Search in sources :

Example 11 with Permissions

use of java.security.Permissions in project joda-time by JodaOrg.

the class TestDateTimeZone method testZoneInfoProviderResourceLoading.

public void testZoneInfoProviderResourceLoading() {
    final Set<String> ids = new HashSet<String>(DateTimeZone.getAvailableIDs());
    ids.remove(DateTimeZone.getDefault().getID());
    final String id = ids.toArray(new String[ids.size()])[new Random().nextInt(ids.size())];
    try {
        Policy.setPolicy(new Policy() {

            @Override
            public PermissionCollection getPermissions(CodeSource codesource) {
                Permissions p = new Permissions();
                // enable everything
                p.add(new AllPermission());
                return p;
            }

            @Override
            public void refresh() {
            }

            @Override
            public boolean implies(ProtectionDomain domain, Permission permission) {
                return !(permission instanceof FilePermission) && !permission.getName().contains(id);
            }
        });
        System.setSecurityManager(new SecurityManager());
        // will throw IllegalArgumentException if the resource can
        // not be loaded
        final DateTimeZone zone = DateTimeZone.forID(id);
        assertNotNull(zone);
    } finally {
        System.setSecurityManager(null);
        Policy.setPolicy(ALLOW);
    }
}
Also used : Policy(java.security.Policy) PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) CodeSource(java.security.CodeSource) FilePermission(java.io.FilePermission) Random(java.util.Random) Permissions(java.security.Permissions) AllPermission(java.security.AllPermission) FilePermission(java.io.FilePermission) Permission(java.security.Permission) AllPermission(java.security.AllPermission) HashSet(java.util.HashSet)

Example 12 with Permissions

use of java.security.Permissions in project lucene-solr by apache.

the class LuceneTestCase method runWithRestrictedPermissions.

/** 
   * Runs a code part with restricted permissions (be sure to add all required permissions,
   * because it would start with empty permissions). You cannot grant more permissions than
   * our policy file allows, but you may restrict writing to several dirs...
   * <p><em>Note:</em> This assumes a {@link SecurityManager} enabled, otherwise it
   * stops test execution. If enabled, it needs the following {@link SecurityPermission}:
   * {@code "createAccessControlContext"}
   */
public static <T> T runWithRestrictedPermissions(PrivilegedExceptionAction<T> action, Permission... permissions) throws Exception {
    assumeTrue("runWithRestrictedPermissions requires a SecurityManager enabled", System.getSecurityManager() != null);
    // be sure to have required permission, otherwise doPrivileged runs with *no* permissions:
    AccessController.checkPermission(new SecurityPermission("createAccessControlContext"));
    final PermissionCollection perms = new Permissions();
    Arrays.stream(permissions).forEach(perms::add);
    final AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, perms) });
    try {
        return AccessController.doPrivileged(action, ctx);
    } catch (PrivilegedActionException e) {
        throw e.getException();
    }
}
Also used : PermissionCollection(java.security.PermissionCollection) ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) PrivilegedActionException(java.security.PrivilegedActionException) Permissions(java.security.Permissions) SecurityPermission(java.security.SecurityPermission)

Example 13 with Permissions

use of java.security.Permissions in project wildfly by wildfly.

the class SecurityHelper method getSecurityContextForJNDILookup.

private static AccessControlContext getSecurityContextForJNDILookup(Collection<JndiPermission> jndiPermissions) {
    CodeSource src = new CodeSource(null, (Certificate[]) null);
    Permissions perms = new Permissions();
    for (JndiPermission p : jndiPermissions) {
        perms.add(p);
    }
    ProtectionDomain domain = new ProtectionDomain(src, perms);
    AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { domain });
    return ctx;
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions) JndiPermission(org.wildfly.naming.java.permission.JndiPermission) CodeSource(java.security.CodeSource) Certificate(java.security.cert.Certificate)

Example 14 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class MBeanInstantiator method getClassLoader.

private ClassLoader getClassLoader(final ObjectName name) {
    if (clr == null) {
        return null;
    }
    // Restrict to getClassLoader permission only
    Permissions permissions = new Permissions();
    permissions.add(new MBeanPermission("*", null, name, "getClassLoader"));
    ProtectionDomain protectionDomain = new ProtectionDomain(null, permissions);
    ProtectionDomain[] domains = { protectionDomain };
    AccessControlContext ctx = new AccessControlContext(domains);
    ClassLoader loader = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {

        public ClassLoader run() {
            return clr.getClassLoader(name);
        }
    }, ctx);
    return loader;
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) MBeanPermission(javax.management.MBeanPermission) Permissions(java.security.Permissions)

Example 15 with Permissions

use of java.security.Permissions in project jdk8u_jdk by JetBrains.

the class RMIConnectionImpl method withPermissions.

private static AccessControlContext withPermissions(Permission... perms) {
    Permissions col = new Permissions();
    for (Permission thePerm : perms) {
        col.add(thePerm);
    }
    final ProtectionDomain pd = new ProtectionDomain(null, col);
    return new AccessControlContext(new ProtectionDomain[] { pd });
}
Also used : ProtectionDomain(java.security.ProtectionDomain) AccessControlContext(java.security.AccessControlContext) Permissions(java.security.Permissions) Permission(java.security.Permission)

Aggregations

Permissions (java.security.Permissions)35 ProtectionDomain (java.security.ProtectionDomain)21 PermissionCollection (java.security.PermissionCollection)16 AccessControlContext (java.security.AccessControlContext)13 Permission (java.security.Permission)11 FilePermission (java.io.FilePermission)10 CodeSource (java.security.CodeSource)10 SocketPermission (java.net.SocketPermission)7 Path (java.nio.file.Path)6 Policy (java.security.Policy)6 AllPermission (java.security.AllPermission)5 Certificate (java.security.cert.Certificate)5 URLClassLoader (java.net.URLClassLoader)4 File (java.io.File)3 IOException (java.io.IOException)3 SecurityPermission (java.security.SecurityPermission)2 UnresolvedPermission (java.security.UnresolvedPermission)2 ArrayList (java.util.ArrayList)2 Settings (org.elasticsearch.common.settings.Settings)2 Environment (org.elasticsearch.env.Environment)2