changeset 8351:9006b8e45e6d

8080688: Service for DGC services Reviewed-by: skoivu, igerasim, jeff
author smarks
date Thu, 25 Jun 2015 16:44:04 -0700
parents d1171cfa66a8
children 6964c084c898
files src/share/classes/sun/rmi/transport/DGCImpl.java
diffstat 1 files changed, 21 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/sun/rmi/transport/DGCImpl.java	Sat May 23 02:49:50 2015 +0300
+++ b/src/share/classes/sun/rmi/transport/DGCImpl.java	Thu Jun 25 16:44:04 2015 -0700
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2005, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -24,6 +24,7 @@
  */
 package sun.rmi.transport;
 
+import java.net.SocketPermission;
 import java.rmi.Remote;
 import java.rmi.RemoteException;
 import java.rmi.dgc.DGC;
@@ -33,8 +34,11 @@
 import java.rmi.server.ObjID;
 import java.rmi.server.RemoteServer;
 import java.rmi.server.ServerNotActiveException;
+import java.security.AccessControlContext;
 import java.security.AccessController;
+import java.security.Permissions;
 import java.security.PrivilegedAction;
+import java.security.ProtectionDomain;
 import java.util.ArrayList;
 import java.util.HashSet;
 import java.util.HashMap;
@@ -288,15 +292,26 @@
                      */
                     try {
                         dgc = new DGCImpl();
-                        ObjID dgcID = new ObjID(ObjID.DGC_ID);
+                        final ObjID dgcID = new ObjID(ObjID.DGC_ID);
                         LiveRef ref = new LiveRef(dgcID, 0);
-                        UnicastServerRef disp = new UnicastServerRef(ref);
-                        Remote stub =
+                        final UnicastServerRef disp = new UnicastServerRef(ref);
+                        final Remote stub =
                             Util.createProxy(DGCImpl.class,
                                              new UnicastRef(ref), true);
                         disp.setSkeleton(dgc);
-                        Target target =
-                            new Target(dgc, disp, stub, dgcID, true);
+
+                        Permissions perms = new Permissions();
+                        perms.add(new SocketPermission("*", "accept,resolve"));
+                        ProtectionDomain[] pd = { new ProtectionDomain(null, perms) };
+                        AccessControlContext acceptAcc = new AccessControlContext(pd);
+
+                        Target target = AccessController.doPrivileged(
+                            new PrivilegedAction<Target>() {
+                                public Target run() {
+                                    return new Target(dgc, disp, stub, dgcID, true);
+                                }
+                            }, acceptAcc);
+
                         ObjectTable.putTarget(target);
                     } catch (RemoteException e) {
                         throw new Error(