archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-27 23:04:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8338411: Implement JEP 486: Permanently Disable the Security Manager

Browse source 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Brian Burkhalter <bpb@openjdk.org>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Co-authored-by: Harshitha Onkar <honkar@openjdk.org>
Co-authored-by: Joe Wang <joehw@openjdk.org>
Co-authored-by: Jorn Vernee <jvernee@openjdk.org>
Co-authored-by: Justin Lu <jlu@openjdk.org>
Co-authored-by: Kevin Walls <kevinw@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Naoto Sato <naoto@openjdk.org>
Co-authored-by: Roger Riggs <rriggs@openjdk.org>
Co-authored-by: Brent Christian <bchristi@openjdk.org>
Co-authored-by: Stuart Marks <smarks@openjdk.org>
Co-authored-by: Ian Graves <igraves@openjdk.org>
Co-authored-by: Phil Race <prr@openjdk.org>
Co-authored-by: Erik Gahlin <egahlin@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Reviewed-by: kevinw, aivanov, rriggs, lancea, coffeys, dfuchs, ihse, erikj, cjplummer, coleenp, naoto, mchung, prr, weijun, joehw, azvegint, psadhukhan, bchristi, sundar, attila
This commit is contained in:
Sean Mullan 2024-11-12 17:16:15 +00:00
parent c12b386d19
commit db85090553
1885 changed files with 5528 additions and 65650 deletions
Download patch file Download diff file Expand all files Collapse all files

397
src/java.base/share/classes/java/lang/System.java
View file

@ -38,12 +38,9 @@ import java.lang.annotation.Annotation;
import java.lang.foreign.MemorySegment;
import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodType;
import java.lang.invoke.StringConcatFactory;
import java.lang.module.ModuleDescriptor;
import java.lang.reflect.Constructor;
import java.lang.reflect.Executable;
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.net.URI;
import java.net.URL;
import java.nio.channels.Channel;
@ -75,7 +72,6 @@ import jdk.internal.loader.NativeLibraries;
import jdk.internal.logger.LoggerFinderLoader.TemporaryLoggerFinder;
import jdk.internal.misc.Blocker;
import jdk.internal.misc.CarrierThreadLocal;
import jdk.internal.misc.Unsafe;
import jdk.internal.util.StaticProperty;
import jdk.internal.module.ModuleBootstrap;
import jdk.internal.module.ServicesCatalog;
@ -94,7 +90,6 @@ import jdk.internal.vm.StackableScope;
import jdk.internal.vm.ThreadContainer;
import jdk.internal.vm.annotation.IntrinsicCandidate;
import jdk.internal.vm.annotation.Stable;
import sun.nio.fs.DefaultFileSystemProvider;
import sun.reflect.annotation.AnnotationType;
import sun.nio.ch.Interruptible;
import sun.nio.cs.UTF_8;
@ -193,42 +188,16 @@ public final class System {
private static @Stable InputStream initialIn;
private static @Stable PrintStream initialErr;
// indicates if a security manager is possible
private static final int NEVER = 1;
private static final int MAYBE = 2;
private static @Stable int allowSecurityManager;
// current security manager
@SuppressWarnings("removal")
private static volatile SecurityManager security; // read by VM
// `sun.jnu.encoding` if it is not supported. Otherwise null.
// It is initialized in `initPhase1()` before any charset providers
// are initialized.
private static String notSupportedJnuEncoding;
// return true if a security manager is allowed
private static boolean allowSecurityManager() {
return (allowSecurityManager != NEVER);
}
/**
* Reassigns the "standard" input stream.
*
* First, if there is a security manager, its {@code checkPermission}
* method is called with a {@code RuntimePermission("setIO")} permission
* to see if it's ok to reassign the "standard" input stream.
*
* @param in the new standard input stream.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* reassigning of the standard input stream.
*
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*
* @since 1.1
*/
public static void setIn(InputStream in) {
@ -239,20 +208,8 @@ public final class System {
/**
* Reassigns the "standard" output stream.
*
* First, if there is a security manager, its {@code checkPermission}
* method is called with a {@code RuntimePermission("setIO")} permission
* to see if it's ok to reassign the "standard" output stream.
