archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-28 07:14:30 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8270380: Change the default value of the java.security.manager system property to disallow

Browse source 
Reviewed-by: lancea, mullan, rriggs
This commit is contained in:
Weijun Wang 2021-10-21 14:04:48 +00:00
parent e39bdc9ddb
commit d589b664cc
6 changed files with 22 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

25
src/java.base/share/classes/java/lang/SecurityManager.java
View file

@ -28,7 +28,6 @@ package java.lang;
import java.lang.module.ModuleDescriptor; import java.lang.module.ModuleDescriptor;
import java.lang.module.ModuleDescriptor.Exports; import java.lang.module.ModuleDescriptor.Exports;
import java.lang.module.ModuleDescriptor.Opens; import java.lang.module.ModuleDescriptor.Opens;
import java.lang.reflect.Member;
import java.io.FileDescriptor; import java.io.FileDescriptor;
import java.io.File; import java.io.File;
import java.io.FilePermission; import java.io.FilePermission;
@ -48,7 +47,6 @@ import java.util.Set;
import java.util.concurrent.ConcurrentHashMap; import java.util.concurrent.ConcurrentHashMap;
import jdk.internal.module.ModuleLoaderMap; import jdk.internal.module.ModuleLoaderMap;
import jdk.internal.reflect.CallerSensitive;
import sun.security.util.SecurityConstants; import sun.security.util.SecurityConstants;
/** /**
@ -77,7 +75,7 @@ import sun.security.util.SecurityConstants;
* manager routine simply returns if the operation is permitted, but * manager routine simply returns if the operation is permitted, but
* throws a {@code SecurityException} if the operation is not * throws a {@code SecurityException} if the operation is not
* permitted. * permitted.
* <p> * <h2><a id="set-security-manager">Setting a Security Manager</a></h2>
* Environments using a security manager will typically set the security * Environments using a security manager will typically set the security
* manager at startup. In the JDK implementation, this is done by setting the * manager at startup. In the JDK implementation, this is done by setting the
* system property {@systemProperty java.security.manager} on the command line * system property {@systemProperty java.security.manager} on the command line
@ -96,13 +94,13 @@ import sun.security.util.SecurityConstants;
* {@link System#setSecurityManager(SecurityManager) setSecurityManager} method. * {@link System#setSecurityManager(SecurityManager) setSecurityManager} method.
* In the JDK implementation, if the Java virtual machine is started with * In the JDK implementation, if the Java virtual machine is started with
* the {@code java.security.manager} system property set to the special token * the {@code java.security.manager} system property set to the special token
* "{@code disallow}" then a security manager will not be set at startup and * "{@code allow}", then a security manager will not be set at startup but can
* cannot be set dynamically (the * be set dynamically. If the Java virtual machine is started with the
* {@code java.security.manager} system property not set or set to the special
* token "{@code disallow}", then a security manager will not be set at startup
* and cannot be set dynamically (the
* {@link System#setSecurityManager(SecurityManager) setSecurityManager} * {@link System#setSecurityManager(SecurityManager) setSecurityManager}
* method will throw an {@code UnsupportedOperationException}). If the * method will throw an {@code UnsupportedOperationException}). Finally, if the
* {@code java.security.manager} system property is not set or is set to the
* special token "{@code allow}", then a security manager will not be set at
* startup but can be set dynamically. Finally, if the
* {@code java.security.manager} system property is set to the class name of * {@code java.security.manager} system property is set to the class name of
* the security manager, or to the empty String ("") or the special token * the security manager, or to the empty String ("") or the special token
* "{@code default}", then a security manager is set at startup (as described * "{@code default}", then a security manager is set at startup (as described
@ -127,8 +125,7 @@ import sun.security.util.SecurityConstants;
* <tr> * <tr>
* <th scope="row">null</th> * <th scope="row">null</th>
* <td>None</td> * <td>None</td>
* <td>Success or throws {@code SecurityException} if not permitted by * <td>Throws {@code UnsupportedOperationException}</td>
* the currently installed security manager</td>
* </tr> * </tr>
* *
* <tr> * <tr>
@ -148,7 +145,7 @@ import sun.security.util.SecurityConstants;
* <tr> * <tr>
* <th scope="row">"disallow"</th> * <th scope="row">"disallow"</th>
* <td>None</td> * <td>None</td>
* <td>Always throws {@code UnsupportedOperationException}</td> * <td>Throws {@code UnsupportedOperationException}</td>
* </tr> * </tr>
* *
* <tr> * <tr>
@ -167,12 +164,10 @@ import sun.security.util.SecurityConstants;
* *
* </tbody> * </tbody>
* </table> * </table>
* <p> A future release of the JDK may change the default value of the
* {@code java.security.manager} system property to "{@code disallow}".
* <p> * <p>
* The current security manager is returned by the * The current security manager is returned by the
* {@link System#getSecurityManager() getSecurityManager} method. * {@link System#getSecurityManager() getSecurityManager} method.
* <p> * <h2><a id="check-permission">Checking Permissions</a></h2>
* The special method * The special method
* {@link SecurityManager#checkPermission(java.security.Permission)} * {@link SecurityManager#checkPermission(java.security.Permission)}
* determines whether an access request indicated by a specified * determines whether an access request indicated by a specified

