archive/jdk
1
0
Fork 0
mirror of https://github.com/openjdk/jdk.git synced 2025-08-26 14:24:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

8338411: Implement JEP 486: Permanently Disable the Security Manager

Browse source 
Co-authored-by: Sean Mullan <mullan@openjdk.org>
Co-authored-by: Alan Bateman <alanb@openjdk.org>
Co-authored-by: Weijun Wang <weijun@openjdk.org>
Co-authored-by: Aleksei Efimov <aefimov@openjdk.org>
Co-authored-by: Brian Burkhalter <bpb@openjdk.org>
Co-authored-by: Daniel Fuchs <dfuchs@openjdk.org>
Co-authored-by: Harshitha Onkar <honkar@openjdk.org>
Co-authored-by: Joe Wang <joehw@openjdk.org>
Co-authored-by: Jorn Vernee <jvernee@openjdk.org>
Co-authored-by: Justin Lu <jlu@openjdk.org>
Co-authored-by: Kevin Walls <kevinw@openjdk.org>
Co-authored-by: Lance Andersen <lancea@openjdk.org>
Co-authored-by: Naoto Sato <naoto@openjdk.org>
Co-authored-by: Roger Riggs <rriggs@openjdk.org>
Co-authored-by: Brent Christian <bchristi@openjdk.org>
Co-authored-by: Stuart Marks <smarks@openjdk.org>
Co-authored-by: Ian Graves <igraves@openjdk.org>
Co-authored-by: Phil Race <prr@openjdk.org>
Co-authored-by: Erik Gahlin <egahlin@openjdk.org>
Co-authored-by: Jaikiran Pai <jpai@openjdk.org>
Reviewed-by: kevinw, aivanov, rriggs, lancea, coffeys, dfuchs, ihse, erikj, cjplummer, coleenp, naoto, mchung, prr, weijun, joehw, azvegint, psadhukhan, bchristi, sundar, attila
This commit is contained in:
Sean Mullan 2024-11-12 17:16:15 +00:00
parent c12b386d19
commit db85090553
1885 changed files with 5528 additions and 65650 deletions
Download patch file Download diff file Expand all files Collapse all files

16
src/java.base/share/classes/java/nio/channels/AsynchronousFileChannel.java
View file

@ -240,14 +240,6 @@ public abstract class AsynchronousFileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*/
public static AsynchronousFileChannel open(Path file,
Set<? extends OpenOption> options,
@ -301,14 +293,6 @@ public abstract class AsynchronousFileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*/
public static AsynchronousFileChannel open(Path file, OpenOption... options)
throws IOException

27
src/java.base/share/classes/java/nio/channels/AsynchronousServerSocketChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -188,7 +188,6 @@ public abstract class AsynchronousServerSocketChannel
*
* @throws AlreadyBoundException {@inheritDoc}
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
*/
@ -225,9 +224,6 @@ public abstract class AsynchronousServerSocketChannel
* If the socket is already bound
* @throws UnsupportedAddressTypeException
* If the type of the given address is not supported
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies the operation
* @throws ClosedChannelException
* If the channel is closed
* @throws IOException
@ -265,14 +261,6 @@ public abstract class AsynchronousServerSocketChannel
* connection is accepted immediately (see <a
* href="AsynchronousChannelGroup.html#threading">Threading</a>).
*
* <p> If a security manager has been installed then it verifies that the
* address and port number of the connection's remote endpoint are permitted
* by the security manager's {@link SecurityManager#checkAccept checkAccept}
* method. The permission check is performed with privileges that are restricted
* by the calling context of this method. If the permission check fails then
* the connection is closed and the operation completes with a {@link
* SecurityException}.
*
* @param <A>
* The type of the attachment
* @param attachment
@ -312,18 +300,9 @@ public abstract class AsynchronousServerSocketChannel
/**
* {@inheritDoc}
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address if
* denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

31
src/java.base/share/classes/java/nio/channels/AsynchronousSocketChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -205,10 +205,6 @@ public abstract class AsynchronousSocketChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and its
* {@link SecurityManager#checkListen checkListen} method denies
* the operation
*/
@Override
public abstract AsynchronousSocketChannel bind(SocketAddress local)
@ -295,12 +291,6 @@ public abstract class AsynchronousSocketChannel
* established. If the connection cannot be established then the channel is
* closed.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.Socket} class. That is, if a security manager has been
* installed then this method verifies that its {@link
* java.lang.SecurityManager#checkConnect checkConnect} method permits
* connecting to the address and port number of the given remote endpoint.
*
* @param <A>
* The type of the attachment
* @param remote
@ -320,9 +310,6 @@ public abstract class AsynchronousSocketChannel
* If a connection operation is already in progress on this channel
* @throws ShutdownChannelGroupException
* If the channel group has terminated
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*
* @see #getRemoteAddress
*/
@ -353,9 +340,6 @@ public abstract class AsynchronousSocketChannel
* If this channel is already connected
* @throws ConnectionPendingException
* If a connection operation is already in progress on this channel
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*/
public abstract Future<Void> connect(SocketAddress remote);
@ -674,18 +658,9 @@ public abstract class AsynchronousSocketChannel
/**
* {@inheritDoc}
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address if
* denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

