项目:openjdk-jdk10
文件:JAXBContextWithLegacyFactory.java
public static void main(String[] args) throws JAXBException {
System.out.println("\nWithout security manager\n");
test(FactoryBase.class,FactoryBase.class);
test(Factory1.class,FactoryBase.class);
test(Factory2.class,Factory2.class);
System.out.println("\nWith security manager\n");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain,Permission permission) {
return true; // allow all
}
});
System.setSecurityManager(new SecurityManager());
test(FactoryBase.class,Factory2.class);
}
项目:openjdk-jdk10
文件:JAXBContextWithSubclassedFactory.java
public static void main(String[] args) throws JAXBException {
System.out.println("\nWithout security manager\n");
test(FactoryBase.class);
test(Factory1.class);
test(Factory2.class);
System.out.println("\nWith security manager\n");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain,Permission permission) {
return true; // allow all
}
});
System.setSecurityManager(new SecurityManager());
test(FactoryBase.class);
test(Factory1.class);
test(Factory2.class);
}
项目:openjdk-jdk10
文件:LogManagerAppContextDeadlock.java
static void setUp(TestCase test) {
switch (test) {
case SECURE:
if (policy == null && System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
} else if (policy == null) {
policy = new SimplePolicy(TestCase.SECURE,allowAll);
Policy.setPolicy(policy);
System.setSecurityManager(new SecurityManager());
}
if (System.getSecurityManager() == null) {
throw new IllegalStateException("No SecurityManager.");
}
if (policy == null) {
throw new IllegalStateException("policy not configured");
}
break;
case UNSECURE:
if (System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
}
break;
default:
new InternalError("No such testcase: " + test);
}
}
项目:tomcat7
文件:WebappClassLoaderBase.java
@Override
public boolean check(Permission permission) {
if (!Globals.IS_Security_ENABLED) {
return true;
}
Policy currentPolicy = Policy.getPolicy();
if (currentPolicy != null) {
ResourceEntry entry = findResourceInternal("/","/",false);
if (entry != null) {
CodeSource cs = new CodeSource(
entry.codeBase,(java.security.cert.Certificate[]) null);
PermissionCollection pc = currentPolicy.getPermissions(cs);
if (pc.implies(permission)) {
return true;
}
}
}
return false;
}
项目:guava-mock
文件:FinalizableReferenceQueueClassLoaderUnloadingTest.java
public void testUnloadableWithSecurityManager() throws Exception {
// Test that the use of a FinalizableReferenceQueue does not subsequently prevent the
// loader of that class from being garbage-collected even if there is a SecurityManager.
// The SecurityManager environment makes such leaks more likely because when you create
// a urlclassloader with a SecurityManager,the creating code's AccessControlContext is
// captured,and that references the creating code's ClassLoader.
Policy oldPolicy = Policy.getPolicy();
SecurityManager oldSecurityManager = System.getSecurityManager();
try {
Policy.setPolicy(new PermissivePolicy());
System.setSecurityManager(new SecurityManager());
doTestUnloadable();
} finally {
System.setSecurityManager(oldSecurityManager);
Policy.setPolicy(oldPolicy);
}
}
项目:guava-mock
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),new RuntimePermission("getClassLoader"),new RuntimePermission("setContextClassLoader"),// Permissions needed to change permissions!
new SecurityPermission("getPolicy"),new SecurityPermission("setPolicy"),new RuntimePermission("setSecurityManager"),// Permissions needed by the junit test harness
new RuntimePermission("accessDeclaredMembers"),new PropertyPermission("*","read"),new java.io.FilePermission("<<ALL FILES>>","read"));
}
public static void launch(TestCase test) {
switch(test) {
case WITHSecurity:
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain,Permission permission) {
return true;
}
});
System.setSecurityManager(new SecurityManager());
break;
case NOSecurity:
break;
default:
throw new InternalError("Unexpected enum: " + test);
}
try {
test(test.name(),".1",".child");
test(test.name(),".2","");
testUpdateConfiguration(test.name(),".3");
testSetPlatformlevel(test.name(),".4");
} catch (IOException io) {
throw new UncheckedioException(io);
}
}
public PolicySpiFile(Policy.Parameters params) {
if (params == null) {
pf = new PolicyFile();
} else {
if (!(params instanceof URIParameter)) {
throw new IllegalArgumentException
("Unrecognized policy parameter: " + params);
}
URIParameter uriParam = (URIParameter)params;
try {
pf = new PolicyFile(uriParam.getURI().toURL());
} catch (MalformedURLException mue) {
throw new IllegalArgumentException("Invalid URIParameter",mue);
}
}
}
/**
* Prints warning message if installed Policy is the default Policy
* implementation and globally granted permissions do not include
* AllPermission or any ExecPermissions/ExecoptionPermissions.
