Search in sources :

Example 86 with FilePermission

use of java.io.FilePermission in project Payara by payara.

the class VoidPermissionTest method testNotImplied.

@Test
public void testNotImplied() {
    VoidPermission vPerm = new VoidPermission();
    FilePermission fPerm = new FilePermission("/scratch/test/*", "read");
    Assert.assertTrue(!vPerm.implies(fPerm));
    Assert.assertTrue(!fPerm.implies(vPerm));
}
Also used : FilePermission(java.io.FilePermission) Test(org.junit.Test)

Example 87 with FilePermission

use of java.io.FilePermission in project Payara by payara.

the class PermissionsProcessor method addFilePermissionsForCurrentDir.

// add the current folder for the file permission
protected static void addFilePermissionsForCurrentDir(PermissionCollection revisedPC, DeploymentContext context, FilePermission perm) throws MalformedURLException {
    if (!isFilePermforCurrentDir(perm)) {
        // not recognized, add it as is
        revisedPC.add(perm);
        return;
    }
    String actions = perm.getActions();
    String rootDir = context.getSource().getURI().toURL().toString();
    Permission rootDirPerm = new FilePermission(rootDir, actions);
    revisedPC.add(rootDirPerm);
    Permission rootPerm = new FilePermission(rootDir + File.separator + "-", actions);
    revisedPC.add(rootPerm);
    if (context.getScratchDir("ejb") != null) {
        String ejbTmpDir = context.getScratchDir("ejb").toURI().toURL().toString();
        Permission ejbDirPerm = new FilePermission(ejbTmpDir, actions);
        revisedPC.add(ejbDirPerm);
        Permission ejbPerm = new FilePermission(ejbTmpDir + File.separator + "-", actions);
        revisedPC.add(ejbPerm);
    }
    if (context.getScratchDir("jsp") != null) {
        String jspdir = context.getScratchDir("jsp").toURI().toURL().toString();
        Permission jpsDirPerm = new FilePermission(jspdir, actions);
        revisedPC.add(jpsDirPerm);
        Permission jpsPerm = new FilePermission(jspdir + File.separator + "-", actions);
        revisedPC.add(jpsPerm);
    }
}
Also used : Permission(java.security.Permission) FilePermission(java.io.FilePermission) FilePermission(java.io.FilePermission)

Example 88 with FilePermission

use of java.io.FilePermission in project Payara by payara.

the class PermissionsProcessor method convertTempDirPermission.

// convert 'temp' dir to the absolute path for permission of 'temp' path
protected static Permission convertTempDirPermission(PermissionCollection revisedPC, DeploymentContext context, FilePermission perm) throws MalformedURLException {
    if (!isFilePermforTempDir(perm)) {
        return perm;
    }
    String actions = perm.getActions();
    if (context.getScratchDir("jsp") != null) {
        String jspdir = context.getScratchDir("jsp").toURI().toURL().toString();
        Permission jspDirPerm = new FilePermission(jspdir, actions);
        revisedPC.add(jspDirPerm);
        Permission jspPerm = new FilePermission(jspdir + File.separator + "-", actions);
        revisedPC.add(jspPerm);
        return jspPerm;
    }
    return perm;
}
Also used : Permission(java.security.Permission) FilePermission(java.io.FilePermission) FilePermission(java.io.FilePermission)

Example 89 with FilePermission

use of java.io.FilePermission in project jdk8u_jdk by JetBrains.

the class AppContextCreator method getPermissions.

