SecurityManager.java (getSecurityContext, [...]): Merge with Classpath.

2006-08-07 Gary Benson <gbenson@redhat.com> Casey Marshall <csm@gnu.org> * java/lang/SecurityManager.java (getSecurityContext, checkPermission, checkAccess, checkRead, checkConnect, checkPackageAccess, checkPackageDefinition, checkPackageList): Merge with Classpath. (SecurityContext): Remove. Co-Authored-By: Casey Marshall <csm@gnu.org> From-SVN: r115998
2006-08-07 14:42:48 +00:00 · 2006-08-07 14:42:48 +00:00 · da0f033486
commit da0f033486
parent e79e0270c0
2 changed files with 62 additions and 60 deletions
--- a/libjava/ChangeLog
+++ b/libjava/ChangeLog
@ -1,3 +1,12 @@
 2006-08-07  Gary Benson  <gbenson@redhat.com>
 	    Casey Marshall <csm@gnu.org>
 	* java/lang/SecurityManager.java (getSecurityContext,
 	checkPermission, checkAccess, checkRead, checkConnect,
 	checkPackageAccess, checkPackageDefinition, checkPackageList):
 	Merge with Classpath.
 	(SecurityContext): Remove.
 2006-08-07  Gary Benson  <gbenson@redhat.com>
 	* java/security/VMAccessController.java (pushContext, popContext,
--- a/libjava/java/lang/SecurityManager.java
+++ b/libjava/java/lang/SecurityManager.java
@ -1,5 +1,6 @@
 /* SecurityManager.java -- security checks for privileged actions
-   Copyright (C) 1998, 1999, 2001, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2001, 2002, 2005, 2006
   Free Software Foundation, Inc.
 This file is part of GNU Classpath.
@ -45,11 +46,15 @@ import java.io.FilePermission;
 import java.lang.reflect.Member;
 import java.net.InetAddress;
 import java.net.SocketPermission;
 import java.security.AccessController;
 import java.security.AccessControlContext;
 import java.security.AllPermission;
 import java.security.Permission;
 import java.security.PrivilegedAction;
 import java.security.Security;
 import java.security.SecurityPermission;
 import java.util.PropertyPermission;
 import java.util.StringTokenizer;
 /**
 * SecurityManager is a class you can extend to create your own Java
@ -315,8 +320,7 @@ public class SecurityManager
   */
  public Object getSecurityContext()
  {
-    // XXX Should be: return AccessController.getContext();
+    return AccessController.getContext();
    return new SecurityContext(getClassContext());
  }
  /**
@ -331,8 +335,7 @@ public class SecurityManager
   */
  public void checkPermission(Permission perm)
  {
-    // XXX Should be: AccessController.checkPermission(perm);
+    AccessController.checkPermission(perm);
    //.throw new SecurityException("Operation not allowed");
  }
  /**
@ -353,11 +356,9 @@ public class SecurityManager
   */
  public void checkPermission(Permission perm, Object context)
  {
-    // XXX Should be:
+    if (! (context instanceof AccessControlContext))
-    // if (! (context instanceof AccessControlContext))
+      throw new SecurityException("Missing context");
-    //   throw new SecurityException("Missing context");
+    ((AccessControlContext) context).checkPermission(perm);
    // ((AccessControlContext) context).checkPermission(perm);
    throw new SecurityException("Operation not allowed");
  }
  /**
@ -402,7 +403,7 @@ public class SecurityManager
  public void checkAccess(Thread thread)
  {
    if (thread.getThreadGroup() != null 
-	&& thread.getThreadGroup().getParent() != null)
+	&& thread.getThreadGroup().getParent() == null)
      checkPermission(new RuntimePermission("modifyThread"));
  }
@ -435,7 +436,7 @@ public class SecurityManager
   */
  public void checkAccess(ThreadGroup g)
  {
-    if (g.getParent() != null)
+    if (g.getParent() == null)
      checkPermission(new RuntimePermission("modifyThreadGroup"));
  }
@ -556,12 +557,10 @@ public class SecurityManager
   */
  public void checkRead(String filename, Object context)
  {
-    // XXX Should be:
+    if (! (context instanceof AccessControlContext))
-    // if (! (context instanceof AccessControlContext))
+      throw new SecurityException("Missing context");
-    //   throw new SecurityException("Missing context");
+    AccessControlContext ac = (AccessControlContext) context;