*
* @param out the new standard output stream
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* reassigning of the standard output stream.
*
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*
* @since 1.1
*/
public static void setOut(PrintStream out) {
@ -263,20 +220,8 @@ public final class System {
/**
* Reassigns the "standard" error output stream.
*
* First, if there is a security manager, its {@code checkPermission}
* method is called with a {@code RuntimePermission("setIO")} permission
* to see if it's ok to reassign the "standard" error output stream.
*
* @param err the new standard error output stream.
*
* @throws SecurityException
* if a security manager exists and its
* {@code checkPermission} method doesn't allow
* reassigning of the standard error output stream.
*
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
*
* @since 1.1
*/
public static void setErr(PrintStream err) {
@ -325,10 +270,6 @@ public final class System {
* @throws IOException
* If an I/O error occurs
*
* @throws SecurityException
* If a security manager is present and it does not
* permit access to the channel.
*
* @since 1.5
*/
public static Channel inheritedChannel() throws IOException {
@ -362,147 +303,37 @@ public final class System {
}
/**
* Sets the system-wide security manager.
* Throws {@code UnsupportedOperationException}. Setting a security manager
* is not supported.
*
* If there is a security manager already installed, this method first
* calls the security manager's {@code checkPermission} method
* with a {@code RuntimePermission("setSecurityManager")}
* permission to ensure it's ok to replace the existing
* security manager.
* This may result in throwing a {@code SecurityException}.
*
* <p> Otherwise, the argument is established as the current
* security manager. If the argument is {@code null} and no
* security manager has been established, then no action is taken and
* the method simply returns.
*
* @implNote In the JDK implementation, if the Java virtual machine is
* started with the system property {@code java.security.manager} not set or set to
* the special token "{@code disallow}" then the {@code setSecurityManager}
* method cannot be used to set a security manager. See the following
* <a href="SecurityManager.html#set-security-manager">section of the
* {@code SecurityManager} class specification</a> for more details.
*
* @param sm the security manager or {@code null}
* @throws SecurityException
* if the security manager has already been set and its {@code
* checkPermission} method doesn't allow it to be replaced
* @throws UnsupportedOperationException
* if {@code sm} is non-null and a security manager is not allowed
* to be set dynamically
* @param sm ignored
* @throws UnsupportedOperationException always
* @see #getSecurityManager
* @see SecurityManager#checkPermission
* @see java.lang.RuntimePermission
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
* @deprecated This method originally set
* {@linkplain SecurityManager the system-wide Security Manager}.
* Setting a Security Manager is no longer supported. There is no
* replacement for the Security Manager or this method.
*/
@Deprecated(since="17", forRemoval=true)
@CallerSensitive
public static void setSecurityManager(@SuppressWarnings("removal") SecurityManager sm) {
if (allowSecurityManager()) {
var callerClass = Reflection.getCallerClass();
if (CallersHolder.callers.putIfAbsent(callerClass, true) == null) {
URL url = codeSource(callerClass);
final String source;
if (url == null) {
source = callerClass.getName();
} else {
source = callerClass.getName() + " (" + url + ")";
}
initialErr.printf("""
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by %s
WARNING: Please consider reporting this to the maintainers of %s
WARNING: System::setSecurityManager will be removed in a future release
""", source, callerClass.getName());
}
implSetSecurityManager(sm);
} else {
// security manager not allowed
if (sm != null) {
throw new UnsupportedOperationException(
"The Security Manager is deprecated and will be removed in a future release");
}
}
}
private static void implSetSecurityManager(@SuppressWarnings("removal") SecurityManager sm) {
if (security == null) {
// ensure image reader is initialized
Object.class.getResource("java/lang/ANY");
// ensure the default file system is initialized
DefaultFileSystemProvider.theFileSystem();
}
if (sm != null) {
try {
// pre-populates the SecurityManager.packageAccess cache
// to avoid recursive permission checking issues with custom
// SecurityManager implementations
sm.checkPackageAccess("java.lang");
} catch (Exception e) {
// no-op
}
}
setSecurityManager0(sm);
}
@SuppressWarnings("removal")
private static synchronized
void setSecurityManager0(final SecurityManager s) {
SecurityManager sm = getSecurityManager();
if (sm != null) {
// ask the currently installed security manager if we
// can replace it.
sm.checkPermission(new RuntimePermission("setSecurityManager"));
}
if ((s != null) && (s.getClass().getClassLoader() != null)) {
// New security manager class is not on bootstrap classpath.