81
src/java.base/share/classes/java/nio/channels/DatagramChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -44,11 +44,10 @@ import static java.util.Objects.requireNonNull;
* connected. A datagram channel need not be connected in order for the {@link #send
* send} and {@link #receive receive} methods to be used. A datagram channel may be
* connected, by invoking its {@link #connect connect} method, in order to
* avoid the overhead of the security checks are otherwise performed as part of
* every send and receive operation. A datagram channel must be connected in
* order to use the {@link #read(java.nio.ByteBuffer) read} and {@link
* #write(java.nio.ByteBuffer) write} methods, since those methods do not
* accept or return socket addresses.
* avoid the overhead of checks performed as part of every send and receive operation.
* A datagram channel must be connected in order to use the {@link
* #read(java.nio.ByteBuffer) read} and {@link #write(java.nio.ByteBuffer) write}
* methods, since those methods do not accept or return socket addresses.
*
* <p> Once connected, a datagram channel remains connected until it is
* disconnected or closed. Whether or not a datagram channel is connected may
@ -220,10 +219,6 @@ public abstract class DatagramChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies the
* operation
*
* @since 1.7
*/
@ -268,18 +263,6 @@ public abstract class DatagramChannel
* this method, may be discarded. The channel's socket remains connected
* until it is explicitly disconnected or until it is closed.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.DatagramSocket#connect connect} method of the {@link
* java.net.DatagramSocket} class. That is, if a security manager has been
* installed then this method verifies that its {@link
* java.lang.SecurityManager#checkAccept checkAccept} and {@link
* java.lang.SecurityManager#checkConnect checkConnect} methods permit
* datagrams to be received from and sent to, respectively, the given
* remote address. Once connected, no further security checks are performed
* for datagrams received from, or sent to, the given remote address. Care
* should be taken to ensure that a connected datagram channel is not shared
* with untrusted code.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a read or write operation upon this channel, then an
* invocation of this method will block until any such operation is
@ -315,12 +298,6 @@ public abstract class DatagramChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed and it does not
* permit access to the given remote address, or if unbound,
* the security manager {@link SecurityManager#checkListen checkListen}
* method denies the operation
*
* @throws IOException
* If some other I/O error occurs
*/
@ -331,8 +308,7 @@ public abstract class DatagramChannel
* Disconnects this channel's socket.
*
* <p> The channel's socket is configured so that it can receive datagrams
* from, and sends datagrams to, any remote address so long as the security
* manager, if installed, permits it.
* from, and sends datagrams to, any remote address.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a read or write operation upon this channel, then an
@ -384,17 +360,6 @@ public abstract class DatagramChannel
* are fewer bytes remaining in the buffer than are required to hold the
* datagram then the remainder of the datagram is silently discarded.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.DatagramSocket#receive receive} method of the {@link
* java.net.DatagramSocket} class. That is, if the socket is not connected
* to a specific remote address and a security manager has been installed
* then for each datagram received this method verifies that the source's
* address and port number are permitted by the security manager's {@link
* java.lang.SecurityManager#checkAccept checkAccept} method. Datagrams
* that are not permitted by the security manager are silently discarded.
* The overhead of this security check can be avoided by first connecting
* the socket via the {@link #connect connect} method.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a read operation upon this channel, however, then an
* invocation of this method will block until the first operation is
@ -426,11 +391,6 @@ public abstract class DatagramChannel
* closing the channel and setting the current thread's
* interrupt status
*
* @throws SecurityException
* If unbound, and a security manager has been installed and
* its {@link SecurityManager#checkListen checkListen} method
* denies the operation
*
* @throws IOException
* If some other I/O error occurs
*/
@ -448,16 +408,6 @@ public abstract class DatagramChannel
* <p> The datagram is transferred from the byte buffer as if by a regular
* {@link WritableByteChannel#write(java.nio.ByteBuffer) write} operation.
*
* <p> This method performs exactly the same security checks as the {@link
* java.net.DatagramSocket#send send} method of the {@link
* java.net.DatagramSocket} class. That is, if the socket is not connected
* to a specific remote address and a security manager has been installed
* then for each datagram sent this method verifies that the target address
* and port number are permitted by the security manager's {@link
* java.lang.SecurityManager#checkConnect checkConnect} method. The
* overhead of this security check can be avoided by first connecting the
* socket via the {@link #connect connect} method.
*
* <p> This method may be invoked at any time. If another thread has
* already initiated a write operation upon this channel, however, then an
* invocation of this method will block until the first operation is
@ -501,12 +451,6 @@ public abstract class DatagramChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed and it does not permit
* datagrams to be sent to the given address, or if unbound, and
* the security manager's {@link SecurityManager#checkListen checkListen}
* method denies the operation
*
* @throws IOException
* If some other I/O error occurs
*/
@ -651,18 +595,9 @@ public abstract class DatagramChannel
* datagrams sent via this channel instead of the wildcard address.
* When {@link #disconnect} is called, the bound address reverts
* to the wildcard address.
* <p>
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address if
* denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

16
src/java.base/share/classes/java/nio/channels/FileChannel.java
View file

@ -289,14 +289,6 @@ public abstract class FileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*
* @since 1.7
*/
@ -345,14 +337,6 @@ public abstract class FileChannel
* specific exception</a>)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an
* unspecified permission required by the implementation.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*
* @since 1.7
*/

10
src/java.base/share/classes/java/nio/channels/MulticastChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -182,10 +182,6 @@ public interface MulticastChannel
* If this channel is closed
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is set, and its
* {@link SecurityManager#checkMulticast(InetAddress) checkMulticast}
* method denies access to the multicast group
*/
MembershipKey join(InetAddress group, NetworkInterface interf)
throws IOException;
@ -231,10 +227,6 @@ public interface MulticastChannel
* If this channel is closed
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is set, and its
* {@link SecurityManager#checkMulticast(InetAddress) checkMulticast}
* method denies access to the multicast group
*/
MembershipKey join(InetAddress group, NetworkInterface interf, InetAddress source)
throws IOException;

6
src/java.base/share/classes/java/nio/channels/NetworkChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2013, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -77,10 +77,6 @@ public interface NetworkChannel
* If the channel is closed
* @throws IOException
* If some other I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission. An implementation of this interface should specify
* any required permissions.
*
* @see #getLocalAddress
*/

48
src/java.base/share/classes/java/nio/channels/ServerSocketChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -212,9 +212,6 @@ public abstract class ServerSocketChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and it denies the
* operation
*
* @since 1.7
*/
@ -275,12 +272,6 @@ public abstract class ServerSocketChannel
* If this channel is closed
* @throws IOException
* If some other I/O error occurs
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies
* the operation for an <i>Internet protocol</i> socket address,
* or for a <i>Unix domain</i> socket address if it denies
* {@link NetPermission}{@code("accessUnixDomainSocket")}.
*
* @since 1.7
*/
@ -322,16 +313,6 @@ public abstract class ServerSocketChannel
* <p> The socket channel returned by this method, if any, will be in
* blocking mode regardless of the blocking mode of this channel.
*
* <p> If bound to an <i>Internet protocol</i> socket address, this method
* performs exactly the same security checks as the {@link
* java.net.ServerSocket#accept accept} method of the {@link java.net.ServerSocket}
* class. That is, if a security manager has been installed then for each
* new connection this method verifies that the address and port number
* of the connection's remote endpoint are permitted by the security
* manager's {@link java.lang.SecurityManager#checkAccept checkAccept}
* method. If bound to a <i>Unix Domain</i> socket address, this method checks
* {@link NetPermission}{@code ("accessUnixDomainSocket")}.
*
* @return The socket channel for the new connection,
* or {@code null} if this channel is in non-blocking mode
* and no connection is available to be accepted
@ -352,14 +333,6 @@ public abstract class ServerSocketChannel
* @throws NotYetBoundException
* If this channel's socket has not yet been bound
*
* @throws SecurityException
* If a security manager has been installed and this
* channel is bound to an {@link InetSocketAddress}
* and the security manager denies access to the remote endpoint
* of the new connection, or if this channel is bound to a
* {@link UnixDomainSocketAddress} and the security manager
* denies {@link NetPermission}{@code ("accessUnixDomainSocket")}
*
* @throws IOException
* If some other I/O error occurs
*/
@ -368,24 +341,11 @@ public abstract class ServerSocketChannel
/**
* {@inheritDoc}
*
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* <p> Where the channel is bound to a <i>Unix Domain</i> socket address, the socket
* address is a {@link UnixDomainSocketAddress}. If there is a security manager
* set, its {@link SecurityManager#checkPermission(java.security.Permission)
* checkPermission} method is called with {@link NetPermission}{@code
* ("accessUnixDomainSocket")}. If the operation is not allowed an unnamed
* {@link UnixDomainSocketAddress} is returned.
* address is a {@link UnixDomainSocketAddress}.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address or empty
* path if denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to or {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

