static PermissionCollection getRestrictedPermissions() {
Permissions perms = new Permissions();
// property/env access needed for parsing
perms.add(new PropertyPermission("*","read"));
perms.add(new RuntimePermission("getenv.TIKA_CONfig"));
// add permissions for resource access:
// classpath
addReadPermissions(perms,JarHell.parseClasspath());
// plugin jars
if (Tikaimpl.class.getClassLoader() instanceof urlclassloader) {
addReadPermissions(perms,((urlclassloader)Tikaimpl.class.getClassLoader()).getURLs());
}
// jvm's java.io.tmpdir (needs read/write)
perms.add(new FilePermission(System.getProperty("java.io.tmpdir") + System.getProperty("file.separator") + "-","read,readlink,write,delete"));
// current hacks needed for POI/PDFBox issues:
perms.add(new SecurityPermission("putProviderProperty.BC"));
perms.add(new SecurityPermission("insertProvider"));
perms.add(new ReflectPermission("suppressAccessChecks"));
// xmlbeans,use by POI,needs to get the context classloader
perms.add(new RuntimePermission("getClassLoader"));
perms.setReadOnly();
return perms;
}
项目:guava-mock
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),new RuntimePermission("getClassLoader"),new RuntimePermission("setContextClassLoader"),// Permissions needed to change permissions!
new SecurityPermission("getPolicy"),new SecurityPermission("setPolicy"),new RuntimePermission("setSecurityManager"),// Permissions needed by the junit test harness
new RuntimePermission("accessDeclaredMembers"),new PropertyPermission("*","read"),new java.io.FilePermission("<<ALL FILES>>","read"));
}
项目:openjdk-jdk10
文件:PermissionTest.java
public void setBasicPermissions() {
permissions.add(new SecurityPermission("getPolicy"));
permissions.add(new SecurityPermission("setPolicy"));
permissions.add(new RuntimePermission("getClassLoader"));
permissions.add(new RuntimePermission("setSecurityManager"));
permissions.add(new RuntimePermission("createSecurityManager"));
permissions.add(new PropertyPermission("testng.show.stack.frames","read"));
permissions.add(new PropertyPermission("user.dir","read"));
permissions.add(new PropertyPermission("test.src","read"));
permissions.add(new PropertyPermission("file.separator","read"));
permissions.add(new PropertyPermission("line.separator","read"));
permissions.add(new PropertyPermission("fileStringBuffer","read"));
permissions.add(new PropertyPermission("dataproviderthreadcount","read"));
permissions.add(new FilePermission("<<ALL FILES>>","execute"));
}
项目:openjdk-jdk10
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
项目:openjdk9
文件:PermissionTest.java
public void setBasicPermissions() {
permissions.add(new SecurityPermission("getPolicy"));
permissions.add(new SecurityPermission("setPolicy"));
permissions.add(new RuntimePermission("getClassLoader"));
permissions.add(new RuntimePermission("setSecurityManager"));
permissions.add(new RuntimePermission("createSecurityManager"));
permissions.add(new PropertyPermission("testng.show.stack.frames","execute"));
}
项目:openjdk9
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
项目:VoltDB
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
项目:guava-libraries
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),"read"));
}
项目:streamsupport
文件:JSR166TestCase.java
/**
* Returns a policy containing all the permissions we ever need.
*/
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(new RuntimePermission("modifyThread"),// new RuntimePermission("modifyThreadGroup"),// new RuntimePermission("enableContextClassLoaderOverride"),// Permissions needed to change permissions!
