Examples with FilePermission java.io.FilePermission used on opensource projects

Example 16 with FilePermission

use of java.io.FilePermission in project wildfly by wildfly.

the class DeploymentHelper method getWebArchiveWithPermissions.

public WebArchive getWebArchiveWithPermissions(final String archiveName) {
    final String javaHome = TestSuiteEnvironment.getSystemProperty("java.home");
    final String serverHostPort = TestSuiteEnvironment.getServerAddress() + ":" + TestSuiteEnvironment.getHttpPort();
    final WebArchive webArchive = ShrinkWrap.create(WebArchive.class, archiveName + ".war").addAsWebInfResource(EmptyAsset.INSTANCE, ArchivePaths.create("beans.xml")).addAsManifestResource(PermissionUtils.createPermissionsXmlAsset(new ReflectPermission("suppressAccessChecks"), new ReflectPermission("accessDeclaredMembers"), // Permissions for port access
    new PropertyPermission("management.address", "read"), new PropertyPermission("node0", "read"), new PropertyPermission("jboss.http.port", "read"), new SocketPermission(serverHostPort, "connect,resolve"), // Permissions for the new client creation
    new RuntimePermission("accessDeclaredMembers"), new RuntimePermission("createClassLoader"), new RuntimePermission("getClassLoader"), new RuntimePermission("org.apache.cxf.permission"), new FilePermission(javaHome + File.separator + "lib" + File.separator + "wsdl.properties", "read"), new PropertyPermission("user.dir", "read"), new PropertyPermission("arquillian.debug", "read"), new FilePermission(System.getProperty("basedir") + File.separator + "target" + File.separator + "workdir" + File.separator + "xcatalog", "read")), "permissions.xml");
    return webArchive;
}

Example 17 with FilePermission

use of java.io.FilePermission in project android by JetBrains.

the class RenderSecurityManagerTest method testReadWrite.

@Test
public void testReadWrite() throws Exception {
    RenderSecurityManager manager = new RenderSecurityManager(null, null);
    try {
        manager.setActive(true, myCredential);
        manager.checkPermission(new FilePermission("/foo", "read,write"));
        fail("Should have thrown security exception");
    } catch (SecurityException exception) {
        assertEquals("Write access not allowed during rendering (/foo)", exception.toString());
    // pass
    } finally {
        manager.dispose(myCredential);
    }
}

Example 18 with FilePermission

use of java.io.FilePermission in project jdk8u_jdk by JetBrains.

the class InnerClassLambdaMetafactory method spinInnerClass.