// Force policy to get initialized before we install the new
// security manager, in order to prevent infinite loops when
// trying to initialize the policy (which usually involves
// accessing some security and/or system properties, which in turn
// calls the installed security manager's checkPermission method
// which will loop infinitely if there is a non-system class
// (in this case: the new security manager class) on the stack).
AccessController.doPrivileged(new PrivilegedAction<>() {
public Object run() {
s.getClass().getProtectionDomain().implies
(SecurityConstants.ALL_PERMISSION);
return null;
}
});
}
security = s;
throw new UnsupportedOperationException(
"Setting a Security Manager is not supported");
}
/**
* Gets the system-wide security manager.
* Returns {@code null}. Setting a security manager is not supported.
*
* @return if a security manager has already been established for the
* current application, then that security manager is returned;
* otherwise, {@code null} is returned.
* @return {@code null}
* @see #setSecurityManager
* @deprecated This method is only useful in conjunction with
* {@linkplain SecurityManager the Security Manager}, which is
* deprecated and subject to removal in a future release.
* Consequently, this method is also deprecated and subject to
* removal. There is no replacement for the Security Manager or this
* method.
* @deprecated This method originally returned
* {@linkplain SecurityManager the system-wide Security Manager}.
* Setting a Security Manager is no longer supported. There is no
* replacement for the Security Manager or this method.
*/
@SuppressWarnings("removal")
@Deprecated(since="17", forRemoval=true)
public static SecurityManager getSecurityManager() {
if (allowSecurityManager()) {
return security;
} else {
return null;
}
return null;
}
/**
@ -690,10 +521,6 @@ public final class System {
/**
* Determines the current system properties.
*
* First, if there is a security manager, its
* {@code checkPropertiesAccess} method is called with no
* arguments. This may result in a security exception.
* <p>
* The current set of system properties for use by the
* {@link #getProperty(String)} method is returned as a
@ -808,10 +635,6 @@ public final class System {
* Multiple paths in a system property value are separated by the path
* separator character of the platform.
* <p>
* Note that even if the security manager does not permit the
* {@code getProperties} operation, it may choose to permit the
* {@link #getProperty(String)} operation.
* <p>
* Additional locale-related system properties defined by the
* {@link Locale##default_locale Default Locale} section in the {@code Locale}
* class description may also be obtained with this method.
@ -855,12 +678,7 @@ public final class System {
* </table>
*
* @return the system properties
* @throws SecurityException if a security manager exists and its
* {@code checkPropertiesAccess} method doesn't allow access
* to the system properties.
* @see #setProperties
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertiesAccess()
* @see java.util.Properties
*/
public static Properties getProperties() {
@ -892,10 +710,6 @@ public final class System {
/**
* Sets the system properties to the {@code Properties} argument.
*
* First, if there is a security manager, its
* {@code checkPropertiesAccess} method is called with no
* arguments. This may result in a security exception.
* <p>
* The argument becomes the current set of system properties for use
* by the {@link #getProperty(String)} method. If the argument is
@ -908,13 +722,8 @@ public final class System {
* See {@linkplain #getProperties getProperties} for details.
*
* @param props the new system properties.
* @throws SecurityException if a security manager exists and its
* {@code checkPropertiesAccess} method doesn't allow access
* to the system properties.
* @see #getProperties
* @see java.util.Properties
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertiesAccess()
*/
public static void setProperties(Properties props) {
@SuppressWarnings("removal")
@ -933,10 +742,6 @@ public final class System {
/**
* Gets the system property indicated by the specified key.
*
* First, if there is a security manager, its
* {@code checkPropertyAccess} method is called with the key as
* its argument. This may result in a SecurityException.
* <p>
* If there is no current set of system properties, a set of system
* properties is first created and initialized in the same manner as
@ -951,14 +756,9 @@ public final class System {
* @return the string value of the system property,
* or {@code null} if there is no property with that key.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPropertyAccess} method doesn't allow
* access to the specified system property.
