Example 11 with AllPermission
use of java.security.AllPermission in project lwjgl by LWJGL.
the class AppletLoader method updateClassPath.
/**
* Edits the ClassPath at runtime to include the jars
* that have just been downloaded and then adds the
* lwjgl natives folder property.
*
* @param path location where applet is stored
* @throws Exception if it fails to add classpath
*/
protected void updateClassPath(final String path) throws Exception {
setState(STATE_UPDATING_CLASSPATH);
percentage = 95;
URL[] urls = new URL[urlList.length];
for (int i = 0; i < urlList.length; i++) {
String file = new File(path, getJarName(urlList[i])).toURI().toString();
// fix JVM bug where ! is not escaped
file = file.replace("!", "%21");
urls[i] = new URL(file);
}
// get AppletLoader certificates
final Certificate[] certs = getCurrentCertificates();
// detect if we are running on a mac and save result as boolean
String osName = System.getProperty("os.name");
final boolean isMacOS = (osName.startsWith("Mac") || osName.startsWith("Darwin"));
// add downloaded jars to the classpath with required permissions
classLoader = new URLClassLoader(urls) {
protected PermissionCollection getPermissions(CodeSource codesource) {
PermissionCollection perms = null;
try {
// no permissions
perms = new Permissions();
// if certificates match the AppletLoader certificates then we should be all set
if (certificatesMatch(certs, codesource.getCertificates())) {
perms.add(new AllPermission());
return perms;
}
String host = getCodeBase().getHost();
if (host != null && (host.length() > 0)) {
// add permission for downloaded jars to access host they were from
perms.add(new SocketPermission(host, "connect,accept"));
} else if ("file".equals(codesource.getLocation().getProtocol())) {
// if running locally add file permission
String path = codesource.getLocation().getFile().replace('/', File.separatorChar);
perms.add(new FilePermission(path, "read"));
}
} catch (Exception e) {
e.printStackTrace();
}
return perms;
}
// allow non lwjgl native to be found from cache directory
protected String findLibrary(String libname) {
String libPath = path + "natives" + File.separator + LWJGLUtil.mapLibraryName(libname);
if (new File(libPath).exists()) {
return libPath;
}
return super.findLibrary(libname);
}
};
debug_sleep(2000);
// unload natives loaded by a previous instance of this lwjgl applet
unloadNatives(path);
// add natives files path to native class path
System.setProperty("org.lwjgl.librarypath", path + "natives");
// Make sure jinput knows about the new path too
System.setProperty("net.java.games.input.librarypath", path + "natives");
// set the library path, useful for non lwjgl natives
System.setProperty("java.library.path", path + "natives");
// mark natives as loaded
natives_loaded = true;
}
Also used :
PermissionCollection(java.security.PermissionCollection)
SocketPermission(java.net.SocketPermission)
CodeSource(java.security.CodeSource)
FilePermission(java.io.FilePermission)
URL(java.net.URL)
AccessControlException(java.security.AccessControlException)
IOException(java.io.IOException)
URLClassLoader(java.net.URLClassLoader)
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
JarFile(java.util.jar.JarFile)
ZipFile(java.util.zip.ZipFile)
File(java.io.File)
Certificate(java.security.cert.Certificate)
Example 12 with AllPermission
use of java.security.AllPermission in project bytecode-viewer by Konloch.
the class ClassNodeLoader method getPermissions.
/**
* @return This class loader's permissions
*/
private Permissions getPermissions() {
Permissions permissions = new Permissions();
permissions.add(new AllPermission());
return permissions;
}
Also used :
Permissions(java.security.Permissions)
AllPermission(java.security.AllPermission)
Example 13 with AllPermission
use of java.security.AllPermission in project jdk8u_jdk by JetBrains.
the class XSLTExFuncTest method testExtFuncNotAllowed.
/**
* Security is enabled, extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
TransformerFactory factory = TransformerFactory.newInstance();
try {
transform(factory);
} catch (TransformerConfigurationException e) {
fail(e.getMessage());
} catch (TransformerException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
Also used :
Policy(java.security.Policy)
AllPermission(java.security.AllPermission)
Example 14 with AllPermission
use of java.security.AllPermission in project jdk8u_jdk by JetBrains.
the class XSLTExFuncTest method testEnableExtFunc.
/**
* Security is enabled, use new feature: enableExtensionFunctions
*/
public void testEnableExtFunc() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
TransformerFactory factory = TransformerFactory.newInstance();
/**
* Use of the extension function 'http://exslt.org/strings:tokenize' is
* not allowed when the secure processing feature is set to true.
* Attempt to use the new property to enable extension function
*/
boolean isExtensionSupported = enableExtensionFunction(factory);
try {
transform(factory);
System.out.println("testEnableExt: OK");
} catch (TransformerConfigurationException e) {
fail(e.getMessage());
} catch (TransformerException e) {
fail(e.getMessage());
} finally {
System.setSecurityManager(null);
}
}
Also used :
Policy(java.security.Policy)
AllPermission(java.security.AllPermission)
Example 15 with AllPermission
use of java.security.AllPermission in project jdk8u_jdk by JetBrains.
the class XPathExFuncTest method testExtFuncNotAllowed.
/**
* Security is enabled, extension function not allowed
*/
public void testExtFuncNotAllowed() {
Policy p = new SimplePolicy(new AllPermission());
Policy.setPolicy(p);
System.setSecurityManager(new SecurityManager());
try {
evaluate(false);
} catch (XPathFactoryConfigurationException e) {
fail(e.getMessage());
} catch (XPathExpressionException ex) {
//expected since extension function is disallowed
System.out.println("testExtFuncNotAllowed: OK");
} finally {
System.setSecurityManager(null);
}
}
Also used :
Policy(java.security.Policy)
XPathExpressionException(javax.xml.xpath.XPathExpressionException)
AllPermission(java.security.AllPermission)
XPathFactoryConfigurationException(javax.xml.xpath.XPathFactoryConfigurationException)
Aggregations
AllPermission (java.security.AllPermission)16
Policy (java.security.Policy)7
PermissionCollection (java.security.PermissionCollection)6
Permissions (java.security.Permissions)5
File (java.io.File)3
FilePermission (java.io.FilePermission)3
CodeSource (java.security.CodeSource)3
Permission (java.security.Permission)3
ProtectionDomain (java.security.ProtectionDomain)3
SocketPermission (java.net.SocketPermission)2
URL (java.net.URL)2
XPathExpressionException (javax.xml.xpath.XPathExpressionException)2
XPathFactoryConfigurationException (javax.xml.xpath.XPathFactoryConfigurationException)2
IOException (java.io.IOException)1
StringWriter (java.io.StringWriter)1
InetSocketAddress (java.net.InetSocketAddress)1
URLClassLoader (java.net.URLClassLoader)1
AccessControlException (java.security.AccessControlException)1
Certificate (java.security.cert.Certificate)1
LocalDate (java.time.LocalDate)1
