archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 06:45:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8344078: Remove security manager dependency in java.nio

Browse source 
Reviewed-by: alanb, rriggs
This commit is contained in:
Brian Burkhalter 2024-11-18 19:17:14 +00:00
parent 2649406323
commit 922b12f30c
67 changed files with 285 additions and 1480 deletions
Download patch file Download diff file Expand all files Collapse all files

18
src/java.base/share/classes/java/nio/file/CopyMoveHelper.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2011, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2011, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -116,13 +116,9 @@ class CopyMoveHelper {
// attributes of source file
BasicFileAttributes sourceAttrs = null;
if (sourcePosixView != null) {
try {
sourceAttrs = Files.readAttributes(source,
PosixFileAttributes.class,
linkOptions);
} catch (SecurityException ignored) {
// okay to continue if RuntimePermission("accessUserInformation") not granted
}
sourceAttrs = Files.readAttributes(source,
PosixFileAttributes.class,
linkOptions);
}
if (sourceAttrs == null)
sourceAttrs = Files.readAttributes(source,
@ -173,11 +169,7 @@ class CopyMoveHelper {
if (sourceAttrs instanceof PosixFileAttributes sourcePosixAttrs &&
targetView instanceof PosixFileAttributeView targetPosixView) {
try {
targetPosixView.setPermissions(sourcePosixAttrs.permissions());
} catch (SecurityException ignored) {
// okay to continue if RuntimePermission("accessUserInformation") not granted
}
targetPosixView.setPermissions(sourcePosixAttrs.permissions());
}
} catch (Throwable x) {
// rollback

14
src/java.base/share/classes/java/nio/file/FileSystems.java
View file

@ -25,12 +25,10 @@
package java.nio.file;
import java.nio.file.spi.FileSystemProvider;
import java.net.URI;
import java.io.IOException;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.lang.reflect.Constructor;
import java.net.URI;
import java.nio.file.spi.FileSystemProvider;
import java.util.Collections;
import java.util.Map;
import java.util.ServiceConfigurationError;
@ -96,13 +94,7 @@ public final class FileSystems {
// returns default file system
private static FileSystem defaultFileSystem() {
// load default provider
@SuppressWarnings("removal")
FileSystemProvider provider = AccessController
.doPrivileged(new PrivilegedAction<>() {
public FileSystemProvider run() {
return getDefaultProvider();
}
});
FileSystemProvider provider = getDefaultProvider();
// return file system
return provider.getFileSystem(URI.create("file:///"));

4
src/java.base/share/classes/java/nio/file/FileTreeIterator.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2013, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2014, 2023, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -58,8 +58,6 @@ class FileTreeIterator implements Iterator<Event>, Closeable {
* if {@code maxDepth} is negative
* @throws IOException
* if an I/O errors occurs opening the starting file
* @throws SecurityException
* if the security manager denies access to the starting file
* @throws NullPointerException
* if {@code start} or {@code options} is {@code null} or
* the options array contains a {@code null} element

29
src/java.base/share/classes/java/nio/file/FileTreeWalker.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -198,16 +198,12 @@ class FileTreeWalker implements Closeable {
* the walk is following sym links is not. The {@code canUseCached}
* argument determines whether this method can use cached attributes.
*/
@SuppressWarnings("removal")
private BasicFileAttributes getAttributes(Path file, boolean canUseCached)
throws IOException
{
// if attributes are cached then use them if possible
if (canUseCached &&
(file instanceof BasicFileAttributesHolder) &&
(System.getSecurityManager() == null))
{
BasicFileAttributes cached = ((BasicFileAttributesHolder)file).get();
if (canUseCached && (file instanceof BasicFileAttributesHolder bfah)) {
BasicFileAttributes cached = bfah.get();
if (cached != null && (!followLinks || !cached.isSymbolicLink())) {
return cached;
}
@ -250,7 +246,7 @@ class FileTreeWalker implements Closeable {
// cycle detected
return true;
}
} catch (IOException | SecurityException x) {
} catch (IOException e) {
// ignore
}
}
@ -262,25 +258,16 @@ class FileTreeWalker implements Closeable {
* Visits the given file, returning the {@code Event} corresponding to that
* visit.
*
* The {@code ignoreSecurityException} parameter determines whether
* any SecurityException should be ignored or not. If a SecurityException
* is thrown, and is ignored, then this method returns {@code null} to
* mean that there is no event corresponding to a visit to the file.
*
* The {@code canUseCached} parameter determines whether cached attributes
* for the file can be used or not.
*/
private Event visit(Path entry, boolean ignoreSecurityException, boolean canUseCached) {
private Event visit(Path entry, boolean canUseCached) {
// need the file attributes
BasicFileAttributes attrs;
try {
attrs = getAttributes(entry, canUseCached);
} catch (IOException ioe) {
return new Event(EventType.ENTRY, entry, ioe);
} catch (SecurityException se) {
if (ignoreSecurityException)
return null;
throw se;
}
// at maximum depth or file is not a directory
@ -301,10 +288,6 @@ class FileTreeWalker implements Closeable {
stream = Files.newDirectoryStream(entry);
} catch (IOException ioe) {
return new Event(EventType.ENTRY, entry, ioe);
} catch (SecurityException se) {
if (ignoreSecurityException)
return null;
throw se;
}
// push a directory node to the stack and return an event
@ -321,7 +304,6 @@ class FileTreeWalker implements Closeable {
throw new IllegalStateException("Closed");
Event ev = visit(file,
false, // ignoreSecurityException
false); // canUseCached
assert ev != null;
return ev;
@ -372,7 +354,6 @@ class FileTreeWalker implements Closeable {
// visit the entry
ev = visit(entry,
true, // ignoreSecurityException
true); // canUseCached
} while (ev == null);

