From 0cf17a80513e9b637e07a9fadc6717e67750ea53 Mon Sep 17 00:00:00 2001
From: Tom Tromey <tromey@cygnus.com>
Date: Mon, 27 Nov 2000 04:07:48 +0000
Subject: Makefile.in: Rebuilt.

	* Makefile.in: Rebuilt.
	* Makefile.am (core_java_source_files): Added
	RuntimePermission.java.
	* java/lang/RuntimePermission.java: Imported from Classpath.
	* java/lang/Thread.java (getContextClassLoader): Now
	synchronized.  Added security code.
	(setContextClassLoader): Likewise.

From-SVN: r37772
---
 libjava/java/lang/ClassLoader.java       |   1 -
 libjava/java/lang/RuntimePermission.java | 153 +++++++++++++++++++++++++++++++
 libjava/java/lang/Thread.java            |  28 ++++--
 3 files changed, 175 insertions(+), 7 deletions(-)
 create mode 100644 libjava/java/lang/RuntimePermission.java

(limited to 'libjava/java')
diff --git a/libjava/java/lang/ClassLoader.java b/libjava/java/lang/ClassLoader.java
index de95603..402e812 100644
--- a/libjava/java/lang/ClassLoader.java
+++ b/libjava/java/lang/ClassLoader.java
@@ -426,4 +426,3 @@ public abstract class ClassLoader {
     return null;
   }
 }
-
diff --git a/libjava/java/lang/RuntimePermission.java b/libjava/java/lang/RuntimePermission.java
new file mode 100644
index 0000000..40b3da2
--- /dev/null
+++ b/libjava/java/lang/RuntimePermission.java
@@ -0,0 +1,153 @@
+/* RuntimePermission.java
+   Copyright (C) 1998 Free Software Foundation, Inc.
+
+This file is part of GNU Classpath.
+
+GNU Classpath is free software; you can redistribute it and/or modify
+it under the terms of the GNU General Public License as published by
+the Free Software Foundation; either version 2, or (at your option)
+any later version.
+ 
+GNU Classpath is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with GNU Classpath; see the file COPYING.  If not, write to the
+Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+02111-1307 USA.
+
+As a special exception, if you link this library with other files to
+produce an executable, this library does not by itself cause the
+resulting executable to be covered by the GNU General Public License.
+This exception does not however invalidate any other reasons why the
+executable file might be covered by the GNU General Public License. */
+
+
+package java.lang;
+
+import java.security.*;
+
+/**
+ * A <code>RuntimePermission</code> contains a permission name, but no
+ * actions list.  This means you either have the permission or you don't.
+ *
+ * Permission names have the follow the hierarchial property naming
+ * convention.  In addition, an asterisk may appear at the end of a 
+ * name if following a period or by itself.
+ *
+ * <table border=1>
+ * <tr><th>Valid names</th><th>Invalid names</th></tr>
+ * <tr><td>"accessClassInPackage.*","*"</td>
+ * <td>"**", "*x", "*.a"</td></tr>
+ * </table>
+ * <br> 
+ * 
+ * The following table provides a list of all the possible RuntimePermission
+ * permission names with a description of what that permission allows.
+ * <br>
+ * <table border=1>
+ * <tr><th>Permission Name</th><th>Permission Allows</th></tr>
+ * <tr>
+ *   <td><code>createClassLoader</code></td>
+ *   <td>creation of a class loader</td></tr>
+ * <tr>
+ *   <td><code>getClassLoader</code></td>
+ *   <td>retrieval of the class loader for the calling class</td></tr>
+ * <tr>
+ *   <td><code>setContextClassLoader</code></td>
+ *   <td>allows the setting of the context class loader used by a 
+ *       thread including system threads</td></tr>
+ * <tr>
+ *   <td><code>setSecurityManager</code></td>
+ *   <td>allows the application to replace the security manager with
+ *       another, possibly less restrictive one.</td></tr>
+ * <tr>
+ *   <td><code>createSecurityManager</code></td>
+ *   <td>allows the application to create a new security manager</td></tr>
+ * <tr>
+ *   <td><code>exitVM</code></td>
+ *   <td>allows the application to halt the virtual machine</td></tr>
+ * <tr>
+ *   <td><code>setFactory</code></td>
+ *   <td>allows the application to set the socket factory for socket, 
+ *       server socket, stream handler, or RMI socket factory.</td></tr>
+ * <tr>
+ *   <td><code>setIO</code></td>
+ *   <td>allows the application to set System.out, System.in, and 
+ *       System.err</td></tr>
+ * <tr>
+ *   <td><code>modifyThread</code></td>
+ *   <td>allows the application to modify any thread in the virtual machine
+ *       using any of the methods <code>stop</code>, <code>resume</code>,
+ *       <code>suspend</code>, <code>setPriority</code>, and 
+ *       <code>setName</code> of classs <code>Thread</code></td></tr>
+ * <tr>
+ *   <td><code>stopThread</code></td>
+ *   <td>allows the application to <code>stop</code> any thread it has
+ *       access to in the system</td></tr>
+ * <tr>
+ *   <td><code>modifyThreadGroup</td>
+ *   <td>allows the application to modify thread groups using any of the
+ *       methods <code>destroy</code>, <code>resume</code>, 
+ *       <code>setDaemon</code>, <code>setMaxPriority</code>, 
+ *       <code>stop</code>, and <code>suspend</code> of the class
+ *       <code>ThreadGroup</code></td></tr>
+ * <tr>
+ *   <td><code>getProtectionDomain</code></td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>readFileDescriptor</code></td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>writeFileDescriptor</code</td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>loadLibrary.{library name}</code></td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>accessClassInPackage.{package name}</code></td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>defineClassInPackage.{package name}</code></td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>accessDeclaredMembers</code></td>
+ *   <td></td></tr>
+ * <tr>
+ *   <td><code>queuePrintJob</code></td>
+ *   <td></td></tr>
+ * </table>
+ * 
+ * @since JDK 1.2
+ * 
+ * @author Brian Jones
+ */
+public class RuntimePermission extends java.security.BasicPermission
+{
+  /**
+   * 
+   * @param permissionName the name of the granted permission
+   * 
+   * @throws IllegalArgumentException thrown if the name contains an invalid 
+   * wildcard character
+   */
+  public RuntimePermission(String permissionName)
+    {
+      this(permissionName, null);
+    }
+
+  /**
+   *
+   * @param permissionName the name of the granted permission
+   * @param actions this should always be null
+   * 
+   * @throws IllegalArgumentException throw if the name contains an invalid
+   * wildcard character
+   */
+  public RuntimePermission(String permissionName, String actions)
+    {
+      super(permissionName, actions);
+    }
+}
diff --git a/libjava/java/lang/Thread.java b/libjava/java/lang/Thread.java
index 33fabf4..12c7eb6 100644
--- a/libjava/java/lang/Thread.java
+++ b/libjava/java/lang/Thread.java
@@ -145,21 +145,37 @@ public class Thread implements Runnable
     daemon_flag = status;
   }
 
