allowed to modify the thread argument.
* <p>
* This method is invoked for the current security manager by the
* <code>stop</code>, <code>suspend</code>, <code>resume</code>,
* <code>setPriority</code>, <code>setName</code>, and
* <code>setDaemon</code> methods of class <code>Thread</code>.
* <p>
* The <code>checkAccess</code> method for class
* <code>SecurityManager</code> always throws a
* <code>SecurityException</code>.
*
* @param g the thread to be checked.
* @exception SecurityException if the caller does not have permission
* to modify the thread.
* @see java.lang.System#getSecurityManager()
* @see java.lang.Thread#resume()
* @see java.lang.Thread#setDaemon(boolean)
* @see java.lang.Thread#setName(java.lang.String)
* @see java.lang.Thread#setPriority(int)
* @see java.lang.Thread#stop()
* @see java.lang.Thread#suspend()
* @since JDK1.0
*/
public void checkAccess(Thread g) {
throw new SecurityException();
}
/**
* Throws a <code>SecurityException</code> if the
* calling thread is not allowed to modify the thread group argument.
* <p>
* This method is invoked for the current security manager when a
* new child thread or child thread group is created, and by the
* <code>setDaemon</code>, <code>setMaxPriority</code>,
* <code>stop</code>, <code>suspend</code>, <code>resume</code>, and
* <code>destroy</code> methods of class <code>ThreadGroup</code>.
* <p>
* The <code>checkAccess</code> method for class
* <code>SecurityManager</code> always throws a
* <code>SecurityException</code>.
*
* @param g the thread group to be checked.
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?