*/
static void checkConfiguration() {
Policy policy =
AccessController.doPrivileged(new PrivilegedAction<Policy>() {
public Policy run() {
return Policy.getPolicy();
}
});
if (!(policy instanceof PolicyFile)) {
return;
}
PermissionCollection perms = getExecPermissions();
for (Enumeration<Permission> e = perms.elements();
e.hasMoreElements();)
{
Permission p = e.nextElement();
if (p instanceof AllPermission ||
p instanceof ExecPermission ||
p instanceof ExecoptionPermission)
{
return;
}
}
System.err.println(getTextResource("rmid.exec.perms.inadequate"));
}
private static PermissionCollection getExecPermissions() {
/*
* The approach used here is taken from the similar method
* getLoaderAccessControlContext() in the class
* sun.rmi.server.LoaderHandler.
*/
// obtain permissions granted to all code in current policy
PermissionCollection perms = AccessController.doPrivileged(
new PrivilegedAction<PermissionCollection>() {
public PermissionCollection run() {
CodeSource codesource =
new CodeSource(null,(Certificate[]) null);
Policy p = Policy.getPolicy();
if (p != null) {
return p.getPermissions(codesource);
} else {
return new Permissions();
}
}
});
return perms;
}
项目:jerrydog
文件:StandardClassLoader.java
/**
* Get the Permissions for a CodeSource. If this instance
* of StandardClassLoader is for a web application context,* add read FilePermissions for the base directory (if unpacked),* the context URL,and jar file resources.
*
* @param CodeSource where the code was loaded from
* @return PermissionCollection for CodeSource
*/
protected final PermissionCollection getPermissions(CodeSource codeSource) {
if (!policy_refresh) {
// Refresh the security policies
Policy policy = Policy.getPolicy();
policy.refresh();
policy_refresh = true;
}
String codeUrl = codeSource.getLocation().toString();
PermissionCollection pc;
if ((pc = (PermissionCollection)loaderPC.get(codeUrl)) == null) {
pc = super.getPermissions(codeSource);
if (pc != null) {
Iterator perms = permissionList.iterator();
while (perms.hasNext()) {
Permission p = (Permission)perms.next();
pc.add(p);
}
loaderPC.put(codeUrl,pc);
}
}
return (pc);
}
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
项目:apache-tomcat-7.0.73-with-comment
文件:WebappClassLoaderBase.java
@Override
public boolean check(Permission permission) {
if (!Globals.IS_Security_ENABLED) {
return true;
}
Policy currentPolicy = Policy.getPolicy();
if (currentPolicy != null) {
ResourceEntry entry = findResourceInternal("/",(java.security.cert.Certificate[]) null);
PermissionCollection pc = currentPolicy.getPermissions(cs);
if (pc.implies(permission)) {
return true;
}
}
}
return false;
}
项目:jdk8u-jdk
文件:Activation.java
private static PermissionCollection getExecPermissions() {
/*
* The approach used here is taken from the similar method
* getLoaderAccessControlContext() in the class
* sun.rmi.server.LoaderHandler.
