archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-26 22:34:27 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8266459: Implement JEP 411: Deprecate the Security Manager for Removal

Browse source 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Reviewed-by: erikj, darcy, chegar, naoto, joehw, alanb, mchung, kcr, prr, lancea
This commit is contained in:
Weijun Wang 2021-06-02 11:57:31 +00:00
parent 19450b9951
commit 6765f90250
826 changed files with 2734 additions and 757 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/java.base/share/classes/java/io/File.java
View file

@ -770,6 +770,7 @@ public class File
* method denies read access to the file
*/
public boolean canRead() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -798,6 +799,7 @@ public class File
* method denies write access to the file
*/
public boolean canWrite() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -821,6 +823,7 @@ public class File
* method denies read access to the file or directory
*/
public boolean exists() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -851,6 +854,7 @@ public class File
* method denies read access to the file
*/
public boolean isDirectory() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -883,6 +887,7 @@ public class File
* method denies read access to the file
*/
public boolean isFile() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -912,6 +917,7 @@ public class File
* @since 1.2
*/
public boolean isHidden() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -955,6 +961,7 @@ public class File
* method denies read access to the file
*/
public long lastModified() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -986,6 +993,7 @@ public class File
* method denies read access to the file
*/
public long length() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -1026,6 +1034,7 @@ public class File
* @since 1.2
*/
public boolean createNewFile() throws IOException {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) security.checkWrite(path);
if (isInvalid()) {
@ -1053,6 +1062,7 @@ public class File
* delete access to the file
*/
public boolean delete() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkDelete(path);
@ -1091,6 +1101,7 @@ public class File
* @since 1.2
*/
public void deleteOnExit() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkDelete(path);
@ -1154,6 +1165,7 @@ public class File
* the directory
*/
private final String[] normalizedList() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(path);
@ -1356,6 +1368,7 @@ public class File
* method does not permit the named directory to be created
*/
public boolean mkdir() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1438,6 +1451,7 @@ public class File
if (dest == null) {
throw new NullPointerException();
}
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1477,6 +1491,7 @@ public class File
*/
public boolean setLastModified(long time) {
if (time < 0) throw new IllegalArgumentException("Negative time");
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1507,6 +1522,7 @@ public class File
* @since 1.2
*/
public boolean setReadOnly() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1550,6 +1566,7 @@ public class File
* @since 1.6
*/
public boolean setWritable(boolean writable, boolean ownerOnly) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1628,6 +1645,7 @@ public class File
* @since 1.6
*/
public boolean setReadable(boolean readable, boolean ownerOnly) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1709,6 +1727,7 @@ public class File
* @since 1.6
*/
public boolean setExecutable(boolean executable, boolean ownerOnly) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(path);
@ -1772,6 +1791,7 @@ public class File
* @since 1.6
*/
public boolean canExecute() {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkExec(path);
@ -1854,6 +1874,7 @@ public class File
* @see FileStore#getTotalSpace
*/
public long getTotalSpace() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getFileSystemAttributes"));
@ -1897,6 +1918,7 @@ public class File
* @see FileStore#getUnallocatedSpace
*/
public long getFreeSpace() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getFileSystemAttributes"));
@ -1943,6 +1965,7 @@ public class File
* @see FileStore#getUsableSpace
*/
public long getUsableSpace() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(new RuntimePermission("getFileSystemAttributes"));
@ -1977,6 +2000,7 @@ public class File
}
return subNameLength;
}
@SuppressWarnings("removal")
static File generateFile(String prefix, String suffix, File dir)
throws IOException
{
@ -2125,6 +2149,7 @@ public class File
File tmpdir = (directory != null) ? directory
: TempDirectory.location();
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
File f;
do {

2
src/java.base/share/classes/java/io/FileInputStream.java
View file

@ -140,6 +140,7 @@ public class FileInputStream extends InputStream
*/
public FileInputStream(File file) throws FileNotFoundException {
String name = (file != null ? file.getPath() : null);
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(name);
@ -182,6 +183,7 @@ public class FileInputStream extends InputStream
* @see SecurityManager#checkRead(java.io.FileDescriptor)
*/
public FileInputStream(FileDescriptor fdObj) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (fdObj == null) {
throw new NullPointerException();