* @throws NullPointerException if {@code key} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #setProperty
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertyAccess(java.lang.String)
* @see java.lang.System#getProperties()
*/
public static String getProperty(String key) {
@ -974,10 +774,6 @@ public final class System {
/**
* Gets the system property indicated by the specified key.
*
* First, if there is a security manager, its
* {@code checkPropertyAccess} method is called with the
* {@code key} as its argument.
* <p>
* If there is no current set of system properties, a set of system
* properties is first created and initialized in the same manner as
@ -988,13 +784,9 @@ public final class System {
* @return the string value of the system property,
* or the default value if there is no property with that key.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPropertyAccess} method doesn't allow
* access to the specified system property.
* @throws NullPointerException if {@code key} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #setProperty
* @see java.lang.SecurityManager#checkPropertyAccess(java.lang.String)
* @see java.lang.System#getProperties()
*/
public static String getProperty(String key, String def) {
@ -1011,13 +803,6 @@ public final class System {
/**
* Sets the system property indicated by the specified key.
*
* First, if a security manager exists, its
* {@code SecurityManager.checkPermission} method
* is called with a {@code PropertyPermission(key, "write")}
* permission. This may result in a SecurityException being thrown.
* If no exception is thrown, the specified property is set to the given
* value.
*
* @apiNote
* <strong>Changing a standard system property may have unpredictable results
* unless otherwise specified</strong>.
@ -1028,17 +813,12 @@ public final class System {
* @return the previous value of the system property,
* or {@code null} if it did not have one.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPermission} method doesn't allow
* setting of the specified property.
* @throws NullPointerException if {@code key} or
* {@code value} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #getProperty
* @see java.lang.System#getProperty(java.lang.String)
* @see java.lang.System#getProperty(java.lang.String, java.lang.String)
* @see java.util.PropertyPermission
* @see SecurityManager#checkPermission
* @since 1.2
*/
public static String setProperty(String key, String value) {
@ -1056,12 +836,6 @@ public final class System {
/**
* Removes the system property indicated by the specified key.
*
* First, if a security manager exists, its
* {@code SecurityManager.checkPermission} method
* is called with a {@code PropertyPermission(key, "write")}
* permission. This may result in a SecurityException being thrown.
* If no exception is thrown, the specified property is removed.
*
* @apiNote
* <strong>Changing a standard system property may have unpredictable results
* unless otherwise specified</strong>.
@ -1071,16 +845,11 @@ public final class System {
* @return the previous string value of the system property,
* or {@code null} if there was no property with that key.
*
* @throws SecurityException if a security manager exists and its
* {@code checkPropertyAccess} method doesn't allow
* access to the specified system property.
* @throws NullPointerException if {@code key} is {@code null}.
* @throws IllegalArgumentException if {@code key} is empty.
* @see #getProperty
* @see #setProperty
* @see java.util.Properties
* @see java.lang.SecurityException
* @see java.lang.SecurityManager#checkPropertiesAccess()
* @since 1.5
*/
public static String clearProperty(String key) {
@ -1108,14 +877,6 @@ public final class System {
* environment variable is a system-dependent external named
* value.
*
* <p>If a security manager exists, its
* {@link SecurityManager#checkPermission checkPermission}
* method is called with a
* {@link RuntimePermission RuntimePermission("getenv."+name)}
* permission. This may result in a {@link SecurityException}
* being thrown. If no exception is thrown the value of the
* variable {@code name} is returned.
*
* <p><a id="EnvironmentVSSystemProperties"><i>System
* properties</i> and <i>environment variables</i></a> are both
* conceptually mappings between names and values. Both
@ -1141,11 +902,6 @@ public final class System {
* @return the string value of the variable, or {@code null}
* if the variable is not defined in the system environment
* @throws NullPointerException if {@code name} is {@code null}
* @throws SecurityException
* if a security manager exists and its
* {@link SecurityManager#checkPermission checkPermission}
* method doesn't allow access to the environment variable
* {@code name}
* @see #getenv()
* @see ProcessBuilder#environment()
*/
@ -1180,21 +936,11 @@ public final class System {
*
* <p>The returned map is typically case-sensitive on all platforms.
