Frames | No Frames |
1: /* SecurityPermission.java -- Class for named security permissions 2: Copyright (C) 1998, 2002 Free Software Foundation, Inc. 3: 4: This file is part of GNU Classpath. 5: 6: GNU Classpath is free software; you can redistribute it and/or modify 7: it under the terms of the GNU General Public License as published by 8: the Free Software Foundation; either version 2, or (at your option) 9: any later version. 10: 11: GNU Classpath is distributed in the hope that it will be useful, but 12: WITHOUT ANY WARRANTY; without even the implied warranty of 13: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 14: General Public License for more details. 15: 16: You should have received a copy of the GNU General Public License 17: along with GNU Classpath; see the file COPYING. If not, write to the 18: Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 19: 02110-1301 USA. 20: 21: Linking this library statically or dynamically with other modules is 22: making a combined work based on this library. Thus, the terms and 23: conditions of the GNU General Public License cover the whole 24: combination. 25: 26: As a special exception, the copyright holders of this library give you 27: permission to link this library with independent modules to produce an 28: executable, regardless of the license terms of these independent 29: modules, and to copy and distribute the resulting executable under 30: terms of your choice, provided that you also meet, for each linked 31: independent module, the terms and conditions of the license of that 32: module. An independent module is a module which is not derived from 33: or based on this library. If you modify this library, you may extend 34: this exception to your version of the library, but you are not 35: obligated to do so. If you do not wish to do so, delete this 36: exception statement from your version. */ 37: 38: package java.security; 39: 40: /** 41: * This class provides a mechanism for specified named permissions 42: * related to the Java security framework. These permissions have no 43: * associated actions list. They are either granted or not granted. 44: * 45: * <p>The list of valid permission names is:<br> 46: * <table border=1> 47: * <tr><th>Permission Name</th><th>Permission Allows</th><th>Risks</th</tr> 48: * <tr> 49: * <td><code>createAccessControlContext</code></td> 50: * <td>Allows creation of an AccessControlContext</td> 51: * <td>The new control context can have a rogue DomainCombiner, leading 52: * to a privacy leak</td></tr> 53: * <tr> 54: * <td><code>getDomainCombiner</code></td> 55: * <td>Get a DomainCombiner from an AccessControlContext</td> 56: * <td>Access to a DomainCombiner can lead to a privacy leak</td></tr> 57: * <tr> 58: * <td><code>getPolicy</code></td> 59: * <td>Allows retrieval of the system security policy</td> 60: * <td>Malicious code can use information from the policy to better plan 61: * an attack</td></tr> 62: * <tr> 63: * <td><code>setPolicy</code></td> 64: * <td>Allows the security policy to be changed</td> 65: * <td>Malicious code can give itself any permission it wants</td></tr> 66: * <tr> 67: * <td><code>getProperty.</code><em>key</em></td> 68: * <td>Retrieve the property specified by the key</td> 69: * <td>Malicious code can use information from the property to better plan 70: * an attack</td></tr> 71: * <tr> 72: * <td><code>setProperty.</code><em>key</em></td> 73: * <td>Allows changing of the value of all properties implied by key</td> 74: * <td>Malicious code can insert rogue classes to steal keys or recreate 75: * the security policy with whatever permissions it desires</td></tr> 76: * <tr> 77: * <td><code>insertProvider.</code><em>key</em></td> 78: * <td>Allows the named provider to be added</td> 79: * <td>Malicious code can insert rogue providers that steal data</td></tr> 80: * <tr> 81: * <td><code>removeProvider.</code><em>key</em></td> 82: * <td>Allows the named provider to be removed</td> 83: * <td>A missing provider can cripple code that relies on it</td></tr> 84: * <tr> 85: * <td><code>setSystemScope</code></td> 86: * <td>Allows the system identity scope to be set</td> 87: * <td>Malicious code can add certificates not available in the original 88: * identity scope, to gain more permissions</td></tr> 89: * <tr> 90: * <td><code>setIdentityPublicKey</code></td> 91: * <td>Allows the public key of an Identity to be set</td> 92: * <td>Malicious code can install its own key to gain permissions not 93: * allowed by the original identity scope</td></tr> 94: * <tr> 95: * <td><code>SetIdentityInfo</code></td> 96: * <td>Allows the description of an Identity to be set</td> 97: * <td>Malicious code can spoof users into trusting a fake identity</td></tr> 98: * <tr> 99: * <td><code>addIdentityCertificate</code></td> 100: * <td>Allows a certificate to be set for the public key of an identity</td> 101: * <td>The public key can become trusted to a wider audience than originally 102: * intended</td></tr> 103: * <tr> 104: * <td><code>removeIdentityCertificate</code></td> 105: * <td>Allows removal of a certificate from an identity's public key</td> 106: * <td>The public key can become less trusted than it should be</td></tr> 107: * <tr> 108: * <td><code>printIdentity</code></td> 109: * <td>View the name of the identity and scope, and whether they are 110: * trusted</td> 111: * <td>The scope may include a filename, which provides an entry point for 112: * further security breaches</td></tr> 113: * <tr> 114: * <td><code>clearProviderProperties.</code><em>key</em></td> 115: * <td>Allows the properties of the named provider to be cleared</td> 116: * <td>This can disable parts of the program which depend on finding the 117: * provider</td></tr> 118: * <tr> 119: * <td><code>putProviderProperty.</code><em>key</em></td> 120: * <td>Allows the properties of the named provider to be changed</td> 121: * <td>Malicious code can replace the implementation of a provider</td></tr> 122: * <tr> 123: * <td><code>removeProviderProperty.</code><em>key</em></td> 124: * <td>Allows the properties of the named provider to be deleted</td> 125: * <td>This can disable parts of the program which depend on finding the 126: * provider</td></tr> 127: * <tr> 128: * <td><code>getSignerPrivateKey</code></td> 129: * <td>Allows the retrieval of the private key for a signer</td> 130: * <td>Anyone that can access the private key can claim to be the 131: * Signer</td></tr> 132: * <tr> 133: * <td><code>setSignerKeyPair</code></td> 134: * <td>Allows the public and private key of a Signer to be changed</td> 135: * <td>The replacement might be a weaker encryption, or the attacker 136: * can use knowledge of the replaced key to decrypt an entire 137: * communication session</td></tr> 138: * </table> 139: * 140: * <p>There is some degree of security risk in granting any of these 141: * permissions. Some of them can completely compromise system security. 142: * Please exercise extreme caution in granting these permissions. 143: * 144: * @author Aaron M. Renn (arenn@urbanophile.com) 145: * @see Permission 146: * @see SecurityManager 147: * @since 1.1 148: * @status updated to 1.4 149: */ 150: public final class SecurityPermission extends BasicPermission 151: { 152: /** 153: * Compatible with JDK 1.1+. 154: */ 155: private static final long serialVersionUID = 5236109936224050470L; 156: 157: /** 158: * Create a new instance with the specified name. 159: * 160: * @param name the name to assign to this permission 161: */ 162: public SecurityPermission(String name) 163: { 164: super(name); 165: } 166: 167: /** 168: * Create a new instance with the specified name. As SecurityPermission 169: * carries no actions, the second parameter is ignored. 170: * 171: * @param name the name to assign to this permission 172: * @param actions ignored 173: */ 174: public SecurityPermission(String name, String actions) 175: { 176: super(name); 177: } 178: } // class SecurityPermission