Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance. Project price only 1 $
You can buy this project and download/modify it how often you want.
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.netbeans;
import java.awt.AWTPermission;
import java.io.FileDescriptor;
import java.lang.reflect.Field;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.logging.LoggingPermission;
import org.openide.util.Lookup;
import org.openide.util.WeakSet;
/** NetBeans security manager implementation.
* @author Ales Novak, Jesse Glick
*/
public class TopSecurityManager extends SecurityManager {
private static final boolean check = !Boolean.getBoolean("netbeans.security.nocheck"); // NOI18N
private static final Logger LOG = Logger.getLogger(TopSecurityManager.class.getName());
private Permission allPermission;
/* JVMPI sometimes deadlocks sync getForeignClassLoader
and Class.forName
*/
private static final Class classLoaderClass = ClassLoader.class;
private static final Class URLClass = URL.class;
private static final Class runtimePermissionClass = RuntimePermission.class;
private static final Class accessControllerClass = AccessController.class;
private static final Class awtPermissionClass = AWTPermission.class;
private static SecurityManager fsSecManager;
private static final List delegates = new ArrayList();
/** Register a delegate security manager that can handle some checks for us.
* Currently only checkExit and checkTopLevelWindow are supported.
* @param sm the delegate to register
* @throws SecurityException without RuntimePermission "TopSecurityManager.register"
*/
public static void register(SecurityManager sm) throws SecurityException {
/* if (check) {
try {
AccessController.checkPermission(new RuntimePermission("TopSecurityManager.register")); // NOI18N
} catch (SecurityException se) {
// Something is probably wrong; debug it better.
ProtectionDomain pd = sm.getClass().getProtectionDomain();
CodeSource cs = pd.getCodeSource();
System.err.println("Code source of attempted secman: " + (cs != null ? cs.getLocation().toExternalForm() : "")); // NOI18N
System.err.println("Its permissions: " + pd); // NOI18N
throw se;
}
}
*/
synchronized (delegates) {
if (delegates.contains(sm)) throw new SecurityException();
delegates.add(sm);
if (fsSecManager == null) {
for (Lookup.Item item : Lookup.getDefault().lookupResult(SecurityManager.class).allItems()) {
if (item != null && "org.netbeans.modules.masterfs.filebasedfs.utils.FileChangedManager".equals(item.getId())) {//NOI18N
fsSecManager = item.getInstance();
break;
}
}
assert fsSecManager != null;
}
}
}
/** Unregister a delegate security manager.
* @param sm the delegate to unregister
* @throws SecurityException without RuntimePermission "TopSecurityManager.unregister"
*/
public static void unregister(SecurityManager sm) throws SecurityException {
/* if (check) {
AccessController.checkPermission(new RuntimePermission("TopSecurityManager.unregister")); // NOI18N
}
*/
synchronized (delegates) {
if (!delegates.contains(sm)) throw new SecurityException();
delegates.remove(sm);
}
}
/**
* constructs new TopSecurityManager
*/
public TopSecurityManager () {
allPermission = new AllPermission();
}
public @Override void checkExit(int status) throws SecurityException {
if (! check) {
return;
}
synchronized (delegates) {
Iterator it = delegates.iterator();
while (it.hasNext()) {
it.next().checkExit(status);
}
}
PrivilegedCheck.checkExit(status, this);
}
SecurityManager getSecurityManager() {
if (fsSecManager == null) {
synchronized (delegates) {
return fsSecManager;
}
}
return fsSecManager;
}
private void notifyDelete(String file) {
SecurityManager s = getSecurityManager();
if (s != null) {
s.checkDelete(file);
}
}
private void notifyRead(String file) {
SecurityManager s = getSecurityManager();
if (s != null) {
s.checkRead(file);
}
}
private void notifyWrite(String file) {
SecurityManager s = getSecurityManager();
if (s != null) {
s.checkWrite(file);
}
}
static boolean officialExit = false;
static Class[] getStack() {
SecurityManager s = System.getSecurityManager();
TopSecurityManager t;
if (s instanceof TopSecurityManager) {
t = (TopSecurityManager)s;
} else {
t = new TopSecurityManager();
}
return t.getClassContext();
}
/** Can be called from core classes to exit the system.
* Direct calls to System.exit will not be honored, for safety.