*
* <p>If a security manager exists, its
* {@link SecurityManager#checkPermission checkPermission}
* method is called with a
* {@link RuntimePermission RuntimePermission("getenv.*")} permission.
* This may result in a {@link SecurityException} being thrown.
*
* <p>When passing information to a Java subprocess,
* <a href=#EnvironmentVSSystemProperties>system properties</a>
* are generally preferred over environment variables.
*
* @return the environment as a map of variable names to values
* @throws SecurityException
* if a security manager exists and its
* {@link SecurityManager#checkPermission checkPermission}
* method doesn't allow access to the process environment
* @see #getenv(String)
* @see ProcessBuilder#environment()
* @since 1.5
@ -1614,16 +1360,6 @@ public final class System {
* would make them dependent from a specific implementation of the
* {@code LoggerFinder} service.
* <p>
* In addition, when a security manager is present, loggers provided to
* system classes should not be directly configurable through the logging
* backend without requiring permissions.
* <br>
* It is the responsibility of the provider of
* the concrete {@code LoggerFinder} implementation to ensure that
* these loggers are not configured by untrusted code without proper
* permission checks, as configuration performed on such loggers usually
* affects all applications in the same Java Runtime.
* <p>
* <b>Message Levels and Mapping to backend levels</b>
* <p>
* A logger finder is responsible for mapping from a {@code
@ -1656,10 +1392,6 @@ public final class System {
* implementation does not perform any heavy initialization in its
* constructor, in order to avoid possible risks of deadlock or class
* loading cycles during the instantiation of the service provider.
*
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
protected LoggerFinder() {
this(checkPermission());
@ -1689,9 +1421,6 @@ public final class System {
* module.
* @throws NullPointerException if {@code name} is {@code null} or
* {@code module} is {@code null}.
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
public abstract Logger getLogger(String name, Module module);
@ -1732,9 +1461,6 @@ public final class System {
*
* @throws NullPointerException if {@code name} is {@code null} or
* {@code module} is {@code null}.
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
public Logger getLocalizedLogger(String name, ResourceBundle bundle,
Module module) {
@ -1749,9 +1475,6 @@ public final class System {
* loaded.
*
* @return the {@link LoggerFinder LoggerFinder} instance.
* @throws SecurityException if a security manager is present and its
* {@code checkPermission} method doesn't allow the
* {@code RuntimePermission("loggerFinder")}.
*/
public static LoggerFinder getLoggerFinder() {
@SuppressWarnings("removal")
@ -1896,10 +1619,10 @@ public final class System {
}
/**
* Initiates the {@linkplain Runtime##shutdown shutdown sequence} of the Java Virtual Machine.
* Unless the security manager denies exiting, this method initiates the shutdown sequence
* (if it is not already initiated) and then blocks indefinitely. This method neither returns
* nor throws an exception; that is, it does not complete either normally or abruptly.
* Initiates the {@linkplain Runtime##shutdown shutdown sequence} of the Java Virtual
* Machine. This method initiates the shutdown sequence (if it is not already initiated)
* and then blocks indefinitely. This method neither returns nor throws an exception;
* that is, it does not complete either normally or abruptly.
* <p>
* The argument serves as a status code. By convention, a nonzero status code
* indicates abnormal termination.
@ -1913,9 +1636,6 @@ public final class System {
* The initiation of the shutdown sequence is logged by {@link Runtime#exit(int)}.
*
* @param status exit status.
* @throws SecurityException
* if a security manager exists and its {@code checkExit} method
* doesn't allow exit with the specified status.
* @see java.lang.Runtime#exit(int)
*/
public static void exit(int status) {
@ -2009,9 +1729,6 @@ public final class System {
* </pre></blockquote>
*
* @param filename the file to load.
* @throws SecurityException if a security manager exists and its
* {@code checkLink} method doesn't allow
* loading of the specified dynamic library
* @throws UnsatisfiedLinkError if either the filename is not an
* absolute path name, the native library is not statically
* linked with the VM, or the library cannot be mapped to
@ -2022,7 +1739,6 @@ public final class System {
*
* @spec jni/index.html Java Native Interface Specification
* @see java.lang.Runtime#load(java.lang.String)
* @see java.lang.SecurityManager#checkLink(java.lang.String)
*/
@CallerSensitive
@Restricted
@ -2052,9 +1768,6 @@ public final class System {
* </pre></blockquote>
*
* @param libname the name of the library.
