aboutsummaryrefslogtreecommitdiff
path: root/libjava/java
diff options
context:
space:
mode:
Diffstat (limited to 'libjava/java')
-rw-r--r--libjava/java/io/ObjectInputStream.java7
-rw-r--r--libjava/java/io/ObjectOutputStream.java9
2 files changed, 11 insertions, 5 deletions
diff --git a/libjava/java/io/ObjectInputStream.java b/libjava/java/io/ObjectInputStream.java
index 7a67f3f..b530f4c 100644
--- a/libjava/java/io/ObjectInputStream.java
+++ b/libjava/java/io/ObjectInputStream.java
@@ -528,8 +528,11 @@ public class ObjectInputStream extends InputStream
throws SecurityException
{
if (enable)
- if (getClass ().getClassLoader () != null)
- throw new SecurityException ("Untrusted ObjectInputStream subclass attempted to enable object resolution");
+ {
+ SecurityManager sm = System.getSecurityManager ();
+ if (sm != null)
+ sm.checkPermission (new SerializablePermission ("enableSubtitution"));
+ }
boolean old_val = this.resolveEnabled;
this.resolveEnabled = enable;
diff --git a/libjava/java/io/ObjectOutputStream.java b/libjava/java/io/ObjectOutputStream.java
index faf7ea1..26a1ee5 100644
--- a/libjava/java/io/ObjectOutputStream.java
+++ b/libjava/java/io/ObjectOutputStream.java
@@ -1,5 +1,5 @@
/* ObjectOutputStream.java -- Class used to write serialized objects
- Copyright (C) 1998, 1999, 2000 Free Software Foundation, Inc.
+ Copyright (C) 1998, 1999, 2000, 2001 Free Software Foundation, Inc.
This file is part of GNU Classpath.
@@ -550,8 +550,11 @@ public class ObjectOutputStream extends OutputStream
throws SecurityException
{
if (enable)
- if (getClass ().getClassLoader () != null)
- throw new SecurityException ("Untrusted ObjectOutputStream subclass attempted to enable object replacement");
+ {
+ SecurityManager sm = System.getSecurityManager ();
+ if (sm != null)
+ sm.checkPermission (new SerializablePermission ("enableSubstitution"));
+ }
boolean old_val = replacementEnabled;
replacementEnabled = enable;
generated by cgit v1.1 at 2025-03-22 01:34:54 +0000