*/
// obtain permissions granted to all code in current policy
PermissionCollection perms = AccessController.doPrivileged(
new PrivilegedAction<PermissionCollection>() {
public PermissionCollection run() {
CodeSource codesource =
new CodeSource(null,(Certificate[]) null);
Policy p = Policy.getPolicy();
if (p != null) {
return p.getPermissions(codesource);
} else {
return new Permissions();
}
}
});
return perms;
}
项目:jdk8u-jdk
文件:ClassDeclaredFieldsTest.java
static void setUp(TestCase test) {
switch (test) {
case SECURE:
if (policy == null && System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
} else if (policy == null) {
policy = new SimplePolicy(TestCase.SECURE,allowAll);
Policy.setPolicy(policy);
System.setSecurityManager(new SecurityManager());
}
if (System.getSecurityManager() == null) {
throw new IllegalStateException("No SecurityManager.");
}
if (policy == null) {
throw new IllegalStateException("policy not configured");
}
break;
case UNSECURE:
if (System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
}
break;
default:
throw new InternalError("No such testcase: " + test);
}
}
项目:jdk8u-jdk
文件:TestLoggerBundleSync.java
/**
* This test will run both with and without a security manager.
*
* The test starts a number of threads that will attempt to concurrently
* set resource bundles on Logger,and verifies the consistency of the
* obtained results.
*
* This is a best effort test.
*
* @param args the command line arguments
*/
public static void main(String[] args) throws Exception {
try {
// test without security
System.out.println("No security");
test();
// test with security
System.out.println("\nWith security");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain,Permission permission) {
if (super.implies(domain,permission)) return true;
// System.out.println("Granting " + permission);
return true; // all permissions
}
});
System.setSecurityManager(new SecurityManager());
test();
} finally {
SetRB.executor.shutdownNow();
SetRBName.executor.shutdownNow();
}
}
项目:jdk8u-jdk
文件:XSLTExFuncTest.java
/**
* Security is enabled,extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
TransformerFactory factory = TransformerFactory.newInstance();
try {
transform(factory);
} catch (TransformerConfigurationException e) {
fail(e.getMessage());
} catch (TransformerException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
项目:jdk8u-jdk
文件:XPathExFuncTest.java
/**
* Security is enabled,extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
try {
evaluate(false);
} catch (XPathFactoryConfigurationException e) {
fail(e.getMessage());
} catch (XPathExpressionException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
项目:openjdk-jdk10
文件:TestSetResourceBundle.java
/**
* Test the LoggingPermission("control") is required.
* @param loggerName The logger to use.
*/
public static void testPermission(String loggerName) {
if (System.getSecurityManager() != null) {
throw new Error("Security manager is already set");
}
Policy.setPolicy(new SimplePolicy(TestCase.PERMISSION));
System.setSecurityManager(new SecurityManager());
final ResourceBundle bundle = ResourceBundle.getBundle(LIST_BUNDLE_NAME);
Logger foobar = Logger.getLogger(loggerName);
try {
foobar.setResourceBundle(bundle);
throw new RuntimeException("Permission not checked!");
} catch (AccessControlException x) {
if (x.getPermission() instanceof LoggingPermission) {
if ("control".equals(x.getPermission().getName())) {
System.out.println("Got expected exception: " + x);
return;
}
}
throw new RuntimeException("Unexpected exception: "+x,x);
}
}
项目:openjdk-jdk10
文件:XSLTExFuncTest.java
/**
* Security is enabled,extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
TransformerFactory factory = TransformerFactory.newInstance();
try {
transform(factory);
} catch (TransformerConfigurationException e) {
fail(e.getMessage());
} catch (TransformerException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
项目:openjdk-jdk10
文件:PolicySpiFile.java
public PolicySpiFile(Policy.Parameters params) {
if (params == null) {
pf = new PolicyFile();
} else {
if (!(params instanceof URIParameter)) {
throw new IllegalArgumentException
("Unrecognized policy parameter: " + params);
}
URIParameter uriParam = (URIParameter)params;
try {
pf = new PolicyFile(uriParam.getURI().toURL());
} catch (MalformedURLException mue) {
throw new IllegalArgumentException("Invalid URIParameter",mue);
}
}
}
项目:openjdk-jdk10
文件:Activation.java
private static PermissionCollection getExecPermissions() {
/*
* The approach used here is taken from the similar method
* getLoaderAccessControlContext() in the class
* sun.rmi.server.LoaderHandler.