8
src/java.base/share/classes/java/lang/System.java
View file

@ -361,9 +361,11 @@ public final class System {
* the method simply returns. * the method simply returns.
* *
* @implNote In the JDK implementation, if the Java virtual machine is * @implNote In the JDK implementation, if the Java virtual machine is
* started with the system property {@code java.security.manager} set to * started with the system property {@code java.security.manager} not set or set to
* the special token "{@code disallow}" then the {@code setSecurityManager} * the special token "{@code disallow}" then the {@code setSecurityManager}
* method cannot be used to set a security manager. * method cannot be used to set a security manager. See the following
* <a href="SecurityManager.html#set-security-manager">section of the
* {@code SecurityManager} class specification</a> for more details.
* *
* @param sm the security manager or {@code null} * @param sm the security manager or {@code null}
* @throws SecurityException * @throws SecurityException
@ -2237,7 +2239,7 @@ public final class System {
allowSecurityManager = MAYBE; allowSecurityManager = MAYBE;
} }
} else { } else {
allowSecurityManager = MAYBE; allowSecurityManager = NEVER;
} }
if (needWarning) { if (needWarning) {

4
test/jdk/java/lang/System/AllowSecurityManager.java
View file

@ -23,7 +23,7 @@
/* /*
* @test * @test
* @bug 8191053 * @bug 8191053 8270380
* @summary Test that the allow/disallow options of the java.security.manager * @summary Test that the allow/disallow options of the java.security.manager
* system property work correctly * system property work correctly
* @run main/othervm AllowSecurityManager * @run main/othervm AllowSecurityManager
@ -35,7 +35,7 @@ public class AllowSecurityManager {
public static void main(String args[]) throws Exception { public static void main(String args[]) throws Exception {
String prop = System.getProperty("java.security.manager"); String prop = System.getProperty("java.security.manager");
boolean disallow = "disallow".equals(prop); boolean disallow = !"allow".equals(prop);
try { try {
System.setSecurityManager(new SecurityManager()); System.setSecurityManager(new SecurityManager());
if (disallow) { if (disallow) {

6
test/jdk/java/lang/System/SecurityManagerWarnings.java
View file

@ -23,7 +23,7 @@
/* /*
* @test * @test
* @bug 8266459 8268349 8269543 * @bug 8266459 8268349 8269543 8270380
* @summary check various warnings * @summary check various warnings
* @library /test/lib * @library /test/lib
*/ */
@ -53,7 +53,7 @@ public class SecurityManagerWarnings {
String testClasses = System.getProperty("test.classes"); String testClasses = System.getProperty("test.classes");
allowTest(null, testClasses); disallowTest(null, testClasses);
allowTest("allow", testClasses); allowTest("allow", testClasses);
disallowTest("disallow", testClasses); disallowTest("disallow", testClasses);
enableTest("", testClasses); enableTest("", testClasses);
@ -66,7 +66,7 @@ public class SecurityManagerWarnings {
Path.of("A.class"), Path.of("A.class"),
Path.of("B.class")); Path.of("B.class"));
allowTest(null, "a.jar"); disallowTest(null, "a.jar");
} else { } else {
System.out.println("SM is enabled: " + (System.getSecurityManager() != null)); System.out.println("SM is enabled: " + (System.getSecurityManager() != null));
PrintStream oldErr = System.err; PrintStream oldErr = System.err;

2
test/jdk/sun/security/pkcs11/KeyStore/Basic.java
View file

@ -33,7 +33,7 @@
* . 'list' lists the token aliases * . 'list' lists the token aliases
* . 'basic' does not run with activcard, * . 'basic' does not run with activcard,
* @library /test/lib .. * @library /test/lib ..
* @run testng/othervm Basic * @run testng/othervm -Djava.security.manager=allow Basic
*/ */
import java.io.*; import java.io.*;

2
test/jdk/sun/security/pkcs11/Provider/MultipleLogins.sh
View file

@ -129,7 +129,7 @@ TEST_ARGS="${TESTVMOPTS} -classpath ${TESTCLASSPATH} \
${TESTJAVA}${FS}bin${FS}java ${TEST_ARGS} MultipleLogins || exit 10 ${TESTJAVA}${FS}bin${FS}java ${TEST_ARGS} MultipleLogins || exit 10
# run test with security manager # run test with security manager
${TESTJAVA}${FS}bin${FS}java ${TEST_ARGS} MultipleLogins useSimplePolicy || exit 11 ${TESTJAVA}${FS}bin${FS}java ${TEST_ARGS} -Djava.security.manager=allow MultipleLogins useSimplePolicy || exit 11
echo Done echo Done
exit 0 exit 0