48
src/java.base/share/classes/java/nio/channels/SocketChannel.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -259,10 +259,6 @@ public abstract class SocketChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*
* @throws IOException
* If some other I/O error occurs
*
@ -355,12 +351,6 @@ public abstract class SocketChannel
* @throws UnsupportedAddressTypeException {@inheritDoc}
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}
* @throws SecurityException
* If a security manager has been installed and its {@link
* SecurityManager#checkListen checkListen} method denies
* the operation for an <i>Internet protocol</i> socket address,
* or for a <i>Unix domain</i> socket address if it denies
* {@link NetPermission}{@code("accessUnixDomainSocket")}.
*
* @since 1.7
*/
@ -463,19 +453,6 @@ public abstract class SocketChannel
* method will block until the connection is established or an I/O error
* occurs.
*
* <p> For channels to <i>Internet protocol</i> sockets, this method performs
* exactly the same security checks as the {@link java.net.Socket} class.
* That is, if a security manager has been
* installed then this method verifies that its {@link
* java.lang.SecurityManager#checkConnect checkConnect} method permits
* connecting to the address and port number of the given remote endpoint.
*
* <p> For channels to <i>Unix Domain</i> sockets, this method checks
* {@link java.net.NetPermission NetPermission}{@code
* ("accessUnixDomainSocket")} with the security manager's {@link
* SecurityManager#checkPermission(java.security.Permission)
* checkPermission} method.
*
* <p> This method may be invoked at any time. If a read or write
* operation upon this channel is invoked while an invocation of this
* method is in progress then that operation will first block until this
@ -516,10 +493,6 @@ public abstract class SocketChannel
* @throws UnsupportedAddressTypeException
* If the type of the given remote address is not supported
*
* @throws SecurityException
* If a security manager has been installed
* and it does not permit access to the given remote endpoint
*
* @throws IOException
* If some other I/O error occurs
*/
@ -663,24 +636,11 @@ public abstract class SocketChannel
/**
* {@inheritDoc}
*
* If there is a security manager set, its {@code checkConnect} method is
* called with the local address and {@code -1} as its arguments to see
* if the operation is allowed. If the operation is not allowed,
* a {@code SocketAddress} representing the
* {@link java.net.InetAddress#getLoopbackAddress loopback} address and the
* local port of the channel's socket is returned.
*
* <p> Where the channel is bound to a Unix Domain socket address, the socket
* address is a {@link UnixDomainSocketAddress}. If there is a security manager
* set, its {@link SecurityManager#checkPermission(java.security.Permission)
* checkPermission} method is called with {@link NetPermission}{@code
* ("accessUnixDomainSocket")}. If the operation is not allowed an unnamed
* {@link UnixDomainSocketAddress} is returned.
* address is a {@link UnixDomainSocketAddress}.
*
* @return The {@code SocketAddress} that the socket is bound to, or the
* {@code SocketAddress} representing the loopback address or empty
* path if denied by the security manager, or {@code null} if the
* channel's socket is not bound
* @return The {@code SocketAddress} that the socket is bound to; {@code null}
* if the channel's socket is not bound
*
* @throws ClosedChannelException {@inheritDoc}
* @throws IOException {@inheritDoc}

15
src/java.base/share/classes/java/nio/channels/spi/AsynchronousChannelProvider.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -51,24 +51,11 @@ import java.security.PrivilegedAction;
*/
public abstract class AsynchronousChannelProvider {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("asynchronousChannelProvider"));
return null;
}
private AsynchronousChannelProvider(Void ignore) { }
/**
* Initializes a new instance of this class.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("asynchronousChannelProvider")}
*/
protected AsynchronousChannelProvider() {
this(checkPermission());
}
// lazy initialization of default provider

20
src/java.base/share/classes/java/nio/channels/spi/SelectorProvider.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2000, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2000, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -72,24 +72,10 @@ import java.util.ServiceConfigurationError;
public abstract class SelectorProvider {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("selectorProvider"));
return null;
}
private SelectorProvider(Void ignore) { }
/**
* Initializes a new instance of this class.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("selectorProvider")}
*/
protected SelectorProvider() {
this(checkPermission());
}
private static class Holder {
@ -315,10 +301,6 @@ public abstract class SelectorProvider {
* @throws IOException
* If an I/O error occurs
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("inheritedChannel")}
*
* @since 1.5
*/
public Channel inheritedChannel() throws IOException {

14
src/java.base/share/classes/java/nio/charset/spi/CharsetProvider.java
View file

@ -82,24 +82,10 @@ import java.util.Iterator;
public abstract class CharsetProvider {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("charsetProvider"));
return null;
}
private CharsetProvider(Void ignore) { }
/**
* Initializes a new charset provider.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("charsetProvider")}
*/
protected CharsetProvider() {
this(checkPermission());
}
/**

7
src/java.base/share/classes/java/nio/file/AccessDeniedException.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -29,11 +29,6 @@ package java.nio.file;
* Checked exception thrown when a file system operation is denied, typically
* due to a file permission or other access check.
*
* <p> This exception is not related to the {@link
* java.security.AccessControlException AccessControlException} or {@link
* SecurityException} thrown by access controllers or security managers when
* access to a file is denied.
*
* @since 1.7
*/

27
src/java.base/share/classes/java/nio/file/FileSystem.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -172,22 +172,15 @@ public abstract class FileSystem
*
* <p> A file system provides access to a file store that may be composed
* of a number of distinct file hierarchies, each with its own top-level
* root directory. Unless denied by the security manager, each element in
* the returned iterator corresponds to the root directory of a distinct
* file hierarchy. The order of the elements is not defined. The file
* hierarchies may change during the lifetime of the Java virtual machine.
* root directory. Each element in the returned iterator corresponds to the
* root directory of a distinct file hierarchy. The order of the elements is
* not defined. The file hierarchies may change during the lifetime of the
* ava virtual machine.
* For example, in some implementations, the insertion of removable media
* may result in the creation of a new file hierarchy with its own
* top-level directory. There is no guarantee that a root directory
* can be accessed.
*
* <p> When a security manager is installed, it is invoked to check access
* to the each root directory. If denied, the root directory is not returned
* by the iterator. In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} method is invoked to check read access
* to each root directory. It is system dependent if the permission checks
* are done when the iterator is obtained or during iteration.
*
* @return An object to iterate over the root directories
*/
public abstract Iterable<Path> getRootDirectories();
@ -201,16 +194,6 @@ public abstract class FileSystem
* Java virtual machine. When an I/O error occurs, perhaps because a file
* store is not accessible, then it is not returned by the iterator.
*
* <p> In the case of the default provider, and a security manager is
* installed, the security manager is invoked to check {@link
* RuntimePermission}{@code ("getFileStoreAttributes")}. If denied, then
* no file stores are returned by the iterator. In addition, the security
* manager's {@link SecurityManager#checkRead(String)} method is invoked to
* check read access to the file store's <em>top-most</em> directory. If
* denied, the file store is not returned by the iterator. It is system
* dependent if the permission checks are done when the iterator is obtained
* or during iteration.
*
* <p> <b>Usage Example:</b>
* Suppose we want to print the space usage for all file stores:
* {@snippet lang=java :

28
src/java.base/share/classes/java/nio/file/FileSystems.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -206,11 +206,6 @@ public final class FileSystems {
* exception if invoked after the file system is closed (and before a new
* instance is created by the {@link #newFileSystem newFileSystem} method).
*
* <p> If a security manager is installed then a provider implementation
* may require to check a permission before returning a reference to an
* existing file system. In the case of the {@link FileSystems#getDefault
* default} file system, no permission check is required.
*
* @param uri the URI to locate the file system
*
* @return the reference to the file system
@ -221,9 +216,6 @@ public final class FileSystems {
* if the file system, identified by the URI, does not exist
* @throws ProviderNotFoundException
* if a provider supporting the URI scheme is not installed
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*/
public static FileSystem getFileSystem(URI uri) {
String scheme = uri.getScheme();
@ -278,9 +270,6 @@ public final class FileSystems {
* if a provider supporting the URI scheme is not installed
* @throws IOException
* if an I/O error occurs creating the file system
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required by the file system provider implementation
*/
public static FileSystem newFileSystem(URI uri, Map<String,?> env)
throws IOException
@ -323,9 +312,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* an I/O error occurs creating the file system
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required by the file system provider implementation
*/
public static FileSystem newFileSystem(URI uri, Map<String,?> env, ClassLoader loader)
throws IOException
@ -389,9 +375,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*/
public static FileSystem newFileSystem(Path path,
ClassLoader loader)
@ -428,9 +411,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*
* @since 13
*/
@ -465,9 +445,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*
* @since 13
*/
@ -510,9 +487,6 @@ public final class FileSystems {
* when an error occurs while loading a service provider
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission
*
* @since 13
*/