*/
// obtain permissions granted to all code in current policy
PermissionCollection perms = AccessController.doPrivileged(
new PrivilegedAction<PermissionCollection>() {
public PermissionCollection run() {
CodeSource codesource =
new CodeSource(null,(Certificate[]) null);
Policy p = Policy.getPolicy();
if (p != null) {
return p.getPermissions(codesource);
} else {
return new Permissions();
}
}
});
return perms;
}
项目:openjdk-jdk10
文件:LookupTest.java
public static void main(String args[]) throws Exception {
String hostsFileName = CWD + "/LookupTestHosts";
System.setProperty("jdk.net.hosts.file",hostsFileName);
addMappingToHostsFile("allowedAndFound.com","127.0.0.1",hostsFileName,false);
addMappingToHostsFile("notAllowedButFound.com","99.99.99.99",true);
// name "notAllowedAndNotFound.com" is not in map
// name "allowedButNotfound.com" is not in map
Server server = new Server();
try {
Policy.setPolicy(new LookupTestPolicy());
System.setSecurityManager(new SecurityManager());
server.start();
test("http://allowedAndFound.com:" + port + "/foo",false,false);
test("http://notAllowedButFound.com:" + port + "/foo",true,false);
test("http://allowedButNotfound.com:" + port + "/foo",true);
test("http://notAllowedAndNotFound.com:" + port + "/foo",false);
} finally {
server.terminate();
}
}
项目:openjdk-jdk10
文件:XPathExFuncTest.java
/**
* Security is enabled,extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
try {
evaluate(false);
} catch (XPathFactoryConfigurationException e) {
fail(e.getMessage());
} catch (XPathExpressionException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
项目:openjdk-jdk10
文件:DefaultPolicy.java
public static void main(String[] args) throws Exception {
// Check policy with no java.security.policy property set
Policy p = Policy.getPolicy();
checkPolicy(p);
// Check policy with java.security.policy '=' option
System.setProperty("java.security.policy","Extra.policy");
p.refresh();
checkPolicy(p);
// Check policy with java.security.policy override '==' option
System.setProperty("java.security.policy","=Extra.policy");
p.refresh();
checkPolicy(p);
// Check Policy.getInstance
URI policyURI = Paths.get(System.getProperty("test.src"),"Extra.policy").toUri();
p = Policy.getInstance("JavaPolicy",new URIParameter(policyURI));
checkPolicy(p);
}
public static void main(String... args) throws Exception {
if (args.length > 0 && args[0].equals("sm")) {
PermissionCollection perms = new Permissions();
perms.add(new RuntimePermission("getStackWalkerWithClassReference"));
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain,Permission p) {
return perms.implies(p);
}
});
System.setSecurityManager(new SecurityManager());
}
new GetCallerClasstest(StackWalker.getInstance(),true).test();
new GetCallerClasstest(StackWalker.getInstance(RETAIN_CLASS_REFERENCE),false).test();
new GetCallerClasstest(StackWalker.getInstance(EnumSet.of(RETAIN_CLASS_REFERENCE,SHOW_HIDDEN_FRAMES)),false).test();
}
/**
* This test will run both with and without a security manager.
*
* The test starts a number of threads that will call
* LogManager.reset() concurrently (ResetConf),and a number of threads
* that will call readConfiguration() (ReadConf),and then starts a
* number of threads that will create new loggers concurrently
* (AddLogger),and finally two additional threads:
* - one (Stopper) that will stop the test after 4secs (TIME ms),* - and one DeadlockDetector that will attempt to detect deadlocks.
* If after 4secs no deadlock was detected and no exception was thrown
* then the test is considered a success and passes.
*
* This procedure is done twice: once without a security manager and once
* again with a security manager - which means the test takes ~8secs to
* run.
*
* Note that 8sec may not be enough to detect issues if there are some.
* This is a best effort test.
