OpenJDK / jdk / jdk
changeset 18222:2b50015e08db
8001330: Improve on checking order
Reviewed-by: acorn, hawtin
| author | mullan |
|---|---|
| date | Fri, 05 Apr 2013 10:17:06 -0400 |
| parents | 5cd0fa789013 |
| children | 35a5c2462991 |
| files | jdk/src/share/classes/java/security/AccessControlContext.java jdk/src/share/classes/java/security/AccessController.java jdk/src/share/classes/java/security/ProtectionDomain.java |
| diffstat | 3 files changed, 44 insertions(+), 25 deletions(-) [+] |
line wrap: on
line diff
--- a/jdk/src/share/classes/java/security/AccessControlContext.java Thu Mar 21 13:56:28 2013 +0100 +++ b/jdk/src/share/classes/java/security/AccessControlContext.java Fri Apr 05 10:17:06 2013 -0400 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -77,7 +77,10 @@ public final class AccessControlContext { private ProtectionDomain context[]; + // isPrivileged and isAuthorized are referenced by the VM - do not remove + // or change their names private boolean isPrivileged; + private boolean isAuthorized = false; // Note: This field is directly used by the virtual machine // native codes. Don't touch it. @@ -163,6 +166,7 @@ SecurityManager sm = System.getSecurityManager(); if (sm != null) { sm.checkPermission(SecurityConstants.CREATE_ACC_PERMISSION); + this.isAuthorized = true; } this.context = acc.context; @@ -184,6 +188,7 @@ this.context = context.clone(); } this.combiner = combiner; + this.isAuthorized = true; } /** @@ -191,10 +196,11 @@ */ AccessControlContext(ProtectionDomain context[], - boolean isPrivileged) + boolean isPrivileged) { this.context = context; this.isPrivileged = isPrivileged; + this.isAuthorized = true; } /** @@ -475,7 +481,7 @@ } private AccessControlContext goCombiner(ProtectionDomain[] current, - AccessControlContext assigned) { + AccessControlContext assigned) { // the assigned ACC's combiner is not null -- // let the combiner do its thing @@ -497,6 +503,7 @@ this.context = combinedPds; this.combiner = assigned.combiner; this.isPrivileged = false; + this.isAuthorized = assigned.isAuthorized; return this; }
--- a/jdk/src/share/classes/java/security/AccessController.java Thu Mar 21 13:56:28 2013 +0100 +++ b/jdk/src/share/classes/java/security/AccessController.java Fri Apr 05 10:17:06 2013 -0400 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -304,28 +304,31 @@ /** - * Performs the specified <code>PrivilegedAction</code> with privileges - * enabled and restricted by the specified - * <code>AccessControlContext</code>. + * Performs the specified {@code PrivilegedAction} with privileges + * enabled and restricted by the specified {@code AccessControlContext}. * The action is performed with the intersection of the permissions * possessed by the caller's protection domain, and those possessed - * by the domains represented by the specified - * <code>AccessControlContext</code>. + * by the domains represented by the specified {@code AccessControlContext}. * <p> - * If the action's <code>run</code> method throws an (unchecked) exception, + * If the action's {@code run} method throws an (unchecked) exception, * it will propagate through this method. + * <p> + * If a security manager is installed and the {@code AccessControlContext} + * was not created by system code and the caller's {@code ProtectionDomain} + * has not been granted the {@literal "createAccessControlContext"} + * {@link java.security.SecurityPermission}, then the action is performed + * with no permissions. * * @param action the action to be performed. * @param context an <i>access control context</i> * representing the restriction to be applied to the * caller's domain's privileges before performing * the specified action. If the context is - * <code>null</code>, - * then no additional restriction is applied. + * {@code null}, then no additional restriction is applied. * - * @return the value returned by the action's <code>run</code> method. + * @return the value returned by the action's {@code run} method. * - * @exception NullPointerException if the action is <code>null</code> + * @exception NullPointerException if the action is {@code null} * * @see #doPrivileged(PrivilegedAction) * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext) @@ -428,30 +431,34 @@ /** - * Performs the specified <code>PrivilegedExceptionAction</code> with + * Performs the specified {@code PrivilegedExceptionAction} with * privileges enabled and restricted by the specified - * <code>AccessControlContext</code>. The action is performed with the + * {@code AccessControlContext}. The action is performed with the * intersection of the permissions possessed by the caller's * protection domain, and those possessed by the domains represented by the - * specified <code>AccessControlContext</code>. + * specified {@code AccessControlContext}. * <p> - * If the action's <code>run</code> method throws an <i>unchecked</i> + * If the action's {@code run} method throws an <i>unchecked</i> * exception, it will propagate through this method. + * <p> + * If a security manager is installed and the {@code AccessControlContext} + * was not created by system code and the caller's {@code ProtectionDomain} + * has not been granted the {@literal "createAccessControlContext"} + * {@link java.security.SecurityPermission}, then the action is performed + * with no permissions. * * @param action the action to be performed * @param context an <i>access control context</i> * representing the restriction to be applied to the * caller's domain's privileges before performing * the specified action. If the context is - * <code>null</code>, - * then no additional restriction is applied. + * {@code null}, then no additional restriction is applied. * - * @return the value returned by the action's <code>run</code> method + * @return the value returned by the action's {@code run} method * * @exception PrivilegedActionException if the specified action's - * <code>run</code> method - * threw a <i>checked</i> exception - * @exception NullPointerException if the action is <code>null</code> + * {@code run} method threw a <i>checked</i> exception + * @exception NullPointerException if the action is {@code null} * * @see #doPrivileged(PrivilegedAction) * @see #doPrivileged(PrivilegedExceptionAction,AccessControlContext)
--- a/jdk/src/share/classes/java/security/ProtectionDomain.java Thu Mar 21 13:56:28 2013 +0100 +++ b/jdk/src/share/classes/java/security/ProtectionDomain.java Fri Apr 05 10:17:06 2013 -0400 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1997, 2011, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This code is free software; you can redistribute it and/or modify it @@ -277,6 +277,11 @@ return false; } + // called by the VM -- do not remove + boolean impliesCreateAccessControlContext() { + return implies(SecurityConstants.CREATE_ACC_PERMISSION); + } + /** * Convert a ProtectionDomain to a String. */