* @param status the status code to exit with
* @see "#20751"
*/
public static void exit(int status) {
if (officialExit) {
return; // already inside a shutdown hook
}
officialExit = true;
System.exit(status);
}
final void checkExitImpl(int status, AccessControlContext acc) throws SecurityException {
if (!officialExit) {
throw new ExitSecurityException("Illegal attempt to exit early"); // NOI18N
}
super.checkExit(status);
}
@SuppressWarnings("deprecation")
public boolean checkTopLevelWindow(Object window) {
return checkTopLevelWindow(new AWTPermission("showWindowWithoutWarningBanner"), window); // NOI18N
}
private boolean checkTopLevelWindow(Permission windowPermission, Object window) {
synchronized (delegates) {
for (SecurityManager sm : delegates) {
sm.checkPermission(windowPermission, window);
}
}
return true;
}
/* XXX probably unnecessary:
// Hack against permissions of Launcher$AppLoader.
public void checkPackageAccess(String pckg) {
if (pckg == null) return;
if (pckg.startsWith("sun.")) { // NOI18N
if (inClazz("sun.misc.Launcher") || inClazz("java.lang.Class")) { // NOI18N
return;
}
}
super.checkPackageAccess(pckg);
}
private boolean inClazz(String s) {
Class[] classes = getClassContext();
int i = 0;
for (; (i < classes.length) && (classes[i] == TopSecurityManager.class); i++);
if (i == classes.length) {
return false;
}
return classes[i].getName().startsWith(s);
}
*/
/** Performance - all props accessible */
public @Override final void checkPropertyAccess(String x) {
if ("netbeans.debug.exceptions".equals(x)) { // NOI18N
// Get rid of this old system property.
for (Class c : getClassContext()) {
if (c != TopSecurityManager.class &&
c != System.class &&
c != Boolean.class) {
String n = c.getName();
synchronized (warnedClassesNDE) {
if (warnedClassesNDE.add(n)) {
LOG.log(Level.WARNING, "use of system property netbeans.debug.exceptions has been obsoleted in favor of java.util.logging.Logger at {0}", findCallStackLine(n));
}
}
break;
}
}
}
if ("netbeans.home".equals(x) || "netbeans.user".equals(x)) { // NOI18N
// Control access to this system property.
for (Class c : getClassContext()) {
if (c != TopSecurityManager.class &&
c != System.class &&
c != Boolean.class) {
String n = c.getName();
boolean log;
synchronized (warnedClassesNH) {
log = warnedClassesNH.add(n);
}
if (log) {
LOG.log(Level.WARNING, "use of system property {0} has been obsoleted in favor of InstalledFileLocator/Places at {1}", new Object[] {x, findCallStackLine(n)});
}
break;
}
}
}
}
private static String findCallStackLine(String callerClazz) {
for (StackTraceElement line : Thread.currentThread().getStackTrace()) {
if (line.getClassName().equals(callerClazz)) {
return line.toString();
}
}
return callerClazz;
}
private final Set warnedClassesNDE = new HashSet(25);
private static final Set warnedClassesNH = new HashSet(25);
static {
// XXX cleaner would be to use @SuppressWarnings, but that has Retention(SOURCE), and not all these can use org.netbeans.api.annotations.common
warnedClassesNH.add("org.openide.modules.Places");
warnedClassesNH.add("org.netbeans.MainImpl"); // NOI18N
warnedClassesNH.add("org.netbeans.MainImpl$BootClassLoader");
warnedClassesNH.add("org.netbeans.CLIHandler");
warnedClassesNH.add("org.netbeans.Stamps"); // NOI18N
warnedClassesNH.add("org.netbeans.Clusters"); // NOI18N
warnedClassesNH.add("org.netbeans.core.startup.InstalledFileLocatorImpl"); // NOI18N
warnedClassesNH.add("org.netbeans.core.startup.CLIOptions");
warnedClassesNH.add("org.netbeans.core.startup.preferences.RelPaths");
warnedClassesNH.add("org.netbeans.core.startup.layers.BinaryFS");
warnedClassesNH.add("org.netbeans.modules.netbinox.NetbinoxFactory");
warnedClassesNH.add("org.netbeans.updater.UpdateTracking"); // NOI18N
warnedClassesNH.add("org.netbeans.core.ui.ProductInformationPanel"); // #47429; NOI18N
warnedClassesNH.add("org.netbeans.lib.uihandler.LogFormatter");
warnedClassesNH.add("org.netbeans.modules.project.libraries.LibrariesStorage");
warnedClassesNH.add("org.netbeans.modules.j2ee.sun.ide.j2ee.PluginProperties"); // AS bundle is not in any cluster
warnedClassesNH.add("org.netbeans.modules.apisupport.project.universe.NbPlatform"); // defaultPlatformLocation
}
/* ----------------- private methods ------------- */
