| Methods Summary |
|---|
| public void | checkAccept(java.lang.String host, int port)Checks whether the calling thread is allowed to accept socket
connections.
if (host == null) {
throw new NullPointerException();
}
checkPermission(new SocketPermission(host + ':" + port, "accept")); //$NON-NLS-1$
|
| public void | checkAccess(java.lang.Thread thread)Checks whether the calling thread is allowed to modify the specified
thread.
// Only worry about system threads. Dead threads have a null group.
ThreadGroup group = thread.getThreadGroup();
if ((group != null) && (group.parent == null)) {
checkPermission(RuntimePermission.permissionToModifyThread);
}
|
| public void | checkAccess(java.lang.ThreadGroup group)Checks whether the calling thread is allowed to modify the specified
thread group.
// Only worry about system threads.
if (group == null) {
throw new NullPointerException();
}
if (group.parent == null) {
checkPermission(RuntimePermission.permissionToModifyThreadGroup);
}
|
| public void | checkAwtEventQueueAccess()Checks whether the calling thread is allowed to access the AWT event
queue.
try {
Class<?> awtPermission = Class.forName("java.awt.AWTPermission"); //$NON-NLS-1$
Constructor<?> constructor = awtPermission
.getConstructor(String.class);
Object perm = constructor.newInstance("accessEventQueue"); //$NON-NLS-1$
checkPermission((Permission) perm);
return;
} catch (ClassNotFoundException e) {
} catch (NoSuchMethodException e) {
} catch (InstantiationException e) {
} catch (IllegalAccessException e) {
} catch (InvocationTargetException e) {
}
throw new SecurityException();
|
| public void | checkConnect(java.lang.String host, int port)Checks whether the calling thread is allowed to establish socket
connections. A -1 port indicates the caller is trying to resolve the
hostname.
if (host == null) {
throw new NullPointerException();
}
if (port > 0) {
checkPermission(new SocketPermission(host + ':" + port, "connect")); //$NON-NLS-1$
} else {
checkPermission(new SocketPermission(host, "resolve")); //$NON-NLS-1$
}
|
| public void | checkConnect(java.lang.String host, int port, java.lang.Object context)Checks whether the specified security context is allowed to establish
socket connections. A -1 port indicates the caller is trying to resolve
the hostname.
// BEGIN android-added
if (host == null) {
throw new NullPointerException();
}
// END android-added
if (port > 0) {
checkPermission(new SocketPermission(host + ':" + port, "connect"), //$NON-NLS-1$
context);
} else {
checkPermission(new SocketPermission(host, "resolve"), context); //$NON-NLS-1$
}
|
| public void | checkCreateClassLoader()Checks whether the calling thread is allowed to create a class loader.
checkPermission(RuntimePermission.permissionToCreateClassLoader);
|
| public void | checkDelete(java.lang.String file)Checks whether the calling thread is allowed to delete the file with the
specified name, which should be passed in canonical form.
checkPermission(new FilePermission(file, "delete")); //$NON-NLS-1$
|
| public void | checkExec(java.lang.String cmd)Checks whether the calling thread is allowed to execute the specified
platform specific command.
checkPermission(new FilePermission(new File(cmd).isAbsolute() ? cmd
: "<<ALL FILES>>", "execute")); //$NON-NLS-1$ //$NON-NLS-2$
|
| public void | checkExit(int status)Checks whether the calling thread is allowed to terminate the virtual
machine.
checkPermission(RuntimePermission.permissionToExitVM);
|
| public void | checkLink(java.lang.String libName)Checks whether the calling thread is allowed to load the specified native
library.
if (libName == null) {
throw new NullPointerException();
}
checkPermission(new RuntimePermission("loadLibrary." + libName)); //$NON-NLS-1$
|
| public void | checkListen(int port)Checks whether the calling thread is allowed to listen on the specified
port.
if (port == 0) {
checkPermission(new SocketPermission("localhost:1024-", "listen")); //$NON-NLS-1$ //$NON-NLS-2$
} else {
checkPermission(new SocketPermission("localhost:" + port, "listen")); //$NON-NLS-1$//$NON-NLS-2$
}
|
| public void | checkMemberAccess(java.lang.Class cls, int type)Checks whether the calling thread is allowed to access members. The
default is to allow access to public members (that is, {@code
java.lang.reflect.Member.PUBLIC}) and to classes loaded by the same
loader as the original caller (that is, the method that called the
reflect API). Due to the nature of the check, overriding implementations
cannot call {@code super.checkMemberAccess()} since the stack would no
longer be of the expected shape.
if (cls == null) {
throw new NullPointerException();
}
if (type == Member.PUBLIC) {
return;
}
//
// Need to compare the classloaders.