385
src/java.base/share/classes/java/nio/file/Files.java
View file

@ -149,10 +149,6 @@ public final class Files {
* if an unsupported option is specified
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static InputStream newInputStream(Path path, OpenOption... options)
throws IOException
@ -214,13 +210,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public static OutputStream newOutputStream(Path path, OpenOption... options)
throws IOException
@ -359,16 +348,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file is
* opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @see java.nio.channels.FileChannel#open(Path,Set,FileAttribute[])
*/
@ -406,16 +385,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file is
* opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @see java.nio.channels.FileChannel#open(Path,OpenOption[])
*/
@ -471,10 +440,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public static DirectoryStream<Path> newDirectoryStream(Path dir)
throws IOException
@ -526,10 +491,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public static DirectoryStream<Path> newDirectoryStream(Path dir, String glob)
throws IOException
@ -602,10 +563,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public static DirectoryStream<Path> newDirectoryStream(Path dir,
DirectoryStream.Filter<? super Path> filter)
@ -647,10 +604,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs or the parent directory does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the new file.
*/
public static Path createFile(Path path, FileAttribute<?>... attrs)
throws IOException
@ -689,10 +642,6 @@ public final class Files {
* that name already exists <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs or the parent directory does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the new directory.
*/
public static Path createDirectory(Path dir, FileAttribute<?>... attrs)
throws IOException
@ -733,17 +682,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* in the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked prior to attempting to create a directory and
* its {@link SecurityManager#checkRead(String) checkRead} is
* invoked for each parent directory that is checked. If {@code
* dir} is not an absolute path then its {@link Path#toAbsolutePath
* toAbsolutePath} may need to be invoked to get its absolute path.
* This may invoke the security manager's {@link
* SecurityManager#checkPropertyAccess(String) checkPropertyAccess}
* method to check access to the system property {@code user.dir}
*/
public static Path createDirectories(Path dir, FileAttribute<?>... attrs)
throws IOException
@ -865,10 +803,6 @@ public final class Files {
* when creating the directory
* @throws IOException
* if an I/O error occurs or {@code dir} does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file.
*/
public static Path createTempFile(Path dir,
String prefix,
@ -911,10 +845,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs or the temporary-file directory does not
* exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file.
*/
public static Path createTempFile(String prefix,
String suffix,
@ -963,11 +893,6 @@ public final class Files {
* when creating the directory
* @throws IOException
* if an I/O error occurs or {@code dir} does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access when creating the
* directory.
*/
public static Path createTempDirectory(Path dir,
String prefix,
@ -1005,11 +930,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs or the temporary-file directory does not
* exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access when creating the
* directory.
*/
public static Path createTempDirectory(String prefix,
FileAttribute<?>... attrs)
@ -1057,11 +977,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it denies {@link LinkPermission}{@code ("symbolic")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the path of the symbolic link.
*/
public static Path createSymbolicLink(Path link, Path target,
FileAttribute<?>... attrs)
@ -1102,12 +1017,6 @@ public final class Files {
* that name already exists <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it denies {@link LinkPermission}{@code ("hard")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to either the link or the
* existing file.
*/
public static Path createLink(Path link, Path existing) throws IOException {
provider(link).createLink(link, existing);
@ -1144,10 +1053,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String)} method
* is invoked to check delete access to the file
*/
public static void delete(Path path) throws IOException {
provider(path).delete(path);
@ -1183,10 +1088,6 @@ public final class Files {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String)} method
* is invoked to check delete access to the file.
*/
public static boolean deleteIfExists(Path path) throws IOException {
return provider(path).deleteIfExists(path);
@ -1287,14 +1188,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the source file, the
* {@link SecurityManager#checkWrite(String) checkWrite} is invoked
* to check write access to the target file. If a symbolic link is
* copied the security manager is invoked to check {@link
* LinkPermission}{@code ("symbolic")}.
*/
public static Path copy(Path source, Path target, CopyOption... options)
throws IOException
@ -1422,11 +1315,6 @@ public final class Files {
* the file cannot be moved as an atomic file system operation.
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to both the source and
* target file.
*/
public static Path move(Path source, Path target, CopyOption... options)
throws IOException
@ -1465,10 +1353,6 @@ public final class Files {
* is not a symbolic link <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it checks that {@code FilePermission} has been
* granted with the "{@code readlink}" action to read the link.
*/
public static Path readSymbolicLink(Path link) throws IOException {
return provider(link).readSymbolicLink(link);
@ -1492,12 +1376,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file, and in
* addition it checks
* {@link RuntimePermission}{@code ("getFileStoreAttributes")}
*/
public static FileStore getFileStore(Path path) throws IOException {
return provider(path).getFileStore(path);
@ -1535,11 +1413,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to both files when the
* two paths are not equal
*
* @see java.nio.file.attribute.BasicFileAttributes#fileKey
*/
@ -1591,11 +1464,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to both files when the
* two paths are not equal
*
* @since 12
*/
@ -1644,10 +1512,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static boolean isHidden(Path path) throws IOException {
return provider(path).isHidden(path);
@ -1729,9 +1593,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission required by a file type detector implementation.
*
* @spec https://www.rfc-editor.org/info/rfc2045
* RFC 2045: Multipurpose Internet Mail Extensions (MIME) Part One:
@ -1850,12 +1711,6 @@ public final class Files {
* if an attributes of the given type are not supported
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file. If this
* method is invoked to read security sensitive attributes then the
* security manager may be invoked to check for additional permissions.
*/
public static <A extends BasicFileAttributes> A readAttributes(Path path,
Class<A> type,
@ -1919,12 +1774,6 @@ public final class Files {
* type
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file. If this method is invoked
* to set security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public static Path setAttribute(Path path, String attribute, Object value,
LinkOption... options)
@ -1980,12 +1829,6 @@ public final class Files {
* if the attribute name is not specified or is not recognized
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file. If this method is invoked
* to read security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public static Object getAttribute(Path path, String attribute,
LinkOption... options)
@ -2084,12 +1927,6 @@ public final class Files {
* specified
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file. If this method is invoked
* to read security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public static Map<String,Object> readAttributes(Path path, String attributes,
LinkOption... options)
@ -2125,12 +1962,6 @@ public final class Files {
* PosixFileAttributeView}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
public static Set<PosixFilePermission> getPosixFilePermissions(Path path,
LinkOption... options)
@ -2163,12 +1994,6 @@ public final class Files {
* PosixFilePermission}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
public static Path setPosixFilePermissions(Path path,
Set<PosixFilePermission> perms)
@ -2201,12 +2026,6 @@ public final class Files {
* FileOwnerAttributeView}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
public static UserPrincipal getOwner(Path path, LinkOption... options) throws IOException {
FileOwnerAttributeView view =
@ -2245,12 +2064,6 @@ public final class Files {
* FileOwnerAttributeView}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*
* @see FileSystem#getUserPrincipalLookupService
* @see java.nio.file.attribute.UserPrincipalLookupService
@ -2280,11 +2093,6 @@ public final class Files {
* @return {@code true} if the file is a symbolic link; {@code false} if
* the file does not exist, is not a symbolic link, or it cannot
* be determined if the file is a symbolic link or not.
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*/
public static boolean isSymbolicLink(Path path) {
try {
@ -2319,11 +2127,6 @@ public final class Files {
* @return {@code true} if the file is a directory; {@code false} if
* the file does not exist, is not a directory, or it cannot
* be determined if the file is a directory or not.
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*/
public static boolean isDirectory(Path path, LinkOption... options) {
try {
@ -2358,11 +2161,6 @@ public final class Files {