/**
* The method is empty. This is not "secure", but on the other hand,
* it reduces performance penalty of startup about 10%
*/
public @Override void checkRead(String file) {
notifyRead(file);
}
public @Override void checkRead(FileDescriptor fd) {
}
public @Override void checkWrite(FileDescriptor fd) {
}
/** The method has awful performance in super class */
public @Override void checkDelete(String file) {
notifyDelete(file);
try {
checkPermission(allPermission);
return;
} catch (SecurityException e) {
super.checkDelete(file);
}
}
/** The method has awful performance in super class */
public @Override void checkWrite(String file) {
notifyWrite(file);
try {
checkPermission(allPermission);
return;
} catch (SecurityException e) {
super.checkWrite(file);
}
}
/** Checks connect */
public @Override void checkConnect(String host, int port) {
if (! check) {
return;
}
try {
checkPermission(allPermission);
return;
} catch (SecurityException e) {
}
try {
super.checkConnect(host, port);
return;
} catch (SecurityException e) {
}
PrivilegedCheck.checkConnect(host, port, this);
}
final void checkConnectImpl(String host, int port) {
Class insecure = getInsecureClass();
if (insecure != null) {
URL ctx = getClassURL(insecure);
if (ctx != null) {
try {
String fromHost = ctx.getHost();
InetAddress ia2 = InetAddress.getByName(host);
InetAddress ia3 = InetAddress.getByName(fromHost);
if (ia2.equals(ia3)) {
return;
}
} catch (UnknownHostException e) { // ignore
e.printStackTrace();
}
}
throw new SecurityException();
}
}
public @Override void checkConnect(String s, int port, Object context) {
checkConnect(s, port);
}
private final Set> warnedSunMisc = new WeakSet<>();
private final Set callerWhiteList = createCallerWhiteList();
@SuppressWarnings("deprecation")
public void checkMemberAccess(Class clazz, int which) {
final String n = clazz.getName();
if (n.startsWith("sun.misc")) { // NOI18N
Class caller = null;
Class[] arr = getClassContext();
for (int i = 0; i < arr.length; i++) {
if (arr[i] == TopSecurityManager.class) {
continue;
}
if (arr[i] != Class.class) {
caller = arr[i];
break;
}
}
StringBuilder msg = new StringBuilder();
msg.append("Dangerous reflection access to ").append(n).append(" by ").append(caller).append(" detected!");
if (caller != null && caller.getProtectionDomain() != null) {
CodeSource cs = caller.getProtectionDomain().getCodeSource();
msg.append("\ncode location: ").append(cs == null ? "null" : cs.getLocation());
}
if (caller != null && isDangerous(caller.getName(), n)) {
throw new SecurityException(msg.toString());
}
Level l;
if (caller != null && callerWhiteList.contains(caller.getName())) {
l = Level.FINEST;
} else {
l = Level.FINE;
assert (l = Level.INFO) != null;
}
if (!warnedSunMisc.add(caller)) {
LOG.log(l, msg.toString());
return;
}
Exception ex = new Exception(msg.toString()); // NOI18N
LOG.log(l, null, ex);
}
}
/**
* Create list of safe callers for {@link #checkMemberAccess(Class, int)}.
*/
private static Set createCallerWhiteList() {
Set wl = new HashSet();
wl.add("org.netbeans.core.output2.FileMapStorage"); //NOI18N
wl.add("com.sun.tools.javac.util.CloseableURLClassLoader"); //NOI18N
wl.add("java.lang.Thread$1"); //NOI18N
wl.add("org.clank.support.NativeMemory"); //NOI18N
wl.add("org.apache.lucene.store.MMapDirectory$1"); //NOI18N
wl.add("org.apache.lucene.util.Constants"); //#217037
wl.add("org.apache.lucene.util.RamUsageEstimator");//#217037
wl.add("com.google.gson.internal.UnsafeAllocator"); //#219464 //NOI18N
wl.add("org.netbeans.modules.web.jspparser_ext.WebAppParseSupport$ParserClassLoader"); //#218690 // NOI18N
return wl;
}
private static boolean isDangerous(String caller, String accessTo) {
if ("com.sun.istack.tools.ProtectedTask".equals(caller)) { // NOI18N
if ("sun.misc.ClassLoaderUtil".equals(accessTo)) { // NOI18N
// calling ClassLoaderUtil is allowed
return false;
}
return true;
}
return false;
}
public @Override void checkPermission(Permission perm) {
// assert checkLogger(perm); //#178013 & JDK bug 1694855
checkSetSecurityManager(perm);
//
// part of makeSwingUseSpecialClipboard that makes it work on
// JDK 1.5
//
if (awtPermissionClass.isInstance(perm)) {
if ("accessClipboard".equals (perm.getName ())) { // NOI18N
ThreadLocal