// Stack shape is
// <user code> <- want this class
// Class.getDeclared*();
// Class.checkMemberAccess();
// SecurityManager.checkMemberAccess(); <- current frame
//
// Use getClassLoaderImpl() since getClassLoader()
// returns null for the bootstrap class loader.
if (ClassLoader.getStackClassLoader(3) == cls.getClassLoaderImpl()) {
return;
}
// Forward off to the permission mechanism.
checkPermission(new RuntimePermission("accessDeclaredMembers")); //$NON-NLS-1$
|
| public void | checkMulticast(java.net.InetAddress maddr)Checks whether the calling thread is allowed to use the specified IP
multicast group address.
checkPermission(new SocketPermission(maddr.getHostAddress(),
"accept,connect")); //$NON-NLS-1$
|
| public void | checkMulticast(java.net.InetAddress maddr, byte ttl)Checks whether the calling thread is allowed to use the specified IP
multicast group address.
checkPermission(new SocketPermission(maddr.getHostAddress(),
"accept,connect")); //$NON-NLS-1$
|
| public void | checkPackageAccess(java.lang.String packageName)Checks whether the calling thread is allowed to access the specified
package.
if (packageName == null) {
throw new NullPointerException();
}
if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
checkPermission(new RuntimePermission("accessClassInPackage." //$NON-NLS-1$
+ packageName));
}
|
| public void | checkPackageDefinition(java.lang.String packageName)Checks whether the calling thread is allowed to define new classes in the
specified package.
if (packageName == null) {
throw new NullPointerException();
}
if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
checkPermission(new RuntimePermission("defineClassInPackage." //$NON-NLS-1$
+ packageName));
}
|
| private static boolean | checkPackageProperty(java.lang.String property, java.lang.String pkg)Returns true if the package name is restricted by the specified security
property.
String list = AccessController.doPrivileged(PriviAction
.getSecurityProperty(property));
if (list != null) {
int plen = pkg.length();
StringTokenizer tokenizer = new StringTokenizer(list, ", "); //$NON-NLS-1$
while (tokenizer.hasMoreTokens()) {
String token = tokenizer.nextToken();
int tlen = token.length();
if (plen > tlen
&& pkg.startsWith(token)
&& (token.charAt(tlen - 1) == '." || pkg.charAt(tlen) == '.")) {
return true;
} else if (plen == tlen && token.startsWith(pkg)) {
return true;
} else if (plen + 1 == tlen && token.startsWith(pkg)
&& token.charAt(tlen - 1) == '.") {
return true;
}
}
}
return false;
|
| public void | checkPermission(java.security.Permission permission)Checks whether the calling thread is allowed to access the resource being
guarded by the specified permission object.
try {
inCheck = true;
AccessController.checkPermission(permission);
} finally {
inCheck = false;
}
|
| public void | checkPermission(java.security.Permission permission, java.lang.Object context)Checks whether the specified security context is allowed to access the
resource being guarded by the specified permission object.
try {
inCheck = true;
// Must be an AccessControlContext. If we don't check
// this, then applications could pass in an arbitrary
// object which circumvents the security check.
if (context instanceof AccessControlContext) {
((AccessControlContext) context).checkPermission(permission);
} else {
throw new SecurityException();
}
} finally {
inCheck = false;
}
|
| public void | checkPrintJobAccess()Checks whether the calling thread is allowed to start a new print job.
checkPermission(RuntimePermission.permissionToQueuePrintJob);
|
| public void | checkPropertiesAccess()Checks whether the calling thread is allowed to access the system
properties.
checkPermission(READ_WRITE_ALL_PROPERTIES_PERMISSION);
|
| public void | checkPropertyAccess(java.lang.String key)Checks whether the calling thread is allowed to access a particular
system property.
checkPermission(new PropertyPermission(key, "read")); //$NON-NLS-1$
|
| public void | checkRead(java.io.FileDescriptor fd)Checks whether the calling thread is allowed to read from the file with
the specified file descriptor.
if (fd == null) {
throw new NullPointerException();
}
checkPermission(RuntimePermission.permissionToReadFileDescriptor);
|
| public void | checkRead(java.lang.String file)Checks whether the calling thread is allowed to read from the file with
the specified name, which should be passed in canonical form.
checkPermission(new FilePermission(file, "read")); //$NON-NLS-1$
|
| public void | checkRead(java.lang.String file, java.lang.Object context)Checks whether the given security context is allowed to read from the
file named by the argument, which should be passed in canonical form.
checkPermission(new FilePermission(file, "read"), context); //$NON-NLS-1$
|
| public void | checkSecurityAccess(java.lang.String target)Checks whether the calling thread is allowed to perform the security
operation named by the target.
checkPermission(new SecurityPermission(target));
|
| public void | checkSetFactory()Checks whether the calling thread is allowed to set the net object
factories.
checkPermission(RuntimePermission.permissionToSetFactory);
|
| public void | checkSystemClipboardAccess()Checks whether the calling thread is allowed to access the system
clipboard.
try {
Class<?> awtPermission = Class.forName("java.awt.AWTPermission"); //$NON-NLS-1$
Constructor<?> constructor = awtPermission
.getConstructor(String.class);
Object perm = constructor.newInstance("accessClipboard"); //$NON-NLS-1$
checkPermission((Permission) perm);
return;
} catch (ClassNotFoundException e) {
} catch (NoSuchMethodException e) {
} catch (InstantiationException e) {
} catch (IllegalAccessException e) {
} catch (InvocationTargetException e) {
}
throw new SecurityException();
|
| public boolean | checkTopLevelWindow(java.lang.Object window)Checks whether the calling thread is trusted to show the specified top
level window.