new SecurityPermission("getPolicy"),// Permissions needed by the junit test harness
new RuntimePermission("accessDeclaredMembers"),"read"));
}
protected boolean checkSecurityPermission(SecurityPermission perm) {
String name = perm.getName();
if (name.equals("getDomainCombiner") || name.equals("getPolicy")
|| name.equals("printIdentity") || name.equals("getSignerPrivateKey")
|| name.startsWith("getProperty.")) {
return true;
}
/*
* this seems needed when analyzing classpath,but not fully sure of its consequences
*/
if (name.startsWith("putProviderProperty.")) {
return true;
}
/*
* createAccessControlContext setPolicy createPolicy.{policy type} setProperty.{key} insertProvider.{provider name} removeProvider.{provider
* name} setSystemScope setIdentityPublicKey setIdentityInfo addIdentityCertificate removeIdentityCertificate
* clearProviderProperties.{provider name} putProviderProperty.{provider name} removeProviderProperty.{provider name} setSignerKeyPair
*/
return false;
}
/**
* @tests java.security.Permission#checkGuard(java.lang.Object)
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,notes = "",method = "checkGuard",args = {java.lang.Object.class}
)
public void test_checkGuardLjava_lang_Object() {
// test method java.security.permission.checkGuard(object)
SecurityPermission permi = new SecurityPermission(
"Testing the permission abstract class");
String name = permi.getName();
try {
permi.checkGuard(name);
} catch (SecurityException e) {
fail("security not granted when it is suppose to be : " + e);
}
}
/**
* @tests java.security.Permission#getName()
*/
@TestTargetNew(
level = TestLevel.COMPLETE,method = "getName",args = {}
)
public void test_getName() {
// test method java.security.permission.getName()
SecurityPermission permi = new SecurityPermission("testing getName()");
String name = permi.getName();
assertEquals("getName Failed to obtain the correct name","testing getName()",name);
SecurityPermission permi2 = new SecurityPermission("93048Helloworld");
assertEquals("getName Failed to obtain correct name","93048Helloworld",permi2.getName());
}
/**
* Asserts codeBase property expansion in policy file
*
* @param codeSourceURL -
* code source for policy object
* @param codeBaseURL -
* system propery value for expansion in policy file
*/
private void assertCodeBasePropertyExpansion(String codeSourceURL,String codeBaseURL) throws Exception {
Policy.setPolicy(null); // reset policy
System.setProperty("test.bin.dir",codeBaseURL);
Policy p = Policy.getPolicy();
CodeSource codeSource = new CodeSource(
new URL("file:" + codeSourceURL),(java.security.cert.Certificate[]) null);
PermissionCollection pCollection = p.getPermissions(codeSource);
Enumeration<Permission> elements = pCollection.elements();
SecurityPermission perm = new SecurityPermission(
"codeBaseForPolicyTest");
while (elements.hasMoreElements()) {
if (elements.nextElement().equals(perm)) {
return; // passed
}
}
fail("Failed to find SecurityPermission for codeSource="
+ codeSourceURL + ",codeBase=" + codeBaseURL);
}
/**
* @tests java.security.AllPermission#implies(java.security.Permission)
*/
@TestTargetNew(
level = TestLevel.COMPLETE,method = "implies",args = {java.security.Permission.class}
)
public void test_impliesLjava_security_Permission() {
// Test for method boolean
// java.security.AllPermission.implies(java.security.Permission)
assertTrue("AllPermission does not imply a AllPermission.",new AllPermission().implies(new AllPermission()));
assertTrue("AllPermission does not imply a SecurityPermission.",new AllPermission().implies(new SecurityPermission("ugh!")));
assertTrue("SecurityPermission implies AllPermission.",!(new SecurityPermission("ugh!").implies(new AllPermission())));
assertTrue("AllPermission does not imply when parametr NULL",new AllPermission().implies(null));
}
/**
* Tests that Classloader.defineClass() assigns appropriate
* default domains to the defined classes.
