changeset 26204:77df35747ce7

8055901: Update policytool for jdk.net.NetworkPermission Reviewed-by: michaelm
author weijun
date Tue, 26 Aug 2014 16:42:31 +0800
parents 0030579ec361
children c073791a67de
files jdk/src/java.base/share/classes/java/net/NetPermission.java jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java
diffstat 2 files changed, 31 insertions(+), 16 deletions(-) [+]
line wrap: on
line diff
--- a/jdk/src/java.base/share/classes/java/net/NetPermission.java	Tue Aug 26 15:10:29 2014 +0800
+++ b/jdk/src/java.base/share/classes/java/net/NetPermission.java	Tue Aug 26 16:42:31 2014 +0800
@@ -72,10 +72,10 @@
  *   </tr>
  *
  * <tr>
- *  <td>getNetworkInformation</td>
- *  <td>The ability to retrieve all information about local network interfaces.</td>
- *  <td>Malicious code can read information about network hardware such as
- *  MAC addresses, which could be used to construct local IPv6 addresses.</td>
+ *   <td>getNetworkInformation</td>
+ *   <td>The ability to retrieve all information about local network interfaces.</td>
+ *   <td>Malicious code can read information about network hardware such as
+ *   MAC addresses, which could be used to construct local IPv6 addresses.</td>
  * </tr>
  *
  * <tr>
@@ -98,8 +98,8 @@
  * <tr>
  *   <td>requestPasswordAuthentication</td>
  *   <td>The ability
- * to ask the authenticator registered with the system for
- * a password</td>
+ *   to ask the authenticator registered with the system for
+ *   a password</td>
  *   <td>Malicious code may steal this password.</td>
  * </tr>
  *
@@ -116,11 +116,11 @@
  * <tr>
  *   <td>setDefaultAuthenticator</td>
  *   <td>The ability to set the
- * way authentication information is retrieved when
- * a proxy or HTTP server asks for authentication</td>
+ *   way authentication information is retrieved when
+ *   a proxy or HTTP server asks for authentication</td>
  *   <td>Malicious
- * code can set an authenticator that monitors and steals user
- * authentication input as it retrieves the input from the user.</td>
+ *   code can set an authenticator that monitors and steals user
+ *   authentication input as it retrieves the input from the user.</td>
  * </tr>
  *
  * <tr>
@@ -143,13 +143,13 @@
  * <tr>
  *   <td>specifyStreamHandler</td>
  *   <td>The ability
- * to specify a stream handler when constructing a URL</td>
+ *   to specify a stream handler when constructing a URL</td>
  *   <td>Malicious code may create a URL with resources that it would
-normally not have access to (like file:/foo/fum/), specifying a
-stream handler that gets the actual bytes from someplace it does
-have access to. Thus it might be able to trick the system into
-creating a ProtectionDomain/CodeSource for a class even though
-that class really didn't come from that location.</td>
+ *   normally not have access to (like file:/foo/fum/), specifying a
+ *   stream handler that gets the actual bytes from someplace it does
+ *   have access to. Thus it might be able to trick the system into
+ *   creating a ProtectionDomain/CodeSource for a class even though
+ *   that class really didn't come from that location.</td>
  * </tr>
  * </table>
  *
--- a/jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java	Tue Aug 26 15:10:29 2014 +0800
+++ b/jdk/src/jdk.runtime/share/classes/sun/security/tools/policytool/PolicyTool.java	Tue Aug 26 16:42:31 2014 +0800
@@ -1695,6 +1695,7 @@
         PERM_ARRAY.add(new MBeanSvrPerm());
         PERM_ARRAY.add(new MBeanTrustPerm());
         PERM_ARRAY.add(new NetPerm());
+        PERM_ARRAY.add(new NetworkPerm());
         PERM_ARRAY.add(new PrivCredPerm());
         PERM_ARRAY.add(new PropPerm());
         PERM_ARRAY.add(new ReflectPerm());
@@ -4321,9 +4322,11 @@
     super("NetPermission",
         "java.net.NetPermission",
         new String[]    {
+                "allowHttpTrace",
                 "setDefaultAuthenticator",
                 "requestPasswordAuthentication",
                 "specifyStreamHandler",
+                "getNetworkInformation",
                 "setProxySelector",
                 "getProxySelector",
                 "setCookieHandler",
@@ -4335,6 +4338,18 @@
     }
 }
 
+class NetworkPerm extends Perm {
+    public NetworkPerm() {
+    super("NetworkPermission",
+        "jdk.net.NetworkPermission",
+        new String[]    {
+                "setOption.SO_FLOW_SLA",
+                "getOption.SO_FLOW_SLA"
+                },
+        null);
+    }
+}
+
 class PrivCredPerm extends Perm {
     public PrivCredPerm() {
     super("PrivateCredentialPermission",