if (window == null) {
throw new NullPointerException();
}
try {
Class<?> awtPermission = Class.forName("java.awt.AWTPermission"); //$NON-NLS-1$
Constructor<?> constructor = awtPermission
.getConstructor(String.class);
Object perm = constructor
.newInstance("showWindowWithoutWarningBanner"); //$NON-NLS-1$
checkPermission((Permission) perm);
} catch (ClassNotFoundException e) {
} catch (NoSuchMethodException e) {
} catch (InstantiationException e) {
} catch (IllegalAccessException e) {
} catch (InvocationTargetException e) {
} catch (SecurityException e) {
return false;
}
return true;
|
| public void | checkWrite(java.io.FileDescriptor fd)Checks whether the calling thread is allowed to write to the file with
the specified file descriptor.
if (fd == null) {
throw new NullPointerException();
}
checkPermission(RuntimePermission.permissionToWriteFileDescriptor);
|
| public void | checkWrite(java.lang.String file)Checks whether the calling thread is allowed to write to the file with
the specified name, which should be passed in canonical form.
checkPermission(new FilePermission(file, "write")); //$NON-NLS-1$
|
| protected int | classDepth(java.lang.String name)Returns the index in the call stack of the first method which is
contained in the class with the specified name. Returns -1 if no methods
from this class are in the stack.
Class<?>[] classes = Class.getStackClasses(-1, false);
for (int i = 0; i < classes.length; i++) {
if (classes[i].getName().equals(name)) {
return i;
}
}
return -1;
|
| protected int | classLoaderDepth()Returns the index in the call stack of the first class whose class loader
is not a system class loader.
/*
* First, check if AllPermission is allowed. If so, then we are
* effectively running in an unsafe environment, so just answer -1 (==>
* everything is a system class).
*/
try {
checkPermission(new AllPermission());
return -1;
} catch (SecurityException ex) {
}
/*
* Now, check if there are any non-system class loaders in the stack up
* to the first privileged method (or the end of the stack.
*/
Class<?>[] classes = Class.getStackClasses(-1, true);
for (int i = 0; i < classes.length; i++) {
ClassLoader cl = classes[i].getClassLoaderImpl();
if (!cl.isSystemClassLoader()) {
return i;
}
}
return -1;
|
| protected java.lang.ClassLoader | currentClassLoader()Returns the class loader of the first class in the execution stack whose
class loader is not a system class loader.
/*
* First, check if AllPermission is allowed. If so, then we are
* effectively running in an unsafe environment, so just answer null
* (==> everything is a system class).
*/
try {
checkPermission(new AllPermission());
return null;
} catch (SecurityException ex) {
}
/*
* Now, check if there are any non-system class loaders in the stack up
* to the first privileged method (or the end of the stack.
*/
Class<?>[] classes = Class.getStackClasses(-1, true);
for (int i = 0; i < classes.length; i++) {
ClassLoader cl = classes[i].getClassLoaderImpl();
if (!cl.isSystemClassLoader()) {
return cl;
}
}
return null;
|
| protected java.lang.Class | currentLoadedClass()Returns the first class in the call stack that was loaded by a class
loader which is not a system class loader.
/*
* First, check if AllPermission is allowed. If so, then we are
* effectively running in an unsafe environment, so just answer null
* (==> everything is a system class).
*/
try {
checkPermission(new AllPermission());
return null;
} catch (SecurityException ex) {
}
/*
* Now, check if there are any non-system class loaders in the stack up
* to the first privileged method (or the end of the stack.
*/
Class<?>[] classes = Class.getStackClasses(-1, true);
for (int i = 0; i < classes.length; i++) {
ClassLoader cl = classes[i].getClassLoaderImpl();
if (!cl.isSystemClassLoader()) {
return classes[i];
}
}
return null;
|
| protected java.lang.Class[] | getClassContext()Returns an array containing one entry for each method in the current
execution stack. Each entry is the {@code java.lang.Class} which
represents the class in which the method is defined.
return VMStack.getClasses(-1, false);
|
| public boolean | getInCheck()Indicates if this security manager is currently checking something.
return inCheck;
|
| public java.lang.Object | getSecurityContext()Returns an object which encapsulates the security state of the current
point in the execution. In the Android reference implementation, this is
an {@link java.security.AccessControlContext}.
return AccessController.getContext();
|
| public java.lang.ThreadGroup | getThreadGroup()Returns the thread group which should be used to instantiate new threads.
By default, this is the same as the thread group of the thread running
this method.
return Thread.currentThread().getThreadGroup();
|
| protected boolean | inClass(java.lang.String name)Indicates whether there is a method in the call stack from the class with
the specified name.
return classDepth(name) != -1;
|
| protected boolean | inClassLoader()Indicates whether there is a method in the call stack from a class which
was defined by a non-system class loader.
return currentClassLoader() != null;
|