*/
public void test_defineClass_defaultDomain() throws Exception {
// Regression for HARMONY-765
DynamicPolicy plc = new DynamicPolicy();
Policy back = Policy.getPolicy();
try {
Policy.setPolicy(plc);
Class<?> a = new Ldr().define();
Permission p = new SecurityPermission("abc");
assertFalse("impossible! misconfiguration?",a.getProtectionDomain().implies(p));
plc.pc = p.newPermissionCollection();
plc.pc.add(p);
assertTrue("default domain is not dynamic",a.getProtectionDomain().implies(p));
} finally {
Policy.setPolicy(back);
}
}
@Override
public void checkPermission(Permission perm) {
if (perm.equals(new RuntimePermission("createSecurityManager")) ||
// perm.equals(new AWTPermission("accessEventQueue")) ||
perm.equals(new RuntimePermission("createClassLoader")) ||
perm.equals(new FilePermission(deletedFile,"delete")) ||
perm.equals(new FilePermission(readedFile,"read")) ||
perm.equals(new PropertyPermission("*",write")) ||
perm.equals(new PropertyPermission("key","read")) ||
perm.equals(new SecurityPermission("getPolicy")) ||
// perm.equals(new AWTPermission("accessClipboard")) ||
perm.equals(new FilePermission(writedFile,"write"))) {
throw
new SecurityException("Unable to create Security Manager");
}
}
/**
* @tests java.security.PermissionCollection#isReadOnly()
*/
@TestTargetNew(
level = TestLevel.COMPLETE,method = "isReadOnly",args = {}
)
public void test_isReadOnly() {
// test java.security.permissionCollection.isReadOnly()
SecurityPermission permi = new SecurityPermission(
"testing permissionCollection-isREadOnly");
PermissionCollection permCollect = permi.newPermissionCollection();
assertTrue("readOnly has not been set,but isReadOnly returned true",!permCollect.isReadOnly());
permCollect.setReadOnly();
assertTrue("readOnly is set,but isReadonly returned false",permCollect.isReadOnly());
}
/**
* @tests java.security.PermissionCollection#setReadOnly()
*/
@TestTargetNew(
level = TestLevel.COMPLETE,method = "setReadOnly",args = {}
)
public void test_setReadOnly() {
// test java.security.permissionCollection.setReadOnly()
SecurityPermission permi = new SecurityPermission(
"testing permissionCollection-setReadOnly");
PermissionCollection permCollect = permi.newPermissionCollection();
assertTrue("readOnly has not been set,permCollect.isReadOnly());
}
项目:guava
文件:JSR166TestCase.java
/** Returns a policy containing all the permissions we ever need. */
public static Policy permissivePolicy() {
return new adjustablePolicy
// Permissions j.u.c. needs directly
(
new RuntimePermission("modifyThread"),// Permissions needed to change permissions!
new SecurityPermission("getPolicy"),// Permissions needed by the junit test harness
new RuntimePermission("accessDeclaredMembers"),"read"));
}
项目:cn1
文件:PolicyTest.java
/**
* @tests java.security.Policy#setPolicy(java.security.Policy)
*/
public void test_setPolicyLjava_security_Policy() {
SecurityManager old = System.getSecurityManager();
Policy oldPolicy = Policy.getPolicy();
try {
SecurityChecker checker = new SecurityChecker(
new SecurityPermission("setPolicy"),true);
System.setSecurityManager(checker);
Policy custom = new TestProvider();
Policy.setPolicy(custom);
assertTrue(checker.checkAsserted);
assertSame(custom,Policy.getPolicy());
checker.reset();
checker.enableAccess = false;
try {
Policy.setPolicy(new TestProvider());
fail("SecurityException is intercepted");
} catch (SecurityException ok) {
}
} finally {
System.setSecurityManager(old);
Policy.setPolicy(oldPolicy);
}
}
项目:cn1
文件:PolicyTest.java
/**
* @tests java.security.Policy#getPolicy()
*/
public void test_getPolicy() {
SecurityManager old = System.getSecurityManager();
Policy oldPolicy = Policy.getPolicy();
try {
Policy.setPolicy(new TestProvider());
SecurityChecker checker = new SecurityChecker(
new SecurityPermission("getPolicy"),true);
System.setSecurityManager(checker);
Policy.getPolicy();
assertTrue(checker.checkAsserted);
checker.reset();
checker.enableAccess = false;
try {
Policy.getPolicy();
fail("SecurityException is intercepted");
} catch (SecurityException ok) {
}
} finally {
System.setSecurityManager(old);
Policy.setPolicy(oldPolicy);
}
}
项目:cn1
文件:PolicyTest.java
/**
* Asserts codeBase property expansion in policy file
*
* @param codeSourceURL -
* code source for policy object
* @param codeBaseURL -
* system propery value for expansion in policy file
*/
private void assertCodeBasePropertyExpansion(String codeSourceURL,String codeBaseURL) throws Exception {
Policy.setPolicy(null); //reset policy
System.setProperty("test.bin.dir",codeBase=" + codeBaseURL);
}
项目:cn1
文件:DefaultPolicyTest.java
/**
* Tests that policy is really resetted on refresh().