/**
     * Generate a class file which implements the functional
     * interface, define and return the class.
     *
     * @implNote The class that is generated does not include signature
     * information for exceptions that may be present on the SAM method.
     * This is to reduce classfile size, and is harmless as checked exceptions
     * are erased anyway, no one will ever compile against this classfile,
     * and we make no guarantees about the reflective properties of lambda
     * objects.
     *
     * @return a Class which implements the functional interface
     * @throws LambdaConversionException If properly formed functional interface
     * is not found
     */
private Class<?> spinInnerClass() throws LambdaConversionException {
    String[] interfaces;
    String samIntf = samBase.getName().replace('.', '/');
    boolean accidentallySerializable = !isSerializable && Serializable.class.isAssignableFrom(samBase);
    if (markerInterfaces.length == 0) {
        interfaces = new String[] { samIntf };
    } else {
        // Assure no duplicate interfaces (ClassFormatError)
        Set<String> itfs = new LinkedHashSet<>(markerInterfaces.length + 1);
        itfs.add(samIntf);
        for (Class<?> markerInterface : markerInterfaces) {
            itfs.add(markerInterface.getName().replace('.', '/'));
            accidentallySerializable |= !isSerializable && Serializable.class.isAssignableFrom(markerInterface);
        }
        interfaces = itfs.toArray(new String[itfs.size()]);
    }
    cw.visit(CLASSFILE_VERSION, ACC_SUPER + ACC_FINAL + ACC_SYNTHETIC, lambdaClassName, null, JAVA_LANG_OBJECT, interfaces);
    // Generate final fields to be filled in by constructor
    for (int i = 0; i < argDescs.length; i++) {
        FieldVisitor fv = cw.visitField(ACC_PRIVATE + ACC_FINAL, argNames[i], argDescs[i], null, null);
        fv.visitEnd();
    }
    generateConstructor();
    if (invokedType.parameterCount() != 0) {
        generateFactory();
    }
    // Forward the SAM method
    MethodVisitor mv = cw.visitMethod(ACC_PUBLIC, samMethodName, samMethodType.toMethodDescriptorString(), null, null);
    mv.visitAnnotation("Ljava/lang/invoke/LambdaForm$Hidden;", true);
    new ForwardingMethodGenerator(mv).generate(samMethodType);
    // Forward the bridges
    if (additionalBridges != null) {
        for (MethodType mt : additionalBridges) {
            mv = cw.visitMethod(ACC_PUBLIC | ACC_BRIDGE, samMethodName, mt.toMethodDescriptorString(), null, null);
            mv.visitAnnotation("Ljava/lang/invoke/LambdaForm$Hidden;", true);
            new ForwardingMethodGenerator(mv).generate(mt);
        }
    }
    if (isSerializable)
        generateSerializationFriendlyMethods();
    else if (accidentallySerializable)
        generateSerializationHostileMethods();
    cw.visitEnd();
    // Define the generated class in this VM.
    final byte[] classBytes = cw.toByteArray();
    // If requested, dump out to a file for debugging purposes
    if (dumper != null) {
        AccessController.doPrivileged(new PrivilegedAction<Void>() {

            @Override
            public Void run() {
                dumper.dumpClass(lambdaClassName, classBytes);
                return null;
            }
        }, null, new FilePermission("<<ALL FILES>>", "read, write"), // createDirectories may need it
        new PropertyPermission("user.dir", "read"));
    }
    return UNSAFE.defineAnonymousClass(targetClass, classBytes, null);
}

Example 19 with FilePermission

use of java.io.FilePermission in project jdk8u_jdk by JetBrains.

the class ProxyClassesDumper method getInstance.

public static ProxyClassesDumper getInstance(String path) {
    if (null == path) {
        return null;
    }
    try {
        path = path.trim();
        final Path dir = Paths.get(path.length() == 0 ? "." : path);
        AccessController.doPrivileged(new PrivilegedAction<Void>() {

            @Override
            public Void run() {
                validateDumpDir(dir);
                return null;
            }
        }, null, new FilePermission("<<ALL FILES>>", "read, write"));
        return new ProxyClassesDumper(dir);
    } catch (InvalidPathException ex) {
        PlatformLogger.getLogger(ProxyClassesDumper.class.getName()).warning("Path " + path + " is not valid - dumping disabled", ex);
    } catch (IllegalArgumentException iae) {
        PlatformLogger.getLogger(ProxyClassesDumper.class.getName()).warning(iae.getMessage() + " - dumping disabled");
    }
    return null;
}

Example 20 with FilePermission

use of java.io.FilePermission in project jdk8u_jdk by JetBrains.

the class FileLoginModule method loadPasswordFile.

/*
     * Read the password file.
     */
private void loadPasswordFile() throws IOException {
    FileInputStream fis;
    try {
        fis = new FileInputStream(passwordFile);
    } catch (SecurityException e) {
        if (userSuppliedPasswordFile || hasJavaHomePermission) {
            throw e;
        } else {
            final FilePermission fp = new FilePermission(passwordFileDisplayName, "read");
            AccessControlException ace = new AccessControlException("access denied " + fp.toString());
            ace.setStackTrace(e.getStackTrace());
            throw ace;
        }
    }
    try {
        final BufferedInputStream bis = new BufferedInputStream(fis);
        try {
            userCredentials = new Properties();
            userCredentials.load(bis);
        } finally {
            bis.close();
        }
    } finally {
        fis.close();
    }
}