*
* @param args the command line arguments
* @throws java.lang.Exception if the test fails
*/
public static void main(String[] args) throws Exception {
File conf = new File(System.getProperty("test.src","./src"),TestConfigurationLock.class.getSimpleName() + ".properties");
if (!conf.canRead()) {
throw new IOException("Can't read config file: " + conf.getAbsolutePath());
}
System.setProperty("java.util.logging.config.file",conf.getAbsolutePath());
// test without security
System.out.println("No security");
test();
// test with security
System.out.println("\nWith security");
Policy.setPolicy(new Policy() {
@Override
public boolean implies(ProtectionDomain domain,Permission permission) {
if (super.implies(domain,permission)) return true;
// System.out.println("Granting " + permission);
return true; // all permissions
}
});
System.setSecurityManager(new SecurityManager());
test();
}
项目:openjdk-jdk10
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
static void setUp(TestCase test) {
switch (test) {
case SECURE:
if (policy == null && System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
} else if (policy == null) {
policy = new SimplePolicy(TestCase.SECURE,allowAll);
Policy.setPolicy(policy);
System.setSecurityManager(new SecurityManager());
}
if (System.getSecurityManager() == null) {
throw new IllegalStateException("No SecurityManager.");
}
if (policy == null) {
throw new IllegalStateException("policy not configured");
}
break;
case UNSECURE:
if (System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
}
break;
default:
new InternalError("No such testcase: " + test);
}
}
项目:openjdk-jdk10
文件:FieldSetAccessibleTest.java
static void setUp(TestCase test) {
switch (test) {
case SECURE:
if (policy == null && System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
} else if (policy == null) {
policy = new SimplePolicy(TestCase.SECURE,allowAll);
Policy.setPolicy(policy);
System.setSecurityManager(new SecurityManager());
}
if (System.getSecurityManager() == null) {
throw new IllegalStateException("No SecurityManager.");
}
if (policy == null) {
throw new IllegalStateException("policy not configured");
}
break;
case UNSECURE:
if (System.getSecurityManager() != null) {
throw new IllegalStateException("SecurityManager already set");
}
break;
default:
throw new InternalError("No such testcase: " + test);
}
}
项目:incubator-netbeans
文件:Main.java
/**
* Attempt to give the rest of NetBeans all the
* permissions. The jars besides the one containing this class
* don't have to be signed with this.
*/
final static void fixPolicy() {
if (Boolean.getBoolean("netbeans.jnlp.fixPolicy")) { // NOI18N
// Grant all the code all persmission
Policy.setPolicy(new RuntimePolicy());
// Replace the security manager by a fresh copy
// that does the delegation to the permissions system
// -- just to make sure that there is nothing left
// from the JWS
System.setSecurityManager(new SecurityManager());
}
}
/**
* Initializes SecurityManager for the environment
* Can only happen once!
* @param environment configuration for generating dynamic permissions
* @param filterBadDefaults true if we should filter out bad java defaults in the system policy.
*/
static void configure(Environment environment,boolean filterBadDefaults) throws IOException,NoSuchAlgorithmException {
// enable security policy: union of template and environment-based paths,and possibly plugin permissions
Policy.setPolicy(new ESPolicy(createPermissions(environment),getPluginPermissions(environment),filterBadDefaults));
// enable security manager
System.setSecurityManager(new SecureSM(new String[] { "org.elasticsearch.bootstrap.","org.elasticsearch.cli" }));
// do some basic tests
selftest();
}
项目:elasticsearch_my
文件:ESPolicy.java
@Override @SuppressForbidden(reason = "fast equals check is desired")
public boolean implies(ProtectionDomain domain,Permission permission) {
CodeSource codeSource = domain.getCodeSource();
// codesource can be null when reducing privileges via doPrivileged()
if (codeSource == null) {
return false;
}
URL location = codeSource.getLocation();
// location can be null... ??? nobody kNows
// https://bugs.openjdk.java.net/browse/JDK-8129972
if (location != null) {
// run scripts with limited permissions
if (BootstrapInfo.UNTRUSTED_CODEBASE.equals(location.getFile())) {
return untrusted.implies(domain,permission);
}
// check for an additional plugin permission: plugin policy is
// only consulted for its codesources.
