2006-08-07 Gary Benson <gbenson@redhat.com>

author gary <gary@138bc75d-0d04-0410-961f-82ee72b054a4>

Mon, 7 Aug 2006 14:42:48 +0000 (14:42 +0000)

committer gary <gary@138bc75d-0d04-0410-961f-82ee72b054a4>

Mon, 7 Aug 2006 14:42:48 +0000 (14:42 +0000)
author gary <gary@138bc75d-0d04-0410-961f-82ee72b054a4>
Mon, 7 Aug 2006 14:42:48 +0000 (14:42 +0000)
committer gary <gary@138bc75d-0d04-0410-961f-82ee72b054a4>
Mon, 7 Aug 2006 14:42:48 +0000 (14:42 +0000)
diff --git a/libjava/ChangeLog b/libjava/ChangeLog

index 5b8d467..9436ff9 100644 (file)
--- a/libjava/ChangeLog
+++ b/libjava/ChangeLog
@@ -1,4 +1,13 @@
  2006-08-07  Gary Benson  <gbenson@redhat.com>
+           Casey Marshall <csm@gnu.org>
+
+       * java/lang/SecurityManager.java (getSecurityContext,
+       checkPermission, checkAccess, checkRead, checkConnect,
+       checkPackageAccess, checkPackageDefinition, checkPackageList):
+       Merge with Classpath.
+       (SecurityContext): Remove.
+
+2006-08-07  Gary Benson  <gbenson@redhat.com>
  
         * java/security/VMAccessController.java (pushContext, popContext,
         getContext): Use Thread.currentThread() to determine when we're
diff --git a/libjava/java/lang/SecurityManager.java b/libjava/java/lang/SecurityManager.java

index 4f9a39a..c803c5b 100644 (file)
--- a/libjava/java/lang/SecurityManager.java
+++ b/libjava/java/lang/SecurityManager.java
@@ -1,5 +1,6 @@
  /* SecurityManager.java -- security checks for privileged actions
-   Copyright (C) 1998, 1999, 2001, 2002, 2005  Free Software Foundation, Inc.
+   Copyright (C) 1998, 1999, 2001, 2002, 2005, 2006
+   Free Software Foundation, Inc.
  
  This file is part of GNU Classpath.
  
@@ -45,11 +46,15 @@ import java.io.FilePermission;
  import java.lang.reflect.Member;
  import java.net.InetAddress;
  import java.net.SocketPermission;
+import java.security.AccessController;
+import java.security.AccessControlContext;
  import java.security.AllPermission;
  import java.security.Permission;
+import java.security.PrivilegedAction;
  import java.security.Security;
  import java.security.SecurityPermission;
  import java.util.PropertyPermission;
+import java.util.StringTokenizer;
  
  /**
   * SecurityManager is a class you can extend to create your own Java
@@ -315,8 +320,7 @@ public class SecurityManager
     */
    public Object getSecurityContext()
    {
-    // XXX Should be: return AccessController.getContext();
-    return new SecurityContext(getClassContext());
+    return AccessController.getContext();
    }
  
    /**
@@ -331,8 +335,7 @@ public class SecurityManager
     */
    public void checkPermission(Permission perm)
    {
-    // XXX Should be: AccessController.checkPermission(perm);
-    //.throw new SecurityException("Operation not allowed");
+    AccessController.checkPermission(perm);
    }
  
    /**
@@ -353,11 +356,9 @@ public class SecurityManager
     */
    public void checkPermission(Permission perm, Object context)
    {
-    // XXX Should be:
-    // if (! (context instanceof AccessControlContext))
-    //   throw new SecurityException("Missing context");
-    // ((AccessControlContext) context).checkPermission(perm);
-    throw new SecurityException("Operation not allowed");
+    if (! (context instanceof AccessControlContext))
+      throw new SecurityException("Missing context");
+    ((AccessControlContext) context).checkPermission(perm);
    }
  
    /**
@@ -402,7 +403,7 @@ public class SecurityManager
    public void checkAccess(Thread thread)
    {
      if (thread.getThreadGroup() != null 
-       && thread.getThreadGroup().getParent() != null)
+       && thread.getThreadGroup().getParent() == null)
        checkPermission(new RuntimePermission("modifyThread"));
    }
  
@@ -435,7 +436,7 @@ public class SecurityManager
     */
    public void checkAccess(ThreadGroup g)
    {
-    if (g.getParent() != null)
+    if (g.getParent() == null)
        checkPermission(new RuntimePermission("modifyThreadGroup"));
    }
  