*/
public void testRefresh() {
Permission sp = new SecurityPermission("sdf");
PolicyEntry[] pe = new PolicyEntry[] { new PolicyEntry(null,null,Arrays.asList(new Permission[] { sp })) };
TestParser tp = new TestParser(pe);
DefaultPolicy policy = new DefaultPolicy(tp);
CodeSource cs = new CodeSource(null,(Certificate[])null);
assertTrue(policy.getPermissions(cs).implies(sp));
tp.content = new PolicyEntry[0];
policy.refresh();
assertFalse(policy.getPermissions(cs).implies(sp));
tp.content = null;
policy.refresh();
assertFalse(policy.getPermissions(cs).implies(sp));
}
项目:cn1
文件:PolicyUtilsTest.java
/** Tests conversion of null,empty and non-empty heterogeneous collections. */
public void testToPermissionCollection() {
Permission p1 = new SecurityPermission("abc");
Permission p2 = new AllPermission();
Collection c1 = Arrays.asList(new Permission[] { p1,p2,});
PermissionCollection pc = PolicyUtils.toPermissionCollection(null);
assertNotNull(pc);
assertFalse(pc.elements().hasMoreElements());
pc = PolicyUtils.toPermissionCollection(new HashSet());
assertNotNull(pc);
assertFalse(pc.elements().hasMoreElements());
pc = PolicyUtils.toPermissionCollection(c1);
assertNotNull(pc);
Enumeration en = pc.elements();
Collection c2 = new HashSet();
c2.add(en.nextElement());
c2.add(en.nextElement());
assertFalse(en.hasMoreElements());
assertTrue(c2.contains(p1));
assertTrue(c2.contains(p2));
}
/**
* Tests that implies() does proper permission evaluation.
*/
public void testImplies() {
TestProvider policy = new TestProvider();
SecurityPermission sp = new SecurityPermission("abc");
policy.pc = sp.newPermissionCollection();
policy.pc.add(sp);
assertTrue(policy.implies(new ProtectionDomain(null,null),sp));
assertFalse(policy.implies(null,sp));
assertFalse(policy.implies(new ProtectionDomain(null,null));
//RI throws NullPointerException.
try {
policy.implies(null,null);
fail("should throw NullPointerException");
} catch (NullPointerException e) {
// expected.
}
ProtectionDomain pd = new ProtectionDomain(null,policy.pc);
policy.pc = null;
assertTrue(policy.implies(pd,sp));
assertFalse(policy.implies(pd,new AllPermission()));
}
项目:cn1
文件:ClassLoaderTest.java
/**
* Tests that Classloader.defineClass() assigns appropriate
* default domains to the defined classes.
