Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
0f73f0a7
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
0f73f0a7
编写于
8月 02, 2013
作者:
M
mullan
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
8001319: Add SecurityPermission "insertProvider" target name
Reviewed-by: vinnie
上级
381e10cf
变更
6
显示空白变更内容
内联
并排
Showing
6 changed file
with
140 addition
and
31 deletion
+140
-31
src/share/classes/java/security/Security.java
src/share/classes/java/security/Security.java
+32
-23
src/share/classes/java/security/SecurityPermission.java
src/share/classes/java/security/SecurityPermission.java
+27
-8
test/java/security/Security/AddProvider.java
test/java/security/Security/AddProvider.java
+59
-0
test/java/security/Security/AddProvider.policy.1
test/java/security/Security/AddProvider.policy.1
+7
-0
test/java/security/Security/AddProvider.policy.2
test/java/security/Security/AddProvider.policy.2
+8
-0
test/java/security/Security/AddProvider.policy.3
test/java/security/Security/AddProvider.policy.3
+7
-0
未找到文件。
src/share/classes/java/security/Security.java
浏览文件 @
0f73f0a7
...
@@ -326,17 +326,13 @@ public final class Security {
...
@@ -326,17 +326,13 @@ public final class Security {
*
*
* <p>A provider cannot be added if it is already installed.
* <p>A provider cannot be added if it is already installed.
*
*
* <p>First, if there is a security manager, its
* <p>If there is a security manager, the
* {@code checkSecurityAccess}
* {@link java.lang.SecurityManager#checkSecurityAccess} method is called
* method is called with the string
* with the {@code "insertProvider"} permission target name to see if
* {@code "insertProvider."+provider.getName()}
* it's ok to add a new provider. If this permission check is denied,
* to see if it's ok to add a new provider.
* {@code checkSecurityAccess} is called again with the
* If the default implementation of {@code checkSecurityAccess}
* {@code "insertProvider."+provider.getName()} permission target name. If
* is used (i.e., that method is not overriden), then this will result in
* both checks are denied, a {@code SecurityException} is thrown.
* a call to the security manager's {@code checkPermission} method
* with a
* {@code SecurityPermission("insertProvider."+provider.getName())}
* permission.
*
*
* @param provider the provider to be added.
* @param provider the provider to be added.
*
*
...
@@ -360,7 +356,7 @@ public final class Security {
...
@@ -360,7 +356,7 @@ public final class Security {
public
static
synchronized
int
insertProviderAt
(
Provider
provider
,
public
static
synchronized
int
insertProviderAt
(
Provider
provider
,
int
position
)
{
int
position
)
{
String
providerName
=
provider
.
getName
();
String
providerName
=
provider
.
getName
();
check
(
"insertProvider."
+
providerName
);
check
InsertProvider
(
providerName
);
ProviderList
list
=
Providers
.
getFullProviderList
();
ProviderList
list
=
Providers
.
getFullProviderList
();
ProviderList
newList
=
ProviderList
.
insertAt
(
list
,
provider
,
position
-
1
);
ProviderList
newList
=
ProviderList
.
insertAt
(
list
,
provider
,
position
-
1
);
if
(
list
==
newList
)
{
if
(
list
==
newList
)
{
...
@@ -373,17 +369,13 @@ public final class Security {
...
@@ -373,17 +369,13 @@ public final class Security {
/**
/**
* Adds a provider to the next position available.
* Adds a provider to the next position available.
*
*
* <p>First, if there is a security manager, its
* <p>If there is a security manager, the
* {@code checkSecurityAccess}
* {@link java.lang.SecurityManager#checkSecurityAccess} method is called
* method is called with the string
* with the {@code "insertProvider"} permission target name to see if
* {@code "insertProvider."+provider.getName()}
* it's ok to add a new provider. If this permission check is denied,
* to see if it's ok to add a new provider.
* {@code checkSecurityAccess} is called again with the
* If the default implementation of {@code checkSecurityAccess}
* {@code "insertProvider."+provider.getName()} permission target name. If
* is used (i.e., that method is not overriden), then this will result in
* both checks are denied, a {@code SecurityException} is thrown.