* @return {@code true} if the file is a regular file; {@code false} if
* the file does not exist, is not a regular file, or it
* cannot be determined if the file is a regular file or not.
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*/
public static boolean isRegularFile(Path path, LinkOption... options) {
try {
@ -2395,10 +2193,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*
* @see BasicFileAttributes#lastModifiedTime
*/
@ -2434,10 +2228,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkWrite(String)
* checkWrite} method denies write access to the file.
*
* @see BasicFileAttributeView#setTimes
*/
@ -2463,10 +2253,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file.
*
* @see BasicFileAttributes#size
*/
@ -2514,11 +2300,6 @@ public final class Files {
* @return {@code true} if the file exists; {@code false} if the file does
* not exist or its existence cannot be determined.
*
* @throws SecurityException
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} is invoked to check
* read access to the file.
*
* @see #notExists
* @see FileSystemProvider#checkAccess
*/
@ -2551,11 +2332,6 @@ public final class Files {
*
* @return {@code true} if the file does not exist; {@code false} if the
* file exists or its existence cannot be determined
*
* @throws SecurityException
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} is invoked to check
* read access to the file.
*/
public static boolean notExists(Path path, LinkOption... options) {
try {
@ -2609,11 +2385,6 @@ public final class Files {
* if the file does not exist, read access would be denied because
* the Java virtual machine has insufficient privileges, or access
* cannot be determined
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* is invoked to check read access to the file.
*/
public static boolean isReadable(Path path) {
FileSystemProvider provider = provider(path);
@ -2644,11 +2415,6 @@ public final class Files {
* if the file does not exist, write access would be denied because
* the Java virtual machine has insufficient privileges, or access
* cannot be determined
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* is invoked to check write access to the file.
*/
public static boolean isWritable(Path path) {
FileSystemProvider provider = provider(path);
@ -2683,11 +2449,6 @@ public final class Files {
* if the file does not exist, execute access would be denied because
* the Java virtual machine has insufficient privileges, or access
* cannot be determined
*
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkExec(String)
* checkExec} is invoked to check execute access to the file.
*/
public static boolean isExecutable(Path path) {
FileSystemProvider provider = provider(path);
@ -2754,20 +2515,15 @@ public final class Files {
*
* <p> The {@code maxDepth} parameter is the maximum number of levels of
* directories to visit. A value of {@code 0} means that only the starting
* file is visited, unless denied by the security manager. A value of
* {@link Integer#MAX_VALUE MAX_VALUE} may be used to indicate that all
* levels should be visited. The {@code visitFile} method is invoked for all
* files, including directories, encountered at {@code maxDepth}, unless the
* basic file attributes cannot be read, in which case the {@code
* file is visited. A value of {@link Integer#MAX_VALUE MAX_VALUE} may be used
* to indicate that all levels should be visited. The {@code visitFile} method
* is invoked for all files, including directories, encountered at {@code maxDepth},
* unless the basic file attributes cannot be read, in which case the {@code
* visitFileFailed} method is invoked.
*
* <p> If a visitor returns a result of {@code null} then {@code
* NullPointerException} is thrown.
*
* <p> When a security manager is installed and it denies access to a file
* (or directory), then it is ignored and the visitor is not invoked for
* that file (or directory).
*
* @param start
* the starting file
* @param options
@ -2781,11 +2537,6 @@ public final class Files {
*
* @throws IllegalArgumentException
* if the {@code maxDepth} parameter is negative
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown by a visitor method
*/
@ -2867,11 +2618,6 @@ public final class Files {
*
* @return the starting file
*
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown by a visitor method
*/
@ -2907,10 +2653,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @see #readAllLines
*/
@ -2943,10 +2685,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 1.8
*/
@ -2994,13 +2732,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @see #write(Path,Iterable,Charset,OpenOption[])
*/
@ -3044,13 +2775,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 1.8
*/
@ -3117,13 +2841,6 @@ public final class Files {
* <i>(optional specific exception)</i>
* @throws UnsupportedOperationException
* if {@code options} contains a copy option that is not supported
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. Where the
* {@code REPLACE_EXISTING} option is specified, the security
* manager's {@link SecurityManager#checkDelete(String) checkDelete}
* method is invoked to check that an existing file can be deleted.
*/
public static long copy(InputStream in, Path target, CopyOption... options)
throws IOException
@ -3204,10 +2921,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs when reading or writing
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static long copy(Path source, OutputStream out) throws IOException {
// ensure not null before opening file
@ -3283,10 +2996,6 @@ public final class Files {
* @throws OutOfMemoryError
* if an array of the required size cannot be allocated, for
* example the file is larger that {@code 2GB}
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public static byte[] readAllBytes(Path path) throws IOException {
try (SeekableByteChannel sbc = Files.newByteChannel(path);
@ -3318,10 +3027,6 @@ public final class Files {
* unmappable byte sequence is read
* @throws OutOfMemoryError
* if the file is extremely large, for example larger than {@code 2GB}
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 11
*/
@ -3356,10 +3061,6 @@ public final class Files {
* unmappable byte sequence is read
* @throws OutOfMemoryError
* if the file is extremely large, for example larger than {@code 2GB}
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 11
*/
@ -3405,10 +3106,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs reading from the file or a malformed or
* unmappable byte sequence is read
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @see #newBufferedReader
*/
@ -3446,10 +3143,6 @@ public final class Files {
* @throws IOException
* if an I/O error occurs reading from the file or a malformed or
* unmappable byte sequence is read
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 1.8
*/
@ -3499,13 +3192,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public static Path write(Path path, byte[] bytes, OpenOption... options)
throws IOException
@ -3567,13 +3253,6 @@ public final class Files {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public static Path write(Path path, Iterable<? extends CharSequence> lines,
Charset cs, OpenOption... options)
@ -3619,13 +3298,6 @@ public final class Files {
* text cannot be encoded as {@code UTF-8}
* @throws UnsupportedOperationException
* if an unsupported option is specified
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 1.8
*/
@ -3662,13 +3334,6 @@ public final class Files {
* text cannot be encoded using UTF-8
* @throws UnsupportedOperationException
* if an unsupported option is specified
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 11
*/
@ -3714,13 +3379,6 @@ public final class Files {
* text cannot be encoded using the specified charset
* @throws UnsupportedOperationException
* if an unsupported option is specified
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*
* @since 11
*/
@ -3784,10 +3442,6 @@ public final class Files {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs when opening the directory
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*
* @see #newDirectoryStream(Path)
* @since 1.8
@ -3875,12 +3529,8 @@ public final class Files {
*
* <p> The {@code maxDepth} parameter is the maximum number of levels of
* directories to visit. A value of {@code 0} means that only the starting
* file is visited, unless denied by the security manager. A value of
* {@link Integer#MAX_VALUE MAX_VALUE} may be used to indicate that all
* levels should be visited.
*
* <p> When a security manager is installed and it denies access to a file
* (or directory), then it is ignored and not included in the stream.
* file is visited. A value of {@link Integer#MAX_VALUE MAX_VALUE} may be used
* to indicate that all levels should be visited.
*
* <p> The returned stream contains references to one or more open directories.
* The directories are closed by closing the stream.
@ -3906,11 +3556,6 @@ public final class Files {
*
* @throws IllegalArgumentException
* if the {@code maxDepth} parameter is negative
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown when accessing the starting file.
* @since 1.8
@ -3964,11 +3609,6 @@ public final class Files {
*
* @return the {@link Stream} of {@link Path}
*
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown when accessing the starting file.
*
@ -4022,11 +3662,6 @@ public final class Files {
*
* @throws IllegalArgumentException
* if the {@code maxDepth} parameter is negative
* @throws SecurityException
* If the security manager denies access to the starting file.
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String) checkRead} method is invoked
* to check read access to the directory.
* @throws IOException
* if an I/O error is thrown when accessing the starting file.
*
@ -4117,10 +3752,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @see #readAllLines(Path, Charset)
* @see #newBufferedReader(Path, Charset)
@ -4222,10 +3853,6 @@ public final class Files {
*
* @throws IOException
* if an I/O error occurs opening the file
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*
* @since 1.8
*/