4
src/java.base/share/classes/java/io/FileOutputStream.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1994, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1994, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -217,6 +217,7 @@ public class FileOutputStream extends OutputStream
throws FileNotFoundException
{
String name = (file != null ? file.getPath() : null);
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkWrite(name);
@ -259,6 +260,7 @@ public class FileOutputStream extends OutputStream
* @see java.lang.SecurityManager#checkWrite(java.io.FileDescriptor)
*/
public FileOutputStream(FileDescriptor fdObj) {
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (fdObj == null) {
throw new NullPointerException();

1
src/java.base/share/classes/java/io/FilePermission.java
View file

@ -308,6 +308,7 @@ public final class FilePermission extends Permission implements Serializable {
* @param mask the actions mask to use.
*
*/
@SuppressWarnings("removal")
private void init(int mask) {
if ((mask & ALL) != mask)
throw new IllegalArgumentException("invalid actions mask");

3
src/java.base/share/classes/java/io/ObjectInputFilter.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2016, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2016, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -219,6 +219,7 @@ public interface ObjectInputFilter {
*
* @since 9
*/
@SuppressWarnings("removal")
final class Config {
/* No instances. */
private Config() {}

10
src/java.base/share/classes/java/io/ObjectInputStream.java
View file

@ -404,6 +404,7 @@ public class ObjectInputStream
* @see java.io.SerializablePermission
*/
protected ObjectInputStream() throws IOException, SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SUBCLASS_IMPLEMENTATION_PERMISSION);
@ -915,6 +916,7 @@ public class ObjectInputStream
return enable;
}
if (enable) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SUBSTITUTION_PERMISSION);
@ -1307,6 +1309,7 @@ public class ObjectInputStream
* @since 9
*/
public final void setObjectInputFilter(ObjectInputFilter filter) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(ObjectStreamConstants.SERIAL_FILTER_PERMISSION);
@ -1575,6 +1578,7 @@ public class ObjectInputStream
if (cl == ObjectInputStream.class) {
return;
}
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return;
@ -1596,6 +1600,7 @@ public class ObjectInputStream
* override security-sensitive non-final methods. Returns TRUE if subclass
* is "safe", FALSE otherwise.
*/
@SuppressWarnings("removal")
private static Boolean auditSubclass(Class<?> subcl) {
return AccessController.doPrivileged(
new PrivilegedAction<Boolean>() {
@ -2660,10 +2665,11 @@ public class ObjectInputStream
final ObjectInputValidation obj;
final int priority;
Callback next;
@SuppressWarnings("removal")
final AccessControlContext acc;
Callback(ObjectInputValidation obj, int priority, Callback next,
AccessControlContext acc)
@SuppressWarnings("removal") AccessControlContext acc)
{
this.obj = obj;
this.priority = priority;
@ -2697,6 +2703,7 @@ public class ObjectInputStream
prev = cur;
cur = cur.next;
}
@SuppressWarnings("removal")
AccessControlContext acc = AccessController.getContext();
if (prev != null) {
prev.next = new Callback(obj, priority, cur, acc);
@ -2712,6 +2719,7 @@ public class ObjectInputStream
* throws an InvalidObjectException, the callback process is terminated
* and the exception propagated upwards.
*/
@SuppressWarnings("removal")
void doCallbacks() throws InvalidObjectException {
try {
while (list != null) {

7
src/java.base/share/classes/java/io/ObjectOutputStream.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -213,6 +213,7 @@ public class ObjectOutputStream
* value of "sun.io.serialization.extendedDebugInfo" property,
* as true or false for extended information about exception's place
*/
@SuppressWarnings("removal")
private static final boolean extendedDebugInfo =
java.security.AccessController.doPrivileged(
new sun.security.action.GetBooleanAction(
@ -274,6 +275,7 @@ public class ObjectOutputStream
* @see java.io.SerializablePermission
*/
protected ObjectOutputStream() throws IOException, SecurityException {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SUBCLASS_IMPLEMENTATION_PERMISSION);
@ -621,6 +623,7 @@ public class ObjectOutputStream
return enable;
}
if (enable) {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null) {
sm.checkPermission(SUBSTITUTION_PERMISSION);
@ -1052,6 +1055,7 @@ public class ObjectOutputStream
if (cl == ObjectOutputStream.class) {
return;
}
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm == null) {
return;
@ -1073,6 +1077,7 @@ public class ObjectOutputStream
* override security-sensitive non-final methods. Returns TRUE if subclass
* is "safe", FALSE otherwise.
*/
@SuppressWarnings("removal")
private static Boolean auditSubclass(Class<?> subcl) {
return AccessController.doPrivileged(
new PrivilegedAction<>() {