60
src/java.base/share/classes/java/nio/file/Files.java
View file

@ -58,8 +58,6 @@ import java.nio.file.attribute.PosixFilePermission;
import java.nio.file.attribute.UserPrincipal;
import java.nio.file.spi.FileSystemProvider;
import java.nio.file.spi.FileTypeDetector;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
@ -696,14 +694,8 @@ public final class Files {
} catch (IOException x) {
// parent may not exist or other reason
}
SecurityException se = null;
Path absDir = dir;
try {
absDir = dir.toAbsolutePath();
} catch (SecurityException x) {
// don't have permission to get absolute path
se = x;
}
Path absDir = dir.toAbsolutePath();
// find a descendant that exists
Path parent = absDir.getParent();
while (parent != null) {
@ -717,12 +709,8 @@ public final class Files {
}
if (parent == null) {
// unable to find existing parent
if (se == null) {
throw new FileSystemException(absDir.toString(), null,
"Unable to determine if root directory exists");
} else {
throw se;
}
throw new FileSystemException(absDir.toString(), null,
"Unable to determine if root directory exists");
}
// create directories
@ -1525,29 +1513,19 @@ public final class Files {
loadInstalledDetectors();
// creates the default file type detector
@SuppressWarnings("removal")
private static FileTypeDetector createDefaultFileTypeDetector() {
return AccessController
.doPrivileged(new PrivilegedAction<>() {
@Override public FileTypeDetector run() {
return sun.nio.fs.DefaultFileTypeDetector.create();
}});
return sun.nio.fs.DefaultFileTypeDetector.create();
}
// loads all installed file type detectors
@SuppressWarnings("removal")
private static List<FileTypeDetector> loadInstalledDetectors() {
return AccessController
.doPrivileged(new PrivilegedAction<>() {
@Override public List<FileTypeDetector> run() {
List<FileTypeDetector> list = new ArrayList<>();
ServiceLoader<FileTypeDetector> loader = ServiceLoader
.load(FileTypeDetector.class, ClassLoader.getSystemClassLoader());
for (FileTypeDetector detector: loader) {
list.add(detector);
}
return list;
}});
List<FileTypeDetector> list = new ArrayList<>();
ServiceLoader<FileTypeDetector> loader = ServiceLoader
.load(FileTypeDetector.class, ClassLoader.getSystemClassLoader());
for (FileTypeDetector detector: loader) {
list.add(detector);
}
return list;
}
}
@ -2863,26 +2841,16 @@ public final class Files {
}
// attempt to delete an existing file
SecurityException se = null;
if (replaceExisting) {
try {
deleteIfExists(target);
} catch (SecurityException x) {
se = x;
}
deleteIfExists(target);
}
// attempt to create target file. If it fails with
// FileAlreadyExistsException then it may be because the security
// manager prevented us from deleting the file, in which case we just
// throw the SecurityException.
// attempt to create target file.
OutputStream ostream;
try {
ostream = newOutputStream(target, StandardOpenOption.CREATE_NEW,
StandardOpenOption.WRITE);
} catch (FileAlreadyExistsException x) {
if (se != null)
throw se;
// someone else won the race and created the file
throw x;
}

11
src/java.base/share/classes/java/nio/file/TempFileHelper.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2009, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2009, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -117,16 +117,12 @@ class TempFileHelper {
}
// loop generating random names until file or directory can be created
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
for (;;) {
Path f;
try {
f = generatePath(prefix, suffix, dir);
} catch (InvalidPathException e) {
// don't reveal temporary directory location
if (sm != null)
throw new IllegalArgumentException("Invalid prefix or suffix");
throw e;
}
try {
@ -135,11 +131,6 @@ class TempFileHelper {
} else {
return Files.createFile(f, attrs);
}
} catch (SecurityException e) {
// don't reveal temporary directory location
if (dir == tmpdir && sm != null)
throw new SecurityException("Unable to create temporary file or directory");
throw e;
} catch (FileAlreadyExistsException e) {
// ignore
}

11
src/java.base/share/classes/java/nio/file/spi/FileSystemProvider.java
View file

@ -45,7 +45,6 @@ import java.nio.file.FileSystemNotFoundException;
import java.nio.file.FileSystems;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.LinkPermission;
import java.nio.file.NoSuchFileException;
import java.nio.file.NotDirectoryException;
import java.nio.file.NotLinkException;
@ -68,8 +67,6 @@ import java.util.ServiceConfigurationError;
import java.util.ServiceLoader;
import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.security.AccessController;
import java.security.PrivilegedAction;
import sun.nio.ch.FileChannelImpl;
@ -185,13 +182,7 @@ public abstract class FileSystemProvider {
}
loadingProviders = true;
@SuppressWarnings("removal")
List<FileSystemProvider> list = AccessController
.doPrivileged(new PrivilegedAction<>() {
@Override
public List<FileSystemProvider> run() {
return loadInstalledProviders();
}});
List<FileSystemProvider> list = loadInstalledProviders();
// insert the default provider at the start of the list
list.add(0, defaultProvider);