*/
public void test_defineClass_defaultDomain() throws Exception {
// Regression for HARMONY-765
DynamicPolicy plc = new DynamicPolicy();
Policy back = Policy.getPolicy();
try {
Policy.setPolicy(plc);
Class<?> a = new Ldr().define();
Permission p = new SecurityPermission("abc");
assertFalse("impossible! misconfiguration?",a.getProtectionDomain().implies(p));
} finally {
Policy.setPolicy(back);
}
}
项目:freeVM
文件:PolicyTest.java
/**
* @tests java.security.Policy#setPolicy(java.security.Policy)
*/
public void test_setPolicyLjava_security_Policy() {
SecurityManager old = System.getSecurityManager();
Policy oldPolicy = Policy.getPolicy();
try {
SecurityChecker checker = new SecurityChecker(
new SecurityPermission("setPolicy"),Policy.getPolicy());
checker.reset();
checker.enableAccess = false;
try {
Policy.setPolicy(new TestProvider());
fail("SecurityException is intercepted");
} catch (SecurityException ok) {
}
} finally {
System.setSecurityManager(old);
Policy.setPolicy(oldPolicy);
}
}
项目:freeVM
文件:PolicyTest.java
/**
* @tests java.security.Policy#getPolicy()
*/
public void test_getPolicy() {
SecurityManager old = System.getSecurityManager();
Policy oldPolicy = Policy.getPolicy();
try {
Policy.setPolicy(new TestProvider());
SecurityChecker checker = new SecurityChecker(
new SecurityPermission("getPolicy"),true);
System.setSecurityManager(checker);
Policy.getPolicy();
assertTrue(checker.checkAsserted);
checker.reset();
checker.enableAccess = false;
try {
Policy.getPolicy();
fail("SecurityException is intercepted");
} catch (SecurityException ok) {
}
} finally {
System.setSecurityManager(old);
Policy.setPolicy(oldPolicy);
}
}
项目:freeVM
文件:PolicyTest.java
项目:freeVM
文件:DefaultPolicyTest.java
/**
* Tests that policy is really resetted on refresh().
*/
public void testRefresh() {
Permission sp = new SecurityPermission("sdf");
PolicyEntry[] pe = new PolicyEntry[] { new PolicyEntry(null,(Certificate[])null);
assertTrue(policy.getPermissions(cs).implies(sp));
tp.content = new PolicyEntry[0];
policy.refresh();
assertFalse(policy.getPermissions(cs).implies(sp));
tp.content = null;
policy.refresh();
assertFalse(policy.getPermissions(cs).implies(sp));
}
项目:freeVM
文件:PolicyUtilsTest.java
/** Tests conversion of null,});
PermissionCollection pc = PolicyUtils.toPermissionCollection(null);
assertNotNull(pc);
assertFalse(pc.elements().hasMoreElements());
pc = PolicyUtils.toPermissionCollection(new HashSet());
assertNotNull(pc);
assertFalse(pc.elements().hasMoreElements());
pc = PolicyUtils.toPermissionCollection(c1);
assertNotNull(pc);
Enumeration en = pc.elements();
Collection c2 = new HashSet();
c2.add(en.nextElement());
c2.add(en.nextElement());
assertFalse(en.hasMoreElements());
assertTrue(c2.contains(p1));
assertTrue(c2.contains(p2));
}
/**
* Tests that implies() does proper permission evaluation.
*/
public void testImplies() {
TestProvider policy = new TestProvider();
SecurityPermission sp = new SecurityPermission("abc");
policy.pc = sp.newPermissionCollection();
policy.pc.add(sp);
assertTrue(policy.implies(new ProtectionDomain(null,null));
assertFalse(policy.implies(null,null));
ProtectionDomain pd = new ProtectionDomain(null,new AllPermission()));
}
项目:freeVM
文件:ClassLoaderTest.java
/**
* Tests that Classloader.defineClass() assigns appropriate
* default domains to the defined classes.
*/
public void test_defineClass_defaultDomain() throws Exception {
// Regression for HARMONY-765
DynamicPolicy plc = new DynamicPolicy();
Policy back = Policy.getPolicy();
try {
Policy.setPolicy(plc);
Class<?> a = new Ldr().define();
Permission p = new SecurityPermission("abc");
assertFalse("impossible! misconfiguration?",a.getProtectionDomain().implies(p));
} finally {
Policy.setPolicy(back);
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 [email protected] 举报,一经查实,本站将立刻删除。