/**
     * Returns the permissions for the given codesource object.
     * The implementation of this method first calls super.getPermissions,
     * to get the permissions
     * granted by the super class, and then adds additional permissions
     * based on the URL of the codesource.
     * <p>
     * If the protocol is "file"
     * and the path specifies a file, permission is granted to read all files
     * and (recursively) all files and subdirectories contained in
     * that directory. This is so applets with a codebase of
     * file:/blah/some.jar can read in file:/blah/, which is needed to
     * be backward compatible. We also add permission to connect back to
     * the "localhost".
     *
     * @param codesource the codesource
     * @throws NullPointerException if {@code codesource} is {@code null}.
     * @return the permissions granted to the codesource
     */
protected PermissionCollection getPermissions(CodeSource codesource) {
    final PermissionCollection perms = super.getPermissions(codesource);
    URL url = codesource.getLocation();
    String path = null;
    Permission p;
    try {
        p = url.openConnection().getPermission();
    } catch (java.io.IOException ioe) {
        p = null;
    }
    if (p instanceof FilePermission) {
        path = p.getName();
    } else if ((p == null) && (url.getProtocol().equals("file"))) {
        path = url.getFile().replace('/', File.separatorChar);
        path = ParseUtil.decode(path);
    }
    if (path != null) {
        final String rawPath = path;
        if (!path.endsWith(File.separator)) {
            int endIndex = path.lastIndexOf(File.separatorChar);
            if (endIndex != -1) {
                path = path.substring(0, endIndex + 1) + "-";
                perms.add(new FilePermission(path, SecurityConstants.FILE_READ_ACTION));
            }
        }
        final File f = new File(rawPath);
        final boolean isDirectory = f.isDirectory();
        // that ends with .jar or .zip
        if (allowRecursiveDirectoryRead && (isDirectory || rawPath.toLowerCase().endsWith(".jar") || rawPath.toLowerCase().endsWith(".zip"))) {
            Permission bperm;
            try {
                bperm = base.openConnection().getPermission();
            } catch (java.io.IOException ioe) {
                bperm = null;
            }
            if (bperm instanceof FilePermission) {
                String bpath = bperm.getName();
                if (bpath.endsWith(File.separator)) {
                    bpath += "-";
                }
                perms.add(new FilePermission(bpath, SecurityConstants.FILE_READ_ACTION));
            } else if ((bperm == null) && (base.getProtocol().equals("file"))) {
                String bpath = base.getFile().replace('/', File.separatorChar);
                bpath = ParseUtil.decode(bpath);
                if (bpath.endsWith(File.separator)) {
                    bpath += "-";
                }
                perms.add(new FilePermission(bpath, SecurityConstants.FILE_READ_ACTION));
            }
        }
    }
    return perms;
}
Also used : PermissionCollection(java.security.PermissionCollection) FilePermission(java.io.FilePermission) SocketPermission(java.net.SocketPermission) Permission(java.security.Permission) IOException(java.io.IOException) FilePermission(java.io.FilePermission) File(java.io.File) URL(java.net.URL)

Example 90 with FilePermission

use of java.io.FilePermission in project jdk8u_jdk by JetBrains.

the class ImageIO method hasCachePermission.

/**
     * Determines whether the caller has write access to the cache
     * directory, stores the result in the <code>CacheInfo</code> object,
     * and returns the decision.  This method helps to prevent mysterious
     * SecurityExceptions to be thrown when this convenience class is used
     * in an applet, for example.
     */
private static boolean hasCachePermission() {
    Boolean hasPermission = getCacheInfo().getHasPermission();
    if (hasPermission != null) {
        return hasPermission.booleanValue();
    } else {
        try {
            SecurityManager security = System.getSecurityManager();
            if (security != null) {
                File cachedir = getCacheDirectory();
                String cachepath;
                if (cachedir != null) {
                    cachepath = cachedir.getPath();
                } else {
                    cachepath = getTempDir();
                    if (cachepath == null || cachepath.isEmpty()) {
                        getCacheInfo().setHasPermission(Boolean.FALSE);
                        return false;
                    }
                }
                // we have to check whether we can read, write,
                // and delete cache files.
                // So, compose cache file path and check it.
                String filepath = cachepath;
                if (!filepath.endsWith(File.separator)) {
                    filepath += File.separator;
                }
                filepath += "*";
                security.checkPermission(new FilePermission(filepath, "read, write, delete"));
            }
        } catch (SecurityException e) {
            getCacheInfo().setHasPermission(Boolean.FALSE);
            return false;
        }
        getCacheInfo().setHasPermission(Boolean.TRUE);
        return true;
    }
}
Also used : File(java.io.File) FilePermission(java.io.FilePermission)

Aggregations

FilePermission (java.io.FilePermission)143 Deployment (org.jboss.arquillian.container.test.api.Deployment)38 StringAsset (org.jboss.shrinkwrap.api.asset.StringAsset)29 JavaArchive (org.jboss.shrinkwrap.api.spec.JavaArchive)29 PropertyPermission (java.util.PropertyPermission)23 IOException (java.io.IOException)22 RemotingPermission (org.jboss.remoting3.security.RemotingPermission)21 Permission (java.security.Permission)20 File (java.io.File)19 URL (java.net.URL)19 PermissionCollection (java.security.PermissionCollection)19 SocketPermission (java.net.SocketPermission)18 WebArchive (org.jboss.shrinkwrap.api.spec.WebArchive)16 ReflectPermission (java.lang.reflect.ReflectPermission)12 Test (org.junit.Test)12 Permissions (java.security.Permissions)11 CodeSource (java.security.CodeSource)9 Path (java.nio.file.Path)8 SecurityPermission (java.security.SecurityPermission)8 Policy (java.security.Policy)7