archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 06:45:07 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8338411: Implement JEP 486: Permanently Disable the Security Manager

Browse source 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Brian Burkhalter <bpb@openjdk.org>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Co-authored-by: Harshitha Onkar <honkar@openjdk.org>
Co-authored-by: Joe Wang <joehw@openjdk.org>
Co-authored-by: Jorn Vernee <jvernee@openjdk.org>
Co-authored-by: Justin Lu <jlu@openjdk.org>
Co-authored-by: Kevin Walls <kevinw@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Naoto Sato <naoto@openjdk.org>
Co-authored-by: Roger Riggs <rriggs@openjdk.org>
Co-authored-by: Brent Christian <bchristi@openjdk.org>
Co-authored-by: Stuart Marks <smarks@openjdk.org>
Co-authored-by: Ian Graves <igraves@openjdk.org>
Co-authored-by: Phil Race <prr@openjdk.org>
Co-authored-by: Erik Gahlin <egahlin@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Reviewed-by: kevinw, aivanov, rriggs, lancea, coffeys, dfuchs, ihse, erikj, cjplummer, coleenp, naoto, mchung, prr, weijun, joehw, azvegint, psadhukhan, bchristi, sundar, attila
This commit is contained in:
Sean Mullan 2024-11-12 17:16:15 +00:00
parent c12b386d19
commit db85090553
1885 changed files with 5528 additions and 65650 deletions
Download patch file Download diff file Expand all files Collapse all files

128
src/java.base/share/classes/java/lang/ClassLoader.java
View file

@ -33,10 +33,7 @@ import java.io.File;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.net.URL;
import java.security.AccessController;
import java.security.AccessControlContext;
import java.security.CodeSource;
import java.security.PrivilegedAction;
import java.security.ProtectionDomain;
import java.security.cert.Certificate;
import java.util.ArrayList;
@ -67,7 +64,6 @@ import jdk.internal.reflect.CallerSensitive;
import jdk.internal.reflect.CallerSensitiveAdapter;
import jdk.internal.reflect.Reflection;
import jdk.internal.util.StaticProperty;
import sun.reflect.misc.ReflectUtil;
import sun.security.util.SecurityConstants;
/**
@ -93,9 +89,6 @@ import sun.security.util.SecurityConstants;
* extend the manner in which the Java virtual machine dynamically loads
* classes.
*
* <p> Class loaders may typically be used by security managers to indicate
* security domains.
*
* <p> In addition to loading classes, a class loader is also responsible for
* locating resources. A resource is some data (a "{@code .class}" file,
* configuration data, or an image for example) that is identified with an
@ -424,11 +417,6 @@ public abstract class ClassLoader {
*
* @throws IllegalArgumentException if the given name is empty.
*
* @throws SecurityException
* If a security manager exists and its
* {@link SecurityManager#checkCreateClassLoader()}
* method doesn't allow creation of a new class loader.
*
* @since 9
*/
@SuppressWarnings("this-escape")
@ -440,10 +428,6 @@ public abstract class ClassLoader {
* Creates a new class loader using the specified parent class loader for
* delegation.
*
* <p> If there is a security manager, its {@link
* SecurityManager#checkCreateClassLoader() checkCreateClassLoader} method
* is invoked. This may result in a security exception. </p>
*
* @apiNote If the parent is specified as {@code null} (for the
* bootstrap class loader) then there is no guarantee that all platform
* classes are visible.
@ -451,11 +435,6 @@ public abstract class ClassLoader {
* @param parent
* The parent class loader
*
* @throws SecurityException
* If a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow creation
* of a new class loader.
*
* @since 1.2
*/
@SuppressWarnings("this-escape")
@ -467,16 +446,6 @@ public abstract class ClassLoader {
* Creates a new class loader using the {@code ClassLoader} returned by
* the method {@link #getSystemClassLoader()
* getSystemClassLoader()} as the parent class loader.
