List of usage examples for java.security ProtectionDomain ProtectionDomain
public ProtectionDomain(CodeSource codesource, PermissionCollection permissions)
From source file:com.jaspersoft.jasperserver.api.engine.jasperreports.util.PermissionsListProtectionDomainProvider.java
protected ProtectionDomain createProtectionDomain() { CodeSource codeSource = getCodeSource(); PermissionCollection permissionCollection = getPermissionCollection(); return new ProtectionDomain(codeSource, permissionCollection); }
From source file:azkaban.execapp.FlowRunner.java
private boolean evaluateExpression(final String expression) { boolean result = false; final ScriptEngineManager sem = new ScriptEngineManager(); final ScriptEngine se = sem.getEngineByName("JavaScript"); // Restrict permission using the two-argument form of doPrivileged() try {//from ww w . j ava2 s . c o m final Object object = AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { @Override public Object run() throws ScriptException { return se.eval(expression); } }, new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, null) }) // no permissions ); if (object != null) { result = (boolean) object; } } catch (final Exception e) { this.logger.error("Failed to evaluate the expression.", e); } this.logger.info("Evaluate expression result: " + result); return result; }
From source file:org.echocat.nodoodle.classloading.FileClassLoader.java
private Class<?> defineClass(String name, Resource resource) throws IOException { final int i = name.lastIndexOf('.'); final URL packageUrl = resource.getPackageUrl(); if (i != -1) { final String packageName = name.substring(0, i); // Check if package already loaded. final Package pkg = getPackage(packageName); final Manifest man = resource.getManifest(); if (pkg != null) { // Package found, so check package sealing. if (pkg.isSealed()) { // Verify that code source URL is the same. if (!pkg.isSealed(packageUrl)) { throw new SecurityException("sealing violation: package " + packageName + " is sealed"); }/*from ww w .ja v a2 s . c o m*/ } else { // Make sure we are not attempting to seal the package // at this code source URL. if ((man != null) && isSealed(packageName, man)) { throw new SecurityException( "sealing violation: can't seal package " + packageName + ": already loaded"); } } } else { if (man != null) { definePackage(packageName, man, packageUrl); } else { definePackage(packageName, null, null, null, null, null, null, null); } } } final ByteArrayOutputStream baos = new ByteArrayOutputStream(); final InputStream inputStream = resource.openStream(); try { IOUtils.copy(inputStream, baos); } finally { IOUtils.closeQuietly(inputStream); } final byte[] bytes = baos.toByteArray(); final CodeSigner[] signers = resource.getCodeSigners(); final CodeSource cs = new CodeSource(packageUrl, signers); return defineClass(name, bytes, 0, bytes.length, new ProtectionDomain(cs, new Permissions())); }
From source file:org.jwebsocket.util.Tools.java
/** * Executes a privileged action in sandbox. * * @param aPermissions The security permissions. * @param aAction The action to execute/ * @return/* www. ja va2 s.c o m*/ */ public static Object doPrivileged(PermissionCollection aPermissions, PrivilegedAction aAction) { ProtectionDomain lProtectionDomain = new ProtectionDomain(new CodeSource(null, (Certificate[]) null), aPermissions); AccessControlContext lSecureContext = new AccessControlContext( new ProtectionDomain[] { lProtectionDomain }); return AccessController.doPrivileged(aAction, lSecureContext); }
From source file:org.rhq.bindings.ScriptEngineFactory.java
/** * This method is similar to the {@link #getScriptEngine(String, PackageFinder, StandardBindings)} method * but additionally applies a security wrapper on the returned script engine so that the scripts execute * with the provided java permissions./*from w w w. j av a 2 s.com*/ * * @see #getScriptEngine(String, PackageFinder, StandardBindings) */ public static ScriptEngine getSecuredScriptEngine(final String language, final PackageFinder packageFinder, final StandardBindings bindings, final PermissionCollection permissions) throws ScriptException, IOException { CodeSource src = new CodeSource(new URL("http://rhq-project.org/scripting"), (Certificate[]) null); ProtectionDomain scriptDomain = new ProtectionDomain(src, permissions); AccessControlContext ctx = new AccessControlContext(new ProtectionDomain[] { scriptDomain }); try { return AccessController.doPrivileged(new PrivilegedExceptionAction<ScriptEngine>() { @Override public ScriptEngine run() throws Exception { //This might seem a bit excessive but is necessary due to the //change in security handling in the rhino script engine //that occured in Java6u27 (due to a CVE desribed here: //https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3544) //In Java 6u26 and earlier, it was enough to wrap a script engine //in the sandbox and everything would work. //Java 6u27 introduced new behavior where the rhino script engine //remembers the access control context with which it has been //constructed and combines that with the callers protection domain //when a script is executed. Because this class has all perms and //all the code in RHQ that called ScriptEngine.eval* also //had all perms, the scripts would never be sandboxed even if the call //was pushed through the SandboxedScriptEngine. //This means that the below wrapping is necessary for the security //to work in java6 pre u27 while the surrounding privileged block //is necessary for the security to be applied in java6 u27 and later. return new SandboxedScriptEngine(getScriptEngine(language, packageFinder, bindings), permissions); } }, ctx); } catch (PrivilegedActionException e) { Throwable cause = e.getCause(); if (cause instanceof IOException) { throw (IOException) cause; } else if (cause instanceof ScriptException) { throw (ScriptException) cause; } else { throw new ScriptException(e); } } }