1/* 2 * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved. 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * This code is free software; you can redistribute it and/or modify it 6 * under the terms of the GNU General Public License version 2 only, as 7 * published by the Free Software Foundation. Oracle designates this 8 * particular file as subject to the "Classpath" exception as provided 9 * by Oracle in the LICENSE file that accompanied this code. 10 * 11 * This code is distributed in the hope that it will be useful, but WITHOUT 12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 14 * version 2 for more details (a copy is included in the LICENSE file that 15 * accompanied this code). 16 * 17 * You should have received a copy of the GNU General Public License version 18 * 2 along with this work; if not, write to the Free Software Foundation, 19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 20 * 21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 22 * or visit www.oracle.com if you need additional information or have any 23 * questions. 24 */ 25 26package java.lang.management; 27 28/** 29 * The permission which the SecurityManager will check when code 30 * that is running with a SecurityManager calls methods defined 31 * in the management interface for the Java platform. 32 * <P> 33 * The following table 34 * provides a summary description of what the permission allows, 35 * and discusses the risks of granting code the permission. 36 * 37 * <table class="striped"> 38 * <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption> 39 * <tr> 40 * <th>Permission Target Name</th> 41 * <th>What the Permission Allows</th> 42 * <th>Risks of Allowing this Permission</th> 43 * </tr> 44 * 45 * <tr> 46 * <td>control</td> 47 * <td>Ability to control the runtime characteristics of the Java virtual 48 * machine, for example, enabling and disabling the verbose output for 49 * the class loading or memory system, setting the threshold of a memory 50 * pool, and enabling and disabling the thread contention monitoring 51 * support. Some actions controlled by this permission can disclose 52 * information about the running application, like the -verbose:class 53 * flag. 54 * </td> 55 * <td>This allows an attacker to control the runtime characteristics 56 * of the Java virtual machine and cause the system to misbehave. An 57 * attacker can also access some information related to the running 58 * application. 59 * </td> 60 * </tr> 61 * <tr> 62 * <td>monitor</td> 63 * <td>Ability to retrieve runtime information about 64 * the Java virtual machine such as thread 65 * stack trace, a list of all loaded class names, and input arguments 66 * to the Java virtual machine.</td> 67 * <td>This allows malicious code to monitor runtime information and 68 * uncover vulnerabilities.</td> 69 * </tr> 70 * 71 * </table> 72 * 73 * <p> 74 * Programmers do not normally create ManagementPermission objects directly. 75 * Instead they are created by the security policy code based on reading 76 * the security policy file. 77 * 78 * @author Mandy Chung 79 * @since 1.5 80 * 81 * @see java.security.BasicPermission 82 * @see java.security.Permission 83 * @see java.security.Permissions 84 * @see java.security.PermissionCollection 85 * @see java.lang.SecurityManager 86 * 87 */ 88 89public final class ManagementPermission extends java.security.BasicPermission { 90 private static final long serialVersionUID = 1897496590799378737L; 91 92 /** 93 * Constructs a ManagementPermission with the specified name. 94 * 95 * @param name Permission name. Must be either "monitor" or "control". 96 * 97 * @throws NullPointerException if <code>name</code> is <code>null</code>. 98 * @throws IllegalArgumentException if <code>name</code> is empty or invalid. 99 */ 100 public ManagementPermission(String name) { 101 super(name); 102 if (!name.equals("control") && !name.equals("monitor")) { 103 throw new IllegalArgumentException("name: " + name); 104 } 105 } 106 107 /** 108 * Constructs a new ManagementPermission object. 109 * 110 * @param name Permission name. Must be either "monitor" or "control". 111 * @param actions Must be either null or the empty string. 112 * 113 * @throws NullPointerException if <code>name</code> is <code>null</code>. 114 * @throws IllegalArgumentException if <code>name</code> is empty or 115 * if arguments are invalid. 116 */ 117 public ManagementPermission(String name, String actions) 118 throws IllegalArgumentException { 119 super(name); 120 if (!name.equals("control") && !name.equals("monitor")) { 121 throw new IllegalArgumentException("name: " + name); 122 } 123 if (actions != null && actions.length() > 0) { 124 throw new IllegalArgumentException("actions: " + actions); 125 } 126 } 127} 128