@@ -556,12 +557,10 @@ public class SecurityManager
     */
    public void checkRead(String filename, Object context)
    {
-    // XXX Should be:
-    // if (! (context instanceof AccessControlContext))
-    //   throw new SecurityException("Missing context");
-    // AccessControlContext ac = (AccessControlContext) context;
-    // ac.checkPermission(new FilePermission(filename, "read"));
-    // throw new SecurityException("Cannot read files via file names.");
+    if (! (context instanceof AccessControlContext))
+      throw new SecurityException("Missing context");
+    AccessControlContext ac = (AccessControlContext) context;
+    ac.checkPermission(new FilePermission(filename, "read"));
    }
  
    /**
@@ -675,17 +674,15 @@ public class SecurityManager
     */
    public void checkConnect(String host, int port, Object context)
    {
-    // XXX Should be:
-    // if (! (context instanceof AccessControlContext))
-    //   throw new SecurityException("Missing context");
-    // AccessControlContext ac = (AccessControlContext) context;
-    // if (port == -1)
-    //   ac.checkPermission(new SocketPermission(host, "resolve"));
-    // else
-    //   // Use the toString() hack to do the null check.
-    //   ac.checkPermission(new SocketPermission(host.toString + ":" +port,
-    //                                           "connect"));
-    // throw new SecurityException("Cannot make network connections.");
+    if (! (context instanceof AccessControlContext))
+      throw new SecurityException("Missing context");
+    AccessControlContext ac = (AccessControlContext) context;
+    if (port == -1)
+      ac.checkPermission(new SocketPermission(host, "resolve"));
+    else
+      // Use the toString() hack to do the null check.
+      ac.checkPermission(new SocketPermission(host.toString() + ":" + port,
+                                              "connect"));
    }
  
    /**
@@ -902,7 +899,7 @@ public class SecurityManager
     */
    public void checkPackageAccess(String packageName)
    {
-    checkPackageList(packageName, "access", "accessClassInPackage.");
+    checkPackageList(packageName, "package.access", "accessClassInPackage.");
    }
  
    /**
@@ -924,7 +921,7 @@ public class SecurityManager
     */
    public void checkPackageDefinition(String packageName)
    {
-    checkPackageList(packageName, "definition", "defineClassInPackage.");
+    checkPackageList(packageName, "package.definition", "defineClassInPackage.");
    }
  
    /**
@@ -1027,38 +1024,34 @@ public class SecurityManager
     * @see #checkPackageAccess(String)
     * @see #checkPackageDefinition(String)
     */
-  void checkPackageList(String packageName, String restriction,
+  void checkPackageList(String packageName, final String restriction,
                          String permission)
    {
-    // Use the toString() hack to do the null check.
-    Permission p = new RuntimePermission(permission + packageName.toString());
-    String list = Security.getProperty("package." + restriction);
-    if (list == null)
+    if (packageName == null)
+      throw new NullPointerException();
+
+    String list = (String)AccessController.doPrivileged(new PrivilegedAction()
+      {
+       public Object run()
+        {
+         return Security.getProperty(restriction);
+       }
+      });
+
+    if (list == null || list.equals(""))
        return;
-    while (! "".equals(packageName))
+
+    String packageNamePlusDot = packageName + ".";
+
+    StringTokenizer st = new StringTokenizer(list, ",");
+    while (st.hasMoreTokens())
        {
-        for (int index = list.indexOf(packageName);
-             index != -1; index = list.indexOf(packageName, index + 1))
-          {
-            // Exploit package visibility for speed.
-           int packageNameCount = packageName.length();
-            if (index + packageNameCount == list.length()
-                || list.charAt(index + packageNameCount) == ',')
-              {
-                checkPermission(p);
-                return;
-              }
-          }
-        int index = packageName.lastIndexOf('.');
-        packageName = index < 0 ? "" : packageName.substring(0, index);
+       if (packageNamePlusDot.startsWith(st.nextToken()))
+         {
+           Permission p = new RuntimePermission(permission + packageName);
+           checkPermission(p);
+           return;
+         }
        }
    }
-} // class SecurityManager
-
-// XXX This class is unnecessary.
-class SecurityContext {
-       Class[] classes;
-       SecurityContext(Class[] classes) {
-               this.classes = classes;
-       }
  }
author	gary <gary@138bc75d-0d04-0410-961f-82ee72b054a4>
	Mon, 7 Aug 2006 14:42:48 +0000 (14:42 +0000)
committer	gary <gary@138bc75d-0d04-0410-961f-82ee72b054a4>
	Mon, 7 Aug 2006 14:42:48 +0000 (14:42 +0000)
libjava/ChangeLog		patch \| blob \| history
libjava/java/lang/SecurityManager.java		patch \| blob \| history