* a call to the security manager's {@code checkPermission} method
* with a
* {@code SecurityPermission("insertProvider."+provider.getName())}
* permission.
*
*
* @param provider the provider to be added.
* @param provider the provider to be added.
*
*
...
@@ -863,6 +855,23 @@ public final class Security {
...
@@ -863,6 +855,23 @@ public final class Security {
}
}
}
}
private
static
void
checkInsertProvider
(
String
name
)
{
SecurityManager
security
=
System
.
getSecurityManager
();
if
(
security
!=
null
)
{
try
{
security
.
checkSecurityAccess
(
"insertProvider"
);
}
catch
(
SecurityException
se1
)
{
try
{
security
.
checkSecurityAccess
(
"insertProvider."
+
name
);
}
catch
(
SecurityException
se2
)
{
// throw first exception, but add second to suppressed
se1
.
addSuppressed
(
se2
);
throw
se1
;
}
}
}
}
/*
/*
* Returns all providers who satisfy the specified
* Returns all providers who satisfy the specified
* criterion.
* criterion.
...
...
src/share/classes/java/security/SecurityPermission.java
浏览文件 @
0f73f0a7
...
@@ -130,14 +130,17 @@ import java.util.StringTokenizer;
...
@@ -130,14 +130,17 @@ import java.util.StringTokenizer;
* </tr>
* </tr>
*
*
* <tr>
* <tr>
* <td>insertProvider
.{provider name}
</td>
* <td>insertProvider</td>
* <td>Addition of a new provider
, with the specified name
</td>
* <td>Addition of a new provider</td>
* <td>This would allow somebody to introduce a possibly
* <td>This would allow somebody to introduce a possibly
* malicious provider (e.g., one that discloses the private keys passed
* malicious provider (e.g., one that discloses the private keys passed
* to it) as the highest-priority provider. This would be possible
* to it) as the highest-priority provider. This would be possible
* because the Security object (which manages the installed providers)
* because the Security object (which manages the installed providers)
* currently does not check the integrity or authenticity of a provider
* currently does not check the integrity or authenticity of a provider
* before attaching it.</td>
* before attaching it. The "insertProvider" permission subsumes the
* "insertProvider.{provider name}" permission (see the section below for
* more information).
* </td>
* </tr>
* </tr>
*
*
* <tr>
* <tr>
...
@@ -186,9 +189,10 @@ import java.util.StringTokenizer;
...
@@ -186,9 +189,10 @@ import java.util.StringTokenizer;
* </table>
* </table>
*
*
* <P>
* <P>
* The following permissions are associated with classes that have been
* The following permissions have been superseded by newer permissions or are
* deprecated: {@link Identity}, {@link IdentityScope}, {@link Signer}. Use of
* associated with classes that have been deprecated: {@link Identity},
* them is discouraged. See the applicable classes for more information.
* {@link IdentityScope}, {@link Signer}. Use of them is discouraged. See the
* applicable classes for more information.
* <P>
* <P>
*
*
* <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
* <table border=1 cellpadding=5 summary="target name,what the permission allows, and associated risks">
...
@@ -199,6 +203,23 @@ import java.util.StringTokenizer;
...
@@ -199,6 +203,23 @@ import java.util.StringTokenizer;
* </tr>
* </tr>
*
*
* <tr>
* <tr>
* <td>insertProvider.{provider name}</td>
* <td>Addition of a new provider, with the specified name</td>
* <td>Use of this permission is discouraged from further use because it is
* possible to circumvent the name restrictions by overriding the
* {@link java.security.Provider#getName} method. Also, there is an equivalent
* level of risk associated with granting code permission to insert a provider
* with a specific name, or any name it chooses. Users should use the
* "insertProvider" permission instead.