9
src/java.base/share/classes/java/io/ObjectStreamClass.java
View file

@ -101,6 +101,7 @@ public class ObjectStreamClass implements Serializable {
NO_FIELDS;
/** reflection factory for obtaining serialization constructors */
@SuppressWarnings("removal")
private static final ReflectionFactory reflFactory =
AccessController.doPrivileged(
new ReflectionFactory.GetReflectionFactoryAction());
@ -278,6 +279,7 @@ public class ObjectStreamClass implements Serializable {
*
* @return the SUID of the class described by this descriptor
*/
@SuppressWarnings("removal")
public long getSerialVersionUID() {
// REMIND: synchronize instead of relying on volatile?
if (suid == null) {
@ -301,6 +303,7 @@ public class ObjectStreamClass implements Serializable {
*
* @return the {@code Class} instance that this descriptor represents
*/
@SuppressWarnings("removal")
@CallerSensitive
public Class<?> forClass() {
if (cl == null) {
@ -460,6 +463,7 @@ public class ObjectStreamClass implements Serializable {
* Returns the value contained by this EntryFuture, blocking if
* necessary until a value is set.
*/
@SuppressWarnings("removal")
synchronized Object get() {
boolean interrupted = false;
while (entry == unset) {
@ -493,6 +497,7 @@ public class ObjectStreamClass implements Serializable {
/**
* Creates local class descriptor representing given class.
*/
@SuppressWarnings("removal")
private ObjectStreamClass(final Class<?> cl) {
this.cl = cl;
name = cl.getName();
@ -620,6 +625,7 @@ public class ObjectStreamClass implements Serializable {
* ProtectionDomain that separate the concrete class {@code cl}
* from its ancestor's declaring {@code cons}, or {@code null}.
*/
@SuppressWarnings("removal")
private ProtectionDomain[] getProtectionDomains(Constructor<?> cons,
Class<?> cl) {
ProtectionDomain[] domains = null;
@ -1130,6 +1136,7 @@ public class ObjectStreamClass implements Serializable {
* class is non-serializable or if the appropriate no-arg constructor is
* inaccessible/unavailable.
*/
@SuppressWarnings("removal")
Object newInstance()
throws InstantiationException, InvocationTargetException,
UnsupportedOperationException
@ -1572,6 +1579,7 @@ public class ObjectStreamClass implements Serializable {
* the not found ( which should never happen for correctly generated record
* classes ).
*/
@SuppressWarnings("removal")
private static MethodHandle canonicalRecordCtr(Class<?> cls) {
assert cls.isRecord() : "Expected record, got: " + cls;
PrivilegedAction<MethodHandle> pa = () -> {
@ -2584,6 +2592,7 @@ public class ObjectStreamClass implements Serializable {
* and return
* {@code Object}
*/
@SuppressWarnings("removal")
static MethodHandle deserializationCtr(ObjectStreamClass desc) {
// check the cached value 1st
MethodHandle mh = desc.deserializationCtr;

3
src/java.base/share/classes/java/io/ObjectStreamField.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1996, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -213,6 +213,7 @@ public class ObjectStreamField
* @return a {@code Class} object representing the type of the
* serializable field
*/
@SuppressWarnings("removal")
@CallerSensitive
public Class<?> getType() {
if (System.getSecurityManager() != null) {

3
src/java.base/share/classes/java/io/RandomAccessFile.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 1994, 2020, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 1994, 2021, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -239,6 +239,7 @@ public class RandomAccessFile implements DataOutput, DataInput, Closeable {
+ "\" must be one of "
+ "\"r\", \"rw\", \"rws\","
+ " or \"rwd\"");
@SuppressWarnings("removal")
SecurityManager security = System.getSecurityManager();
if (security != null) {
security.checkRead(name);