38
src/java.base/share/classes/java/nio/file/LinkPermission.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -30,41 +30,11 @@ import java.security.BasicPermission;
/**
* The {@code Permission} class for link creation operations.
*
* <p> The following table provides a summary description of what the permission
* allows, and discusses the risks of granting code the permission.
*
* <table class="striped">
* <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption>
* <thead>
* <tr>
* <th scope="col">Permission Target Name</th>
* <th scope="col">What the Permission Allows</th>
* <th scope="col">Risks of Allowing this Permission</th>
* </tr>
* </thead>
* <tbody>
* <tr>
* <th scope="row">hard</th>
* <td> Ability to add an existing file to a directory. This is sometimes
* known as creating a link, or hard link. </td>
* <td> Extreme care should be taken when granting this permission. It allows
* linking to any file or directory in the file system thus allowing the
* attacker access to all files. </td>
* </tr>
* <tr>
* <th scope="row">symbolic</th>
* <td> Ability to create symbolic links. </td>
* <td> Extreme care should be taken when granting this permission. It allows
* linking to any file or directory in the file system thus allowing the
* attacker to access to all files. </td>
* </tr>
* </tbody>
* </table>
* @apiNote
* This permission cannot be used for controlling access to resources
* as the Security Manager is no longer supported.
*
* @since 1.7
*
* @see Files#createLink
* @see Files#createSymbolicLink
*/
public final class LinkPermission extends BasicPermission {
@java.io.Serial

31
src/java.base/share/classes/java/nio/file/Path.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -188,9 +188,6 @@ public interface Path
* The file system, identified by the URI, does not exist and
* cannot be created automatically, or the provider identified by
* the URI's scheme component is not installed
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission to access the file system
*
* @since 11
*/
@ -747,11 +744,6 @@ public interface Path
* file system is constructed to access the contents of a file as
* a file system, and the URI of the enclosing file system cannot be
* obtained
*
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, the {@link #toAbsolutePath toAbsolutePath} method
* throws a security exception.
*/
URI toUri();
@ -769,12 +761,6 @@ public interface Path
*
* @throws java.io.IOError
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager
* is installed, and this path is not absolute, then the security
* manager's {@link SecurityManager#checkPropertyAccess(String)
* checkPropertyAccess} method is invoked to check access to the
* system property {@code user.dir}
*/
Path toAbsolutePath();
@ -814,13 +800,6 @@ public interface Path
*
* @throws IOException
* if the file does not exist or an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file, and where
* this path is not absolute, its {@link SecurityManager#checkPropertyAccess(String)
* checkPropertyAccess} method is invoked to check access to the
* system property {@code user.dir}
*/
Path toRealPath(LinkOption... options) throws IOException;
@ -913,10 +892,6 @@ public interface Path
* and the file is not a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
@Override
WatchKey register(WatchService watcher,
@ -969,10 +944,6 @@ public interface Path
* and the file is not a directory <i>(optional specific exception)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
@Override
default WatchKey register(WatchService watcher,

5
src/java.base/share/classes/java/nio/file/Paths.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2018, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -88,9 +88,6 @@ public final class Paths {
* The file system, identified by the URI, does not exist and
* cannot be created automatically, or the provider identified by
* the URI's scheme component is not installed
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission to access the file system
*
* @see Path#of(URI)
*/

31
src/java.base/share/classes/java/nio/file/SecureDirectoryStream.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -47,11 +47,6 @@ import java.io.IOException;
* newDirectoryStream} method will be a {@code SecureDirectoryStream} and must
* be cast to that type in order to invoke the methods defined by this interface.
*
* <p> In the case of the default {@link java.nio.file.spi.FileSystemProvider
* provider}, and a security manager is set, then the permission checks are
* performed using the path obtained by resolving the given relative path
* against the <i>original path</i> of the directory (irrespective of if the
* directory is moved since it was opened).
* @param <T> The type of element returned by the iterator
*
* @since 1.7
@ -90,10 +85,6 @@ public interface SecureDirectoryStream<T>
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
SecureDirectoryStream<T> newDirectoryStream(T path, LinkOption... options)
throws IOException;
@ -138,13 +129,6 @@ public interface SecureDirectoryStream<T>
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file
* is opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing.
*/
SeekableByteChannel newByteChannel(T path,
Set<? extends OpenOption> options,
@ -171,10 +155,6 @@ public interface SecureDirectoryStream<T>
* if the file does not exist <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String) checkDelete}
* method is invoked to check delete access to the file
*/
void deleteFile(T path) throws IOException;
@ -199,10 +179,6 @@ public interface SecureDirectoryStream<T>
* not empty <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String) checkDelete}
* method is invoked to check delete access to the directory
*/
void deleteDirectory(T path) throws IOException;
@ -238,11 +214,6 @@ public interface SecureDirectoryStream<T>
* if the file cannot be moved as an atomic file system operation
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to both the source and
* target file.
*/
void move(T srcpath, SecureDirectoryStream<T> targetdir, T targetpath)
throws IOException;

10
src/java.base/share/classes/java/nio/file/Watchable.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -81,10 +81,6 @@ public interface Watchable {
* if the watch service is closed
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required to monitor this object. Implementations of
* this interface should specify the permission checks.
*/
WatchKey register(WatchService watcher,
WatchEvent.Kind<?>[] events,
@ -118,10 +114,6 @@ public interface Watchable {
* if the watch service is closed
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* if a security manager is installed and it denies an unspecified
* permission required to monitor this object. Implementations of
* this interface should specify the permission checks.
*/
WatchKey register(WatchService watcher, WatchEvent.Kind<?>... events)
throws IOException;

12
src/java.base/share/classes/java/nio/file/attribute/AclFileAttributeView.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -170,11 +170,6 @@ public interface AclFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
List<AclEntry> getAcl() throws IOException;
@ -206,11 +201,6 @@ public interface AclFileAttributeView
*
* @throws IOException
* if an I/O error occurs or the ACL is invalid
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, it denies {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
void setAcl(List<AclEntry> acl) throws IOException;
}

10
src/java.base/share/classes/java/nio/file/attribute/BasicFileAttributeView.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -121,10 +121,6 @@ public interface BasicFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file
*/
BasicFileAttributes readAttributes() throws IOException;
@ -169,10 +165,6 @@ public interface BasicFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file
*
* @see java.nio.file.Files#setLastModifiedTime
*/

19
src/java.base/share/classes/java/nio/file/attribute/DosFileAttributeView.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2017, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -97,7 +97,6 @@ public interface DosFileAttributeView
/**
* @throws IOException {@inheritDoc}
* @throws SecurityException {@inheritDoc}
*/
@Override
DosFileAttributes readAttributes() throws IOException;
@ -115,10 +114,6 @@ public interface DosFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default, and a security manager is installed,
* its {@link SecurityManager#checkWrite(String) checkWrite} method
* is invoked to check write access to the file
*/
void setReadOnly(boolean value) throws IOException;
@ -135,10 +130,6 @@ public interface DosFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default, and a security manager is installed,
* its {@link SecurityManager#checkWrite(String) checkWrite} method
* is invoked to check write access to the file
*/
void setHidden(boolean value) throws IOException;
@ -155,10 +146,6 @@ public interface DosFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default, and a security manager is installed,
* its {@link SecurityManager#checkWrite(String) checkWrite} method
* is invoked to check write access to the file
*/
void setSystem(boolean value) throws IOException;
@ -175,10 +162,6 @@ public interface DosFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default, and a security manager is installed,
* its {@link SecurityManager#checkWrite(String) checkWrite} method
* is invoked to check write access to the file
*/
void setArchive(boolean value) throws IOException;
}