* <p>This would allow somebody to introduce a possibly
* malicious provider (e.g., one that discloses the private keys passed
* to it) as the highest-priority provider. This would be possible
* because the Security object (which manages the installed providers)
* currently does not check the integrity or authenticity of a provider
* before attaching it.</td>
* </tr>
*
* <tr>
* <td>setSystemScope</td>
* <td>setSystemScope</td>
* <td>Setting of the system identity scope</td>
* <td>Setting of the system identity scope</td>
* <td>This would allow an attacker to configure the system identity scope with
* <td>This would allow an attacker to configure the system identity scope with
...
@@ -306,7 +327,6 @@ public final class SecurityPermission extends BasicPermission {
...
@@ -306,7 +327,6 @@ public final class SecurityPermission extends BasicPermission {
* @throws NullPointerException if {@code name} is {@code null}.
* @throws NullPointerException if {@code name} is {@code null}.
* @throws IllegalArgumentException if {@code name} is empty.
* @throws IllegalArgumentException if {@code name} is empty.
*/
*/
public
SecurityPermission
(
String
name
)
public
SecurityPermission
(
String
name
)
{
{
super
(
name
);
super
(
name
);
...
@@ -323,7 +343,6 @@ public final class SecurityPermission extends BasicPermission {
...
@@ -323,7 +343,6 @@ public final class SecurityPermission extends BasicPermission {
* @throws NullPointerException if {@code name} is {@code null}.
* @throws NullPointerException if {@code name} is {@code null}.
* @throws IllegalArgumentException if {@code name} is empty.
* @throws IllegalArgumentException if {@code name} is empty.
*/
*/
public
SecurityPermission
(
String
name
,
String
actions
)
public
SecurityPermission
(
String
name
,
String
actions
)
{
{
super
(
name
,
actions
);
super
(
name
,
actions
);
...
...
test/java/security/Security/AddProvider.java
0 → 100644
浏览文件 @
0f73f0a7
/*
* Copyright (c) 2013, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation.
*
* This code is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
* version 2 for more details (a copy is included in the LICENSE file that
* accompanied this code).
*
* You should have received a copy of the GNU General Public License version
* 2 along with this work; if not, write to the Free Software Foundation,
* Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
*
* Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
* or visit www.oracle.com if you need additional information or have any
* questions.
*/
/*
* @test
* @bug 8001319
* @summary check that SecurityPermission insertProvider permission is enforced
* correctly
* @run main/othervm/policy=AddProvider.policy.1 AddProvider 1
* @run main/othervm/policy=AddProvider.policy.2 AddProvider 2
* @run main/othervm/policy=AddProvider.policy.3 AddProvider 3
*/
import
java.security.Provider
;
import
java.security.Security
;
public
class
AddProvider
{
public
static
void
main
(
String
[]
args
)
throws
Exception
{
boolean
legacy
=
args
[
0
].
equals
(
"2"
);
Security
.
addProvider
(
new
TestProvider
(
"Test1"
));
Security
.
insertProviderAt
(
new
TestProvider
(
"Test2"
),
1
);
try
{
Security
.
addProvider
(
new
TestProvider
(
"Test3"
));
if
(
legacy
)
{
throw
new
Exception
(
"Expected SecurityException"
);
}
}
catch
(
SecurityException
se
)
{
if
(!
legacy
)
{
throw
se
;
}
}
}
private
static
class
TestProvider
extends
Provider
{
TestProvider
(
String
name
)
{
super
(
name
,
0.0
,
"Not for use in production systems!"
);
}
}
}
test/java/security/Security/AddProvider.policy.1
0 → 100644
浏览文件 @
0f73f0a7
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
grant {
permission java.security.SecurityPermission "insertProvider";
};
test/java/security/Security/AddProvider.policy.2
0 → 100644
浏览文件 @
0f73f0a7
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
grant {
permission java.security.SecurityPermission "insertProvider.Test1";
permission java.security.SecurityPermission "insertProvider.Test2";
};
test/java/security/Security/AddProvider.policy.3
0 → 100644
浏览文件 @
0f73f0a7
grant codeBase "file:${{java.ext.dirs}}/*" {
permission java.security.AllPermission;
};
grant {
permission java.security.SecurityPermission "insertProvider.*";
};
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录