-  public ClassLoader getContextClassLoader()
+  public synchronized ClassLoader getContextClassLoader()
   {
     if (context_class_loader == null)
+      context_class_loader = ClassLoader.getSystemClassLoader ();
+
+    SecurityManager s = System.getSecurityManager();
+    // FIXME: we can't currently find the caller's class loader.
+    ClassLoader callers = null;
+    if (s != null && callers != null)
       {
-	context_class_loader = ClassLoader.getSystemClassLoader ();
-	return context_class_loader;
+	// See if the caller's class loader is the same as or an
+	// ancestor of this thread's class loader.
+	while (callers != null && callers != context_class_loader)
+	  {
+	    // FIXME: should use some internal version of getParent
+	    // that avoids security checks.
+	    callers = callers.getParent ();
+	  }
+
+	if (callers != context_class_loader)
+	  s.checkPermission (new RuntimePermission ("getClassLoader"));
       }
 
-    // FIXME: Add security manager stuff here.
     return context_class_loader;
   }
 
-  public void setContextClassLoader(ClassLoader cl)
+  public synchronized void setContextClassLoader(ClassLoader cl)
   {
-    // FIXME: Add security manager stuff here.
+    SecurityManager s = System.getSecurityManager ();
+    if (s != null)
+      s.checkPermission (new RuntimePermission ("setContextClassLoader"));
     context_class_loader = cl;
   }
 
-- 
cgit v1.1


Permission Name	Permission Allows
`createClassLoader`	creation of a class loader
`getClassLoader`	retrieval of the class loader for the calling class
`setContextClassLoader`	allows the setting of the context class loader used by a + * thread including system threads
`setSecurityManager`	allows the application to replace the security manager with + * another, possibly less restrictive one.
`createSecurityManager`	allows the application to create a new security manager
`exitVM`	allows the application to halt the virtual machine
`setFactory`	allows the application to set the socket factory for socket, + * server socket, stream handler, or RMI socket factory.
`setIO`	allows the application to set System.out, System.in, and + * System.err
`modifyThread`	allows the application to modify any thread in the virtual machine + * using any of the methods `stop`, `resume`, + * `suspend`, `setPriority`, and + * `setName` of classs `Thread`
`stopThread`	allows the application to `stop` any thread it has + * access to in the system
`modifyThreadGroup`	allows the application to modify thread groups using any of the + * methods `destroy`, `resume`, + * `setDaemon`, `setMaxPriority`, + * `stop`, and `suspend` of the class + * `ThreadGroup`
`getProtectionDomain`
`readFileDescriptor`
`writeFileDescriptor + *`
`loadLibrary.{library name}`
`accessClassInPackage.{package name}`
`defineClassInPackage.{package name}`
`accessDeclaredMembers`
`queuePrintJob`