1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
/* * @(#)ManagementPermission.java 1.5 06/04/21 * * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ package java.lang.management; /** * The permission which the SecurityManager will check when code * that is running with a SecurityManager calls methods defined * in the management interface for the Java platform. * <P> * The following table * provides a summary description of what the permission allows, * and discusses the risks of granting code the permission. * <P> * * <table border=1 cellpadding=5 summary="Table shows permission target name, wh at the permission allows, and associated risks"> * <tr> * <th>Permission Target Name</th> * <th>What the Permission Allows</th> * <th>Risks of Allowing this Permission</th> * </tr> * * <tr> * <td>control</td> * <td>Ability to control the runtime characteristics of the Java virtual * machine, for example, setting the -verbose:gc and -verbose:class flag, * setting the threshold of a memory pool, and enabling and disabling * the thread contention monitoring support. * </td> * <td>This allows an attacker to control the runtime characteristics * of the Java virtual machine and cause the system to misbehave. * </td> * </tr> * <tr> * <td>monitor</td> * <td>Ability to retrieve runtime information about * the Java virtual machine such as thread * stack trace, a list of all loaded class names, and input arguments * to the Java virtual machine.</td> * <td>This allows malicious code to monitor runtime information and * uncover vulnerabilities.</td> * </tr> * * </table> * * <p> * Programmers do not normally create ManagementPermission objects directly. * Instead they are created by the security policy code based on reading * the security policy file. * * @author Mandy Chung * @version 1.5, 04/21/06 * @since 1.5 * * @see java.security.BasicPermission * @see java.security.Permission * @see java.security.Permissions * @see java.security.PermissionCollection * @see java.lang.SecurityManager * */ public final class ManagementPermission extends java.security.BasicPermission { /** * Constructs a ManagementPermission with the specified name. * * @param name Permission name. Must be either "monitor" or "control". * * @throws NullPointerException if <code>name</code> is <code>null</code>. * @throws IllegalArgumentException if <code>name</code> is empty or invalid. */ public ManagementPermission(String name) { super(name); if (!name.equals("control") && !name.equals("monitor")) { throw new IllegalArgumentException("name: " + name); } } /** * Constructs a new ManagementPermission object. * * @param name Permission name. Must be either "monitor" or "control". * @param actions Must be either null or the empty string. * * @throws NullPointerException if <code>name</code> is <code>null</code>. * @throws IllegalArgumentException if <code>name</code> is empty or * if arguments are invalid. */ public ManagementPermission(String name, String actions) throws IllegalArgumentException { super(name); if (!name.equals("control") && !name.equals("monitor")) { throw new IllegalArgumentException("name: " + name); } if (actions != null && actions.length() > 0) { throw new IllegalArgumentException("actions: " + actions); } } }