14
src/java.base/share/classes/java/nio/file/attribute/FileOwnerAttributeView.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2016, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -66,12 +66,6 @@ public interface FileOwnerAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserInformation")} or its
* {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
UserPrincipal getOwner() throws IOException;
@ -90,12 +84,6 @@ public interface FileOwnerAttributeView
* if an I/O error occurs, or the {@code owner} parameter is a
* group and this implementation does not support setting the owner
* to a group
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserInformation")} or its
* {@link SecurityManager#checkWrite(String) checkWrite} method
* denies write access to the file.
*/
void setOwner(UserPrincipal owner) throws IOException;
}

20
src/java.base/share/classes/java/nio/file/attribute/PosixFileAttributeView.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -152,12 +152,6 @@ public interface PosixFileAttributeView
/**
* @throws IOException {@inheritDoc}
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
@Override
PosixFileAttributes readAttributes() throws IOException;
@ -173,12 +167,6 @@ public interface PosixFileAttributeView
* PosixFilePermission}
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
void setPermissions(Set<PosixFilePermission> perms) throws IOException;
@ -190,12 +178,6 @@ public interface PosixFileAttributeView
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it denies
* {@link RuntimePermission}{@code ("accessUserInformation")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
void setGroup(GroupPrincipal group) throws IOException;
}

38
src/java.base/share/classes/java/nio/file/attribute/UserDefinedFileAttributeView.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -47,12 +47,6 @@ import java.io.IOException;
* intended for use where the size of an attribute value is larger than {@link
* Integer#MAX_VALUE}.
*
* <p> User-defined attributes may be used in some implementations to store
* security related attributes so consequently, in the case of the default
* provider at least, all methods that access user-defined attributes require the
* {@code RuntimePermission("accessUserDefinedAttributes")} permission when a
* security manager is installed.
*
* <p> The {@link java.nio.file.FileStore#supportsFileAttributeView
* supportsFileAttributeView} method may be used to test if a specific {@link
* java.nio.file.FileStore FileStore} supports the storage of user-defined
@ -86,12 +80,6 @@ public interface UserDefinedFileAttributeView
*
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserDefinedAttributes")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
List<String> list() throws IOException;
@ -107,12 +95,6 @@ public interface UserDefinedFileAttributeView
* If the size of the attribute is larger than {@link Integer#MAX_VALUE}
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserDefinedAttributes")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*/
int size(String name) throws IOException;
@ -153,12 +135,6 @@ public interface UserDefinedFileAttributeView
* @throws IOException
* If an I/O error occurs or there is insufficient space in the
* destination buffer for the attribute value
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserDefinedAttributes")}
* or its {@link SecurityManager#checkRead(String) checkRead} method
* denies read access to the file.
*
* @see #size
*/
@ -203,12 +179,6 @@ public interface UserDefinedFileAttributeView
*
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserDefinedAttributes")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
int write(String name, ByteBuffer src) throws IOException;
@ -220,12 +190,6 @@ public interface UserDefinedFileAttributeView
*
* @throws IOException
* If an I/O error occurs or the attribute does not exist
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, and it denies {@link
* RuntimePermission}{@code ("accessUserDefinedAttributes")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file.
*/
void delete(String name) throws IOException;
}

10
src/java.base/share/classes/java/nio/file/attribute/UserPrincipalLookupService.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2009, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -70,10 +70,6 @@ public abstract class UserPrincipalLookupService {
* the principal does not exist
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it checks
* {@link RuntimePermission}{@code ("lookupUserInformation")}
*/
public abstract UserPrincipal lookupPrincipalByName(String name)
throws IOException;
@ -96,10 +92,6 @@ public abstract class UserPrincipalLookupService {
* the principal does not exist or is not a group
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, it checks
* {@link RuntimePermission}{@code ("lookupUserInformation")}
*/
public abstract GroupPrincipal lookupPrincipalByGroupName(String group)
throws IOException;