Policy plugin = plugins.get(location.getFile());
if (plugin != null && plugin.implies(domain,permission)) {
return true;
}
}
// Special handling for broken Hadoop code: "let me execute or my classes will not load"
// yeah right,REMOVE THIS when hadoop is fixed
if (permission instanceof FilePermission && "<<ALL FILES>>".equals(permission.getName())) {
for (StackTraceElement element : Thread.currentThread().getStackTrace()) {
if ("org.apache.hadoop.util.Shell".equals(element.getClassName()) &&
"runcommand".equals(element.getmethodName())) {
// we found the horrible method: the hack begins!
// force the hadoop code to back down,by throwing an exception that it catches.
rethrow(new IOException("no hadoop,you cannot do this."));
}
}
}
// otherwise defer to template + dynamic file permissions
return template.implies(domain,permission) || dynamic.implies(permission) || system.implies(domain,permission);
}
项目:tomcat7
文件:WebappClassLoaderBase.java
/**
* Refresh the system policy file,to pick up eventual changes.
*/
protected void refreshPolicy() {
try {
// The policy file may have been modified to adjust
// permissions,so we're reloading it when loading or
// reloading a Context
Policy policy = Policy.getPolicy();
policy.refresh();
} catch (AccessControlException e) {
// Some policy files may restrict this,even for the core,// so this exception is ignored
}
}
项目:guava-mock
文件:FinalizableReferenceQueueClassLoaderUnloadingTest.java
public void testUnloadableInStaticFieldIfClosed() throws Exception {
Policy oldPolicy = Policy.getPolicy();
SecurityManager oldSecurityManager = System.getSecurityManager();
try {
Policy.setPolicy(new PermissivePolicy());
System.setSecurityManager(new SecurityManager());
WeakReference<ClassLoader> loaderRef = doTestUnloadableInStaticFieldIfClosed();
GcFinalization.awaitClear(loaderRef);
} finally {
System.setSecurityManager(oldSecurityManager);
Policy.setPolicy(oldPolicy);
}
}
项目:lams
文件:WebappClassLoader.java
/**
* Refresh the system policy file,to pick up eventual changes.
*/
protected void refreshPolicy() {
try {
// The policy file may have been modified to adjust
// permissions,so we're reloading it when loading or
// reloading a Context
Policy policy = Policy.getPolicy();
policy.refresh();
} catch (AccessControlException e) {
// Some policy files may restrict this,// so this exception is ignored
}
}
项目:openjdk-jdk10
文件:TestSetResourceBundle.java
/**
* Test with security manager.
* @param loggerName The logger to use.
* @throws Exception if the test fails.
*/
public static void testSecure(String loggerName) throws Exception {
if (System.getSecurityManager() != null) {
throw new Error("Security manager is already set");
}
Policy.setPolicy(new SimplePolicy(TestCase.SECURE));
System.setSecurityManager(new SecurityManager());
test(loggerName);
}
项目:openjdk-jdk10
文件:TestAppletLoggerContext.java
public static void init() {
SharedSecrets.setJavaAWTAccess(javaAwtAccess);
if (System.getProperty("test.security","on").equals("on")) {
Policy p = new SimplePolicy(new LoggingPermission("control",null),new RuntimePermission("shutdownHooks"));
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
}
}
项目:Elasticsearch
文件:ESPolicy.java
@Override @SuppressForbidden(reason = "fast equals check is desired")
public boolean implies(ProtectionDomain domain,Permission permission) {
CodeSource codeSource = domain.getCodeSource();
// codesource can be null when reducing privileges via doPrivileged()
if (codeSource == null) {
return false;
}
URL location = codeSource.getLocation();
// location can be null... ??? nobody kNows
// https://bugs.openjdk.java.net/browse/JDK-8129972
if (location != null) {
// run scripts with limited permissions
if (BootstrapInfo.UNTRUSTED_CODEBASE.equals(location.getFile())) {
return untrusted.implies(domain,permission)) {
return true;
}
}
// otherwise defer to template + dynamic file permissions
return template.implies(domain,permission);
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。