* @throws SecurityException if a security manager exists and its
* {@code checkLink} method doesn't allow
* loading of the specified dynamic library
* @throws UnsatisfiedLinkError if either the libname argument
* contains a file path, the native library is not statically
* linked with the VM, or the library cannot be mapped to a
@ -2065,7 +1778,6 @@ public final class System {
*
* @spec jni/index.html Java Native Interface Specification
* @see java.lang.Runtime#loadLibrary(java.lang.String)
* @see java.lang.SecurityManager#checkLink(java.lang.String)
*/
@CallerSensitive
@Restricted
@ -2334,24 +2046,13 @@ public final class System {
/*
* Invoked by VM. Phase 3 is the final system initialization:
* 1. eagerly initialize bootstrap method factories that might interact
* negatively with custom security managers and custom class loaders
* 2. set security manager
* 3. set system class loader
* 4. set TCCL
* 1. set system class loader
* 2. set TCCL
*
* This method must be called after the module system initialization.
* The security manager and system class loader may be a custom class from
* the application classpath or modulepath.
*/
@SuppressWarnings("removal")
private static void initPhase3() {
// Initialize the StringConcatFactory eagerly to avoid potential
// bootstrap circularity issues that could be caused by a custom
// SecurityManager
Unsafe.getUnsafe().ensureClassInitialized(StringConcatFactory.class);
// Emit a warning if java.io.tmpdir is set via the command line
// to a directory that doesn't exist
if (SystemProps.isBadIoTmpdir()) {
@ -2359,52 +2060,17 @@ public final class System {
}
String smProp = System.getProperty("java.security.manager");
boolean needWarning = false;
if (smProp != null) {
switch (smProp) {
case "disallow":
allowSecurityManager = NEVER;
break;
case "allow":
allowSecurityManager = MAYBE;
break;
case "":
case "default":
implSetSecurityManager(new SecurityManager());
allowSecurityManager = MAYBE;
needWarning = true;
break;
default:
try {
ClassLoader cl = ClassLoader.getBuiltinAppClassLoader();
Class<?> c = Class.forName(smProp, false, cl);
Constructor<?> ctor = c.getConstructor();
// Must be a public subclass of SecurityManager with
// a public no-arg constructor
if (!SecurityManager.class.isAssignableFrom(c) ||
!Modifier.isPublic(c.getModifiers()) ||
!Modifier.isPublic(ctor.getModifiers())) {
throw new Error("Could not create SecurityManager: "
+ ctor.toString());
}
// custom security manager may be in non-exported package
ctor.setAccessible(true);
SecurityManager sm = (SecurityManager) ctor.newInstance();
implSetSecurityManager(sm);
needWarning = true;
} catch (Exception e) {
throw new InternalError("Could not create SecurityManager", e);
}
allowSecurityManager = MAYBE;
throw new Error("A command line option has attempted to allow or enable the Security Manager."
+ " Enabling a Security Manager is not supported.");
}
} else {
allowSecurityManager = NEVER;
}
if (needWarning) {
System.err.println("""
WARNING: A command line option has enabled the Security Manager
WARNING: The Security Manager is deprecated and will be removed in a future release""");
}
// Emit a warning if `sun.jnu.encoding` is not supported.
@ -2491,14 +2157,6 @@ public final class System {
public Package definePackage(ClassLoader cl, String name, Module module) {
return cl.definePackage(name, module);
}
@SuppressWarnings("removal")
public void addNonExportedPackages(ModuleLayer layer) {
SecurityManager.addNonExportedPackages(layer);
}
@SuppressWarnings("removal")
public void invalidatePackageAccessCache() {
SecurityManager.invalidatePackageAccessCache();
}
public Module defineModule(ClassLoader loader,
ModuleDescriptor descriptor,
URI uri) {
@ -2791,11 +2449,6 @@ public final class System {
public boolean bytesCompatible(String string, Charset charset) {
return string.bytesCompatible(charset);
}
@Override
public boolean allowSecurityManager() {
return System.allowSecurityManager();
}
});
}
}