166
src/java.base/share/classes/java/nio/file/spi/FileSystemProvider.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2022, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -118,16 +118,7 @@ public abstract class FileSystemProvider {
private static volatile List<FileSystemProvider> installedProviders;
// used to avoid recursive loading of installed providers
private static boolean loadingProviders = false;
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("fileSystemProvider"));
return null;
}
private FileSystemProvider(Void ignore) { }
private static boolean loadingProviders;
/**
* Initializes a new instance of this class.
@ -136,13 +127,8 @@ public abstract class FileSystemProvider {
* with the default provider but care needs to be taken to avoid circular
* loading of other installed providers. If circular loading of installed
* providers is detected then an unspecified error is thrown.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("fileSystemProvider")}
*/
protected FileSystemProvider() {
this(checkPermission());
}
// loads all installed providers
@ -256,9 +242,6 @@ public abstract class FileSystemProvider {
* by the provider, or a property value is invalid
* @throws IOException
* An I/O error occurs creating the file system
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission required by the file system provider implementation
* @throws FileSystemAlreadyExistsException
* If the file system has already been created
*/
@ -286,11 +269,6 @@ public abstract class FileSystemProvider {
* closed (and before a new instance is created by the {@link #newFileSystem
* newFileSystem} method).
*
* <p> If a security manager is installed then a provider implementation
* may require to check a permission before returning a reference to an
* existing file system. In the case of the {@link FileSystems#getDefault
* default} file system, no permission check is required.
*
* @param uri
* URI reference
*
@ -300,9 +278,6 @@ public abstract class FileSystemProvider {
* If the pre-conditions for the {@code uri} parameter aren't met
* @throws FileSystemNotFoundException
* If the file system does not exist
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission.
*/
public abstract FileSystem getFileSystem(URI uri);
@ -317,11 +292,6 @@ public abstract class FileSystemProvider {
* fragment components. The resulting {@code Path} is associated with the
* default {@link FileSystems#getDefault default} {@code FileSystem}.
*
* <p> If a security manager is installed then a provider implementation
* may require to check a permission. In the case of the {@link
* FileSystems#getDefault default} file system, no permission check is
* required.
*
* @param uri
* The URI to convert
*
@ -333,9 +303,6 @@ public abstract class FileSystemProvider {
* @throws FileSystemNotFoundException
* The file system, identified by the URI, does not exist and
* cannot be created automatically
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission.
*/
public abstract Path getPath(URI uri);
@ -370,9 +337,6 @@ public abstract class FileSystemProvider {
* by the provider, or a property value is invalid
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* If a security manager is installed and it denies an unspecified
* permission.
*/
public FileSystem newFileSystem(Path path, Map<String,?> env)
throws IOException
@ -403,10 +367,6 @@ public abstract class FileSystemProvider {
* if an unsupported option is specified
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public InputStream newInputStream(Path path, OpenOption... options)
throws IOException
@ -455,13 +415,6 @@ public abstract class FileSystemProvider {
* If a file of that name already exists and the {@link
* StandardOpenOption#CREATE_NEW CREATE_NEW} option is specified
* <i>(optional specific exception)</i>
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the file. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public OutputStream newOutputStream(Path path, OpenOption... options)
throws IOException
@ -518,12 +471,6 @@ public abstract class FileSystemProvider {
* <i>(optional specific exception)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default file system, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*/
public FileChannel newFileChannel(Path path,
Set<? extends OpenOption> options,
@ -571,12 +518,6 @@ public abstract class FileSystemProvider {
* <i>(optional specific exception)</i>
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default file system, the {@link
* SecurityManager#checkRead(String)} method is invoked to check
* read access if the file is opened for reading. The {@link
* SecurityManager#checkWrite(String)} method is invoked to check
* write access if the file is opened for writing
*/
public AsynchronousFileChannel newAsynchronousFileChannel(Path path,
Set<? extends OpenOption> options,
@ -614,16 +555,6 @@ public abstract class FileSystemProvider {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the path if the file is
* opened for reading. The {@link SecurityManager#checkWrite(String)
* checkWrite} method is invoked to check write access to the path
* if the file is opened for writing. The {@link
* SecurityManager#checkDelete(String) checkDelete} method is
* invoked to check delete access if the file is opened with the
* {@code DELETE_ON_CLOSE} option.
*/
public abstract SeekableByteChannel newByteChannel(Path path,
Set<? extends OpenOption> options, FileAttribute<?>... attrs) throws IOException;
@ -647,10 +578,6 @@ public abstract class FileSystemProvider {
* a directory <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the directory.
*/
public abstract DirectoryStream<Path> newDirectoryStream(Path dir,
DirectoryStream.Filter<? super Path> filter) throws IOException;
@ -673,10 +600,6 @@ public abstract class FileSystemProvider {
* that name already exists <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs or the parent directory does not exist
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to the new directory.
*/
public abstract void createDirectory(Path dir, FileAttribute<?>... attrs)
throws IOException;
@ -705,11 +628,6 @@ public abstract class FileSystemProvider {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it denies {@link LinkPermission}{@code ("symbolic")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the path of the symbolic link.
*/
public void createSymbolicLink(Path link, Path target, FileAttribute<?>... attrs)
throws IOException
@ -738,12 +656,6 @@ public abstract class FileSystemProvider {
* that name already exists <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it denies {@link LinkPermission}{@code ("hard")}
* or its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to either the link or the
* existing file.
*/
public void createLink(Path link, Path existing) throws IOException {
throw new UnsupportedOperationException();
@ -764,10 +676,6 @@ public abstract class FileSystemProvider {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String)} method
* is invoked to check delete access to the file
*/
public abstract void delete(Path path) throws IOException;
@ -792,10 +700,6 @@ public abstract class FileSystemProvider {
* exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkDelete(String)} method
* is invoked to check delete access to the file
*/
public boolean deleteIfExists(Path path) throws IOException {
try {
@ -825,10 +729,6 @@ public abstract class FileSystemProvider {
* is not a symbolic link <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager
* is installed, it checks that {@code FilePermission} has been
* granted with the "{@code readlink}" action to read the link.
*/
public Path readSymbolicLink(Path link) throws IOException {
throw new UnsupportedOperationException();
@ -859,14 +759,6 @@ public abstract class FileSystemProvider {
* <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the source file, the
* {@link SecurityManager#checkWrite(String) checkWrite} is invoked
* to check write access to the target file. If a symbolic link is
* copied the security manager is invoked to check {@link
* LinkPermission}{@code ("symbolic")}.
*/
public abstract void copy(Path source, Path target, CopyOption... options)
throws IOException;
@ -898,11 +790,6 @@ public abstract class FileSystemProvider {
* the file cannot be moved as an atomic file system operation.
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkWrite(String) checkWrite}
* method is invoked to check write access to both the source and
* target file.
*/
public abstract void move(Path source, Path target, CopyOption... options)
throws IOException;
@ -920,10 +807,6 @@ public abstract class FileSystemProvider {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to both files.
*/
public abstract boolean isSameFile(Path path, Path path2)
throws IOException;
@ -942,10 +825,6 @@ public abstract class FileSystemProvider {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file.
*/
public abstract boolean isHidden(Path path) throws IOException;
@ -961,12 +840,6 @@ public abstract class FileSystemProvider {
*
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file, and in
* addition it checks
* {@link RuntimePermission}{@code ("getFileStoreAttributes")}
*/
public abstract FileStore getFileStore(Path path) throws IOException;
@ -1039,14 +912,6 @@ public abstract class FileSystemProvider {
* privileges or other reasons. <i>(optional specific exception)</i>
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, the {@link SecurityManager#checkRead(String) checkRead}
* is invoked when checking read access to the file or only the
* existence of the file, the {@link SecurityManager#checkWrite(String)
* checkWrite} is invoked when checking write access to the file,
* and {@link SecurityManager#checkExec(String) checkExec} is invoked
* when checking execute access.
*/
public abstract void checkAccess(Path path, AccessMode... modes)
throws IOException;
@ -1092,10 +957,6 @@ public abstract class FileSystemProvider {
* if an attributes of the given type are not supported
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file
*/
public abstract <A extends BasicFileAttributes> A
readAttributes(Path path, Class<A> type, LinkOption... options) throws IOException;
@ -1122,12 +983,6 @@ public abstract class FileSystemProvider {
* specified
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method denies read access to the file. If this method is invoked
* to read security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public abstract Map<String,Object> readAttributes(Path path, String attributes,
LinkOption... options)
@ -1158,12 +1013,6 @@ public abstract class FileSystemProvider {
* type
* @throws IOException
* If an I/O error occurs
* @throws SecurityException
* In the case of the default provider, and a security manager is
* installed, its {@link SecurityManager#checkWrite(String) checkWrite}
* method denies write access to the file. If this method is invoked
* to set security sensitive attributes then the security manager
* may be invoked to check for additional permissions.
*/
public abstract void setAttribute(Path path, String attribute,
Object value, LinkOption... options)
@ -1189,11 +1038,6 @@ public abstract class FileSystemProvider {
* @return {@code true} if the file exists; {@code false} if the file does
* not exist or its existence cannot be determined.
*
* @throws SecurityException
* In the case of the default provider, the {@link
* SecurityManager#checkRead(String)} is invoked to check
* read access to the file.
*
* @since 20
*/
public boolean exists(Path path, LinkOption... options) {
@ -1252,12 +1096,6 @@ public abstract class FileSystemProvider {
* if an attributes of the given type are not supported
* @throws IOException
* if an I/O error occurs
* @throws SecurityException
* In the case of the default provider, a security manager is
* installed, its {@link SecurityManager#checkRead(String) checkRead}
* method is invoked to check read access to the file. If this
* method is invoked to read security sensitive attributes then the
* security manager may be invoked to check for additional permissions.
*
* @since 20
*/

23
src/java.base/share/classes/java/nio/file/spi/FileTypeDetector.java
View file

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, 2021, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2007, 2024, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@ -49,24 +49,10 @@ import java.io.IOException;
public abstract class FileTypeDetector {
private static Void checkPermission() {
@SuppressWarnings("removal")
SecurityManager sm = System.getSecurityManager();
if (sm != null)
sm.checkPermission(new RuntimePermission("fileTypeDetector"));
return null;
}
private FileTypeDetector(Void ignore) { }
/**
* Initializes a new instance of this class.
*
* @throws SecurityException
* If a security manager has been installed and it denies
* {@link RuntimePermission}{@code ("fileTypeDetector")}
*/
protected FileTypeDetector() {
this(checkPermission());
}
/**
@ -92,13 +78,6 @@ public abstract class FileTypeDetector {
*
* @throws IOException
* An I/O error occurs
* @throws SecurityException
* If the implementation requires to access the file, and a
* security manager is installed, and it denies an unspecified
* permission required by a file system provider implementation.
* If the file reference is associated with the default file system
* provider then the {@link SecurityManager#checkRead(String)} method
* is invoked to check read access to the file.
*
* @spec https://www.rfc-editor.org/info/rfc2045
* RFC 2045: Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies