1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111
/* * @(#)SQLPermission.java 1.17 05/12/22 * * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms. */ package java.sql; import java.security.*; /** * The permission for which the <code>SecurityManager</code> will check * when code that is running in an applet calls the * <code>DriverManager.setLogWriter</code> method or the * <code>DriverManager.setLogStream</code> (deprecated) method. * If there is no <code>SQLPermission</code> object, these methods * throw a <code>java.lang.SecurityException</code> as a runtime exception. * <P> * A <code>SQLPermission</code> object contains * a name (also referred to as a "target name") but no actions * list; there is either a named permission or there is not. * The target name is the name of the permission (see below). The * naming convention follows the hierarchical property naming convention. * In addition, an asterisk * may appear at the end of the name, following a ".", or by itself, to * signify a wildcard match. For example: <code>loadLibrary.*</code> * or <code>*</code> is valid, * but <code>*loadLibrary</code> or <code>a*b</code> is not valid. * <P> * The following table lists all the possible <code>SQLPermission</code> target names. * Currently, the only name allowed is <code>setLog</code>. * The table gives a description of what the permission allows * and a discussion of the risks of granting code the permission. * <P> * * <table border=1 cellpadding=5 summary="permission target name, what the permission allows, and associated risks"> * <tr> * <th>Permission Target Name</th> * <th>What the Permission Allows</th> * <th>Risks of Allowing this Permission</th> * </tr> * * <tr> * <td>setLog</td> * <td>Setting of the logging stream</td> * <td>This is a dangerous permission to grant. * The contents of the log may contain usernames and passwords, * SQL statements, and SQL data.</td> * </tr> * * </table> * * The person running an applet decides what permissions to allow * and will run the <code>Policy Tool</code> to create an * <code>SQLPermission</code> in a policy file. A programmer does * not use a constructor directly to create an instance of <code>SQLPermission</code> * but rather uses a tool. * @since 1.3 * @see java.security.BasicPermission * @see java.security.Permission * @see java.security.Permissions * @see java.security.PermissionCollection * @see java.lang.SecurityManager * */ public final class SQLPermission extends BasicPermission { /** * Creates a new <code>SQLPermission</code> object with the specified name. * The name is the symbolic name of the <code>SQLPermission</code>; currently, * the only name allowed is "setLog". * * @param name the name of this <code>SQLPermission</code> object, which must * be <code>setLog</code> * @throws NullPointerException if <code>name</code> is <code>null</code>. * @throws IllegalArgumentException if <code>name</code> is empty. */ public SQLPermission(String name) { super(name); } /** * Creates a new <code>SQLPermission</code> object with the specified name. * The name is the symbolic name of the <code>SQLPermission</code>; the * actions <code>String</code> is currently unused and should be * <code>null</code>. * * @param name the name of this <code>SQLPermission</code> object, which must * be <code>setLog</code> * @param actions should be <code>null</code> * @throws NullPointerException if <code>name</code> is <code>null</code>. * @throws IllegalArgumentException if <code>name</code> is empty. */ public SQLPermission(String name, String actions) { super(name, actions); } /** * Private serial version unique ID to ensure serialization * compatibility. */ static final long serialVersionUID = -1439323187199563495L; }