-    // AccessControlContext ac = (AccessControlContext) context;
+    ac.checkPermission(new FilePermission(filename, "read"));
    // ac.checkPermission(new FilePermission(filename, "read"));
    // throw new SecurityException("Cannot read files via file names.");
  }
  /**
@ -675,17 +674,15 @@ public class SecurityManager
   */
  public void checkConnect(String host, int port, Object context)
  {
-    // XXX Should be:
+    if (! (context instanceof AccessControlContext))
-    // if (! (context instanceof AccessControlContext))
+      throw new SecurityException("Missing context");
-    //   throw new SecurityException("Missing context");
+    AccessControlContext ac = (AccessControlContext) context;
-    // AccessControlContext ac = (AccessControlContext) context;
+    if (port == -1)
-    // if (port == -1)
+      ac.checkPermission(new SocketPermission(host, "resolve"));
-    //   ac.checkPermission(new SocketPermission(host, "resolve"));
+    else
-    // else
+      // Use the toString() hack to do the null check.
-    //   // Use the toString() hack to do the null check.
+      ac.checkPermission(new SocketPermission(host.toString() + ":" + port,
-    //   ac.checkPermission(new SocketPermission(host.toString + ":" +port,
+                                              "connect"));
    //                                           "connect"));
    // throw new SecurityException("Cannot make network connections.");
  }
  /**
@ -902,7 +899,7 @@ public class SecurityManager
   */
  public void checkPackageAccess(String packageName)
  {
-    checkPackageList(packageName, "access", "accessClassInPackage.");
+    checkPackageList(packageName, "package.access", "accessClassInPackage.");
  }
  /**
@ -924,7 +921,7 @@ public class SecurityManager
   */
  public void checkPackageDefinition(String packageName)
  {
-    checkPackageList(packageName, "definition", "defineClassInPackage.");
+    checkPackageList(packageName, "package.definition", "defineClassInPackage.");
  }
  /**
@ -1027,38 +1024,34 @@ public class SecurityManager
   * @see #checkPackageAccess(String)
   * @see #checkPackageDefinition(String)
   */
-  void checkPackageList(String packageName, String restriction,
+  void checkPackageList(String packageName, final String restriction,
                        String permission)
  {
-    // Use the toString() hack to do the null check.
+    if (packageName == null)
-    Permission p = new RuntimePermission(permission + packageName.toString());
+      throw new NullPointerException();
-    String list = Security.getProperty("package." + restriction);
+
-    if (list == null)
+    String list = (String)AccessController.doPrivileged(new PrivilegedAction()
      return;
    while (! "".equals(packageName))
      {
-        for (int index = list.indexOf(packageName);
+	public Object run()
-             index != -1; index = list.indexOf(packageName, index + 1))
+        {
-          {
+	  return Security.getProperty(restriction);
-            // Exploit package visibility for speed.
+	}
-	    int packageNameCount = packageName.length();
+      });
-            if (index + packageNameCount == list.length()
+
-                || list.charAt(index + packageNameCount) == ',')
+    if (list == null || list.equals(""))
-              {
+      return;
-                checkPermission(p);
+
-                return;
+    String packageNamePlusDot = packageName + ".";
-              }
+
-          }
+    StringTokenizer st = new StringTokenizer(list, ",");
-        int index = packageName.lastIndexOf('.');
+    while (st.hasMoreTokens())
-        packageName = index < 0 ? "" : packageName.substring(0, index);
+      {
 	if (packageNamePlusDot.startsWith(st.nextToken()))
 	  {
 	    Permission p = new RuntimePermission(permission + packageName);
 	    checkPermission(p);
 	    return;
 	  }
      }
  }
 } // class SecurityManager
 // XXX This class is unnecessary.
 class SecurityContext {
 	Class[] classes;
 	SecurityContext(Class[] classes) {
 		this.classes = classes;
 	}
 }