*
* <p> If there is a security manager, its {@link
* SecurityManager#checkCreateClassLoader()
* checkCreateClassLoader} method is invoked. This may result in
* a security exception. </p>
*
* @throws SecurityException
* If a security manager exists and its
* {@code checkCreateClassLoader} method doesn't allow creation
* of a new class loader.
*/
@SuppressWarnings("this-escape")
protected ClassLoader() {
@ -688,30 +657,6 @@ public abstract class ClassLoader {
return lock;
}
// Invoked by the VM after loading class with this loader.
@SuppressWarnings("removal")
private void checkPackageAccess(Class<?> cls, ProtectionDomain pd) {
final SecurityManager sm = System.getSecurityManager();
if (sm != null) {
if (ReflectUtil.isNonPublicProxyClass(cls)) {
for (Class<?> intf: cls.getInterfaces()) {
checkPackageAccess(intf, pd);
}
return;
}
final String packageName = cls.getPackageName();
if (!packageName.isEmpty()) {
AccessController.doPrivileged(new PrivilegedAction<>() {
public Void run() {
sm.checkPackageAccess(packageName);
return null;
}
}, new AccessControlContext(new ProtectionDomain[] {pd}));
}
}
}
/**
* Finds the class with the specified <a href="#binary-name">binary name</a>.
* This method should be overridden by class loader implementations that
@ -823,12 +768,10 @@ public abstract class ClassLoader {
* Before the {@code Class} can be used it must be resolved.
*
* <p> This method assigns a default {@link java.security.ProtectionDomain
* ProtectionDomain} to the newly defined class. The
* {@code ProtectionDomain} is effectively granted the same set of
* permissions returned when {@link
* java.security.Policy#getPermissions(java.security.CodeSource)
* Policy.getPolicy().getPermissions(new CodeSource(null, null))}
* is invoked. The default protection domain is created on the first invocation
* ProtectionDomain} to the newly defined class. The
* {@code getPermissions} method of the {@code ProtectionDomain} always
* returns {@code null}.
* The default protection domain is created on the first invocation
* of {@link #defineClass(String, byte[], int, int) defineClass},
* and re-used on subsequent invocations.
*
@ -1342,8 +1285,7 @@ public abstract class ClassLoader {
* The resource name
*
* @return A URL to the resource; {@code null} if the resource could not be
* found, a URL could not be constructed to locate the resource,
* access to the resource is denied by the security manager, or
* found, a URL could not be constructed to locate the resource, or
* there isn't a module of the given name defined to the class
* loader.
*
@ -1395,9 +1337,8 @@ public abstract class ClassLoader {
*
* @return {@code URL} object for reading the resource; {@code null} if
* the resource could not be found, a {@code URL} could not be
* constructed to locate the resource, the resource is in a package
* that is not opened unconditionally, or access to the resource is
* denied by the security manager.
* constructed to locate the resource, or the resource is in a package
* that is not opened unconditionally.
*
* @throws NullPointerException If {@code name} is {@code null}
*
@ -1457,9 +1398,8 @@ public abstract class ClassLoader {
* @return An enumeration of {@link java.net.URL URL} objects for the
* resource. If no resources could be found, the enumeration will
* be empty. Resources for which a {@code URL} cannot be
* constructed, are in a package that is not opened
* unconditionally, or access to the resource is denied by the
* security manager, are not returned in the enumeration.
* constructed, or are in a package that is not opened
* unconditionally, are not returned in the enumeration.
*
* @throws IOException
* If I/O errors occur
@ -1518,9 +1458,8 @@ public abstract class ClassLoader {
*
* @return A stream of resource {@link java.net.URL URL} objects. If no
* resources could be found, the stream will be empty. Resources
* for which a {@code URL} cannot be constructed, are in a package
* that is not opened unconditionally, or access to the resource
* is denied by the security manager, will not be in the stream.
