Examples of java.util.PropertyPermission

java.util.PropertyPermission
This class is for property permissions.
The name is the name of the property ("java.home", "os.name", etc). The naming convention follows the hierarchical property naming convention. Also, an asterisk may appear at the end of the name, following a ".", or by itself, to signify a wildcard match. For example: "java.*" or "*" is valid, "*java" or "a*b" is not valid.

The actions to be granted are passed to the constructor in a string containing a list of zero or more comma-separated keywords. The possible keywords are "read" and "write". Their meaning is defined as follows:

read
read permission. Allows System.getProperty to be called.
write
write permission. Allows System.setProperty to be called.

The actions string is converted to lowercase before processing.
Care should be taken before granting code permission to access certain system properties. For example, granting permission to access the "java.home" system property gives potentially malevolent code sensitive information about the system environment (the Java installation directory). Also, granting permission to access the "user.name" and "user.home" system properties gives potentially malevolent code sensitive information about the user environment (the user's account name and home directory). @see java.security.BasicPermission @see java.security.Permission @see java.security.Permissions @see java.security.PermissionCollection @see java.lang.SecurityManager @version 1.35 06/04/21 @author Roland Schemers @since 1.2 @serial exclude

     * @com.intel.drl.spec_ref
     */
    public static String clearProperty(String key){
        SecurityManager sm = securityManager;
        if (sm != null) {
            sm.checkPermission(new PropertyPermission(key, "write"));
        } else if (key.length() == 0) {
            throw new IllegalArgumentException("key is empty");
        }
        Properties props = getPropertiesUnsecure();
        return (String)props.remove(key);

View Full Code Here

        if (key.length() == 0) {
            throw new IllegalArgumentException("key is empty");
        }
        SecurityManager sm = securityManager;
        if (sm != null) {
            sm.checkPermission(new PropertyPermission(key, "write"));
        }
        Properties props = getPropertiesUnsecure();
        return (String)props.setProperty(key, value);
    }

View Full Code Here

     */
    public void run() throws Exception {
        Class testClass = Class.class;
        Principal testPrin = new FakePrincipal();
        Permission[] testPerm = new Permission[] {
            new PropertyPermission("*", "read") };
        Subject testSubj = new Subject();
        testSubj.getPrincipals().add(testPrin);
        Policy[] testPolicy = new Policy[] {
            new BasePolicyProvider(),
            new DynamicPolicyProviderThrowingUOE(),

View Full Code Here

  }


  private Permissions getPermissions() {
    final Permissions ps = new Permissions();
    ps.add(new AWTPermission("accessEventQueue"));
    ps.add(new PropertyPermission("user.home", "read"));
    ps.add(new PropertyPermission("java.vendor", "read"));
    ps.add(new PropertyPermission("java.version", "read"));
    ps.add(new PropertyPermission("os.name", "read"));
    ps.add(new PropertyPermission("os.arch", "read"));
    ps.add(new PropertyPermission("os.version", "read"));
    ps.add(new SocketPermission("*", "connect,resolve"));
    String uDir = System.getProperty("user.home");
    if (uDir != null) {
      uDir += "/";
    } else {

View Full Code Here

  }


  private Permissions getPermissions() {
    final Permissions ps = new Permissions();
    ps.add(new AWTPermission("accessEventQueue"));
    ps.add(new PropertyPermission("user.home", "read"));
    ps.add(new PropertyPermission("java.vendor", "read"));
    ps.add(new PropertyPermission("java.version", "read"));
    ps.add(new PropertyPermission("os.name", "read"));
    ps.add(new PropertyPermission("os.arch", "read"));
    ps.add(new PropertyPermission("os.version", "read"));
    ps.add(new SocketPermission("*", "connect,resolve"));
    ps.add(new FilePermission(Configuration.Paths.getScriptCacheDirectory(), "read,write,delete"));
    ps.setReadOnly();
    return ps;
  }

View Full Code Here


  @Test
  public void testSecuritySanity() throws Exception {
    AccessControlContext acc = provider.getAccessControlContext();
    try {
      acc.checkPermission(new PropertyPermission("*", "read"));
      fail("Acc should not have any permissions");
    } catch (SecurityException se) {
      // expected
    }

View Full Code Here

    return list;
  }


  protected List getIAndTPermissions() {
    List perms = super.getIAndTPermissions();
    perms.add(new PropertyPermission("*", "read"));
    perms.add(new PropertyPermission("*", "write"));
    return perms;
  }

View Full Code Here

            }
            Permission perm = new RuntimePermission("SSLPassword");
            AccessController.checkPermission(perm);
        } catch (AccessControlException e) {
            String message = e.getMessage();
            Permission perm = new PropertyPermission(key, "read");
            if (message != null) {
                message = message.replace(e.getPermission().toString(), perm.toString());
            }
            throw new AccessControlException(message, perm);
        }
    }

View Full Code Here

        return new TestSuite(SecurityTest.class);
    }


    public void testForbiddenProperty() {
        String script = "System.getProperty(\"user.home\")";
        assertExecute(script, null, new PropertyPermission("user.home", "read"));
    }

View Full Code Here

   */
  public static String setProperty(String key, String value)
  {
    SecurityManager sm = SecurityManager.current; // Be thread-safe.
    if (sm != null)
      sm.checkPermission(new PropertyPermission(key, "write"));
    // This handles both the null pointer exception and the illegal
    // argument exception.
    if (key.length() == 0)
      throw new IllegalArgumentException("key can't be empty");
    return SystemProperties.setProperty(key, value);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of java.util.PropertyPermission

AddToReadOnlyPermissionCollection

com.google.appengine.tools.development.IsolatedAppClassLoader

com.ikanow.infinit.e.utility.hadoop.HadoopPrototypingTool$MinimalPolicy

com.sshtools.j2ssh.configuration.ConfigurationLoader

com.sun.enterprise.J2EESecurityManager

com.sun.enterprise.security.provider.PolicyFile

com.sun.enterprise.security.ssl.impl.SecuritySupportImpl

com.sun.enterprise.security.ssl.SSLUtils

com.sun.jini.test.spec.security.security.GrantTest1

com.sun.jini.test.spec.security.security.GrantTest2

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.