CheckRestrictedPackage.java revision 1551:f3b883bec2d0
1109998Smarkm/* 268651Skris * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 368651Skris * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 468651Skris * 568651Skris * This code is free software; you can redistribute it and/or modify it 668651Skris * under the terms of the GNU General Public License version 2 only, as 768651Skris * published by the Free Software Foundation. Oracle designates this 8296465Sdelphij * particular file as subject to the "Classpath" exception as provided 968651Skris * by Oracle in the LICENSE file that accompanied this code. 1068651Skris * 1168651Skris * This code is distributed in the hope that it will be useful, but WITHOUT 1268651Skris * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1368651Skris * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1468651Skris * version 2 for more details (a copy is included in the LICENSE file that 15296465Sdelphij * accompanied this code). 1668651Skris * 1768651Skris * You should have received a copy of the GNU General Public License version 1868651Skris * 2 along with this work; if not, write to the Free Software Foundation, 1968651Skris * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2068651Skris * 2168651Skris * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22296465Sdelphij * or visit www.oracle.com if you need additional information or have any 2368651Skris * questions. 2468651Skris */ 2568651Skris 2668651Skris/* 2768651Skris * This file is available under and governed by the GNU General Public 2868651Skris * License version 2 only, as published by the Free Software Foundation. 2968651Skris * However, the following notice accompanied the original version of this 3068651Skris * file, and Oracle licenses the original version of this file under the BSD 3168651Skris * license: 3268651Skris */ 3368651Skris/* 3468651Skris Copyright 2009-2013 Attila Szegedi 3568651Skris 3668651Skris Licensed under both the Apache License, Version 2.0 (the "Apache License") 37296465Sdelphij and the BSD License (the "BSD License"), with licensee being free to 3868651Skris choose either of the two at their discretion. 3968651Skris 40296465Sdelphij You may not use this file except in compliance with either the Apache 4168651Skris License or the BSD License. 4268651Skris 4368651Skris If you choose to use this file in compliance with the Apache License, the 4468651Skris following notice applies to you: 4568651Skris 4668651Skris You may obtain a copy of the Apache License at 4768651Skris 4868651Skris http://www.apache.org/licenses/LICENSE-2.0 4968651Skris 5068651Skris Unless required by applicable law or agreed to in writing, software 5168651Skris distributed under the License is distributed on an "AS IS" BASIS, 52296465Sdelphij WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 5368651Skris implied. See the License for the specific language governing 5468651Skris permissions and limitations under the License. 5568651Skris 5668651Skris If you choose to use this file in compliance with the BSD License, the 5768651Skris following notice applies to you: 5868651Skris 5968651Skris Redistribution and use in source and binary forms, with or without 6068651Skris modification, are permitted provided that the following conditions are 6168651Skris met: 6268651Skris * Redistributions of source code must retain the above copyright 6368651Skris notice, this list of conditions and the following disclaimer. 6468651Skris * Redistributions in binary form must reproduce the above copyright 6568651Skris notice, this list of conditions and the following disclaimer in the 66296465Sdelphij documentation and/or other materials provided with the distribution. 6768651Skris * Neither the name of the copyright holder nor the names of 6868651Skris contributors may be used to endorse or promote products derived from 6968651Skris this software without specific prior written permission. 7068651Skris 7168651Skris THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 7268651Skris IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 7368651Skris TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 7468651Skris PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDER 7568651Skris BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 7668651Skris CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 7768651Skris SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 7868651Skris BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 7968651Skris WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 8068651Skris OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 8168651Skris ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 8268651Skris*/ 8368651Skris 8468651Skrispackage jdk.dynalink.beans; 8568651Skris 8668651Skrisimport java.lang.reflect.Modifier; 8768651Skrisimport java.security.AccessControlContext; 8868651Skrisimport java.security.AccessController; 8968651Skrisimport java.security.PrivilegedAction; 9068651Skrisimport jdk.dynalink.internal.AccessControlContextFactory; 9168651Skris 9268651Skris/** 9368651Skris * A utility class to check whether a given class is in a package with restricted access e.g. "sun.*" etc. 9468651Skris */ 9568651Skrisclass CheckRestrictedPackage { 9668651Skris private static final AccessControlContext NO_PERMISSIONS_CONTEXT = 9768651Skris AccessControlContextFactory.createAccessControlContext(); 9868651Skris 9968651Skris /** 10068651Skris * Returns true if the class is either not public, or it resides in a package with restricted access. 10168651Skris * @param clazz the class to test 10268651Skris * @return true if the class is either not public, or it resides in a package with restricted access. 10368651Skris */ 10468651Skris static boolean isRestrictedClass(final Class<?> clazz) { 10568651Skris if(!Modifier.isPublic(clazz.getModifiers())) { 10668651Skris // Non-public classes are always restricted 10768651Skris return true; 10868651Skris } 10968651Skris final SecurityManager sm = System.getSecurityManager(); 11068651Skris if(sm == null) { 11168651Skris // No further restrictions if we don't have a security manager 11268651Skris return false; 113296465Sdelphij } 11468651Skris final String name = clazz.getName(); 115296465Sdelphij final int i = name.lastIndexOf('.'); 11668651Skris if (i == -1) { 117296465Sdelphij // Classes in default package are never restricted 118296465Sdelphij return false; 119296465Sdelphij } 120296465Sdelphij // Do a package access check from within an access control context with no permissions 121296465Sdelphij try { 122296465Sdelphij AccessController.doPrivileged(new PrivilegedAction<Void>() { 123296465Sdelphij @Override 124296465Sdelphij public Void run() { 125296465Sdelphij sm.checkPackageAccess(name.substring(0, i)); 126296465Sdelphij return null; 127296465Sdelphij } 128296465Sdelphij }, NO_PERMISSIONS_CONTEXT); 129296465Sdelphij } catch(final SecurityException e) { 13068651Skris return true; 131296465Sdelphij } 132296465Sdelphij return false; 133296465Sdelphij } 134296465Sdelphij} 135296465Sdelphij