* for which a {@code URL} cannot be constructed, or are in a package
* that is not opened unconditionally, will not be in the stream.
*
* @throws NullPointerException If {@code name} is {@code null}
*
@ -1558,9 +1497,8 @@ public abstract class ClassLoader {
*
* @return {@code URL} object for reading the resource; {@code null} if
* the resource could not be found, a {@code URL} could not be
* constructed to locate the resource, the resource is in a package
* that is not opened unconditionally, or access to the resource is
* denied by the security manager.
* constructed to locate the resource, or the resource is in a package
* that is not opened unconditionally.
*
* @since 1.2
*/
@ -1589,8 +1527,7 @@ public abstract class ClassLoader {
* @return An enumeration of {@link java.net.URL URL} objects for
* the resource. If no resources could be found, the enumeration
* will be empty. Resources for which a {@code URL} cannot be
* constructed, are in a package that is not opened unconditionally,
* or access to the resource is denied by the security manager,
* constructed, or are in a package that is not opened unconditionally,
* are not returned in the enumeration.
*
* @throws IOException
@ -1676,9 +1613,8 @@ public abstract class ClassLoader {
*
* @return A {@link java.net.URL URL} to the resource; {@code
* null} if the resource could not be found, a URL could not be
* constructed to locate the resource, the resource is in a package
* that is not opened unconditionally or access to the resource is
* denied by the security manager.
* constructed to locate the resource, or the resource is in a package
* that is not opened unconditionally.
*
* @since 1.1
*/
@ -1708,8 +1644,7 @@ public abstract class ClassLoader {
* @return An enumeration of {@link java.net.URL URL} objects for
* the resource. If no resources could be found, the enumeration
* will be empty. Resources for which a {@code URL} cannot be
* constructed, are in a package that is not opened unconditionally,
* or access to the resource is denied by the security manager,
* constructed, or are in a package that is not opened unconditionally,
* are not returned in the enumeration.
*
* @throws IOException
@ -1740,9 +1675,8 @@ public abstract class ClassLoader {
* The resource name
*
* @return An input stream for reading the resource; {@code null} if the
* resource could not be found, the resource is in a package that
* is not opened unconditionally, or access to the resource is
* denied by the security manager.
* resource could not be found, or the resource is in a package that
* is not opened unconditionally.
*
* @throws NullPointerException If {@code name} is {@code null}
*
@ -1774,9 +1708,8 @@ public abstract class ClassLoader {
* The resource name
*
* @return An input stream for reading the resource; {@code null} if the
* resource could not be found, the resource is in a package that
* is not opened unconditionally, or access to the resource is
* denied by the security manager.
* resource could not be found, or the resource is in a package that
* is not opened unconditionally.
*
* @since 1.1
*/
@ -1800,12 +1733,6 @@ public abstract class ClassLoader {
*
* @return The parent {@code ClassLoader}
*
* @throws SecurityException
* If a security manager is present, and the caller's class loader
* is not {@code null} and is not an ancestor of this class loader,
* and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 1.2
*/
@CallerSensitive
@ -1845,13 +1772,6 @@ public abstract class ClassLoader {
*
* @return The platform {@code ClassLoader}.
*
* @throws SecurityException
* If a security manager is present, and the caller's class loader is
* not {@code null}, and the caller's class loader is not the same
* as or an ancestor of the platform class loader,
* and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @since 9
*/
@CallerSensitive
@ -1920,12 +1840,6 @@ public abstract class ClassLoader {
*
* @return The system {@code ClassLoader}
*
* @throws SecurityException
* If a security manager is present, and the caller's class loader
* is not {@code null} and is not the same as or an ancestor of the
* system class loader, and the caller does not have the
* {@link RuntimePermission}{@code ("getClassLoader")}
*
* @throws IllegalStateException
* If invoked recursively during the construction of the class
* loader specified by the "{@code java.system.class.loader}"