1/*
2 * Copyright (c) 2003, 2017, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.  Oracle designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Oracle in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22 * or visit www.oracle.com if you need additional information or have any
23 * questions.
24 */
25
26package java.lang.management;
27
28/**
29 * The permission which the SecurityManager will check when code
30 * that is running with a SecurityManager calls methods defined
31 * in the management interface for the Java platform.
32 * <P>
33 * The following table
34 * provides a summary description of what the permission allows,
35 * and discusses the risks of granting code the permission.
36 *
37 * <table class="striped">
38 * <caption style="display:none">Table shows permission target name, what the permission allows, and associated risks</caption>
39 * <tr>
40 * <th>Permission Target Name</th>
41 * <th>What the Permission Allows</th>
42 * <th>Risks of Allowing this Permission</th>
43 * </tr>
44 *
45 * <tr>
46 *   <td>control</td>
47 *   <td>Ability to control the runtime characteristics of the Java virtual
48 *       machine, for example, enabling and disabling the verbose output for
49 *       the class loading or memory system, setting the threshold of a memory
50 *       pool, and enabling and disabling the thread contention monitoring
51 *       support. Some actions controlled by this permission can disclose
52 *       information about the running application, like the -verbose:class
53 *       flag.
54 *   </td>
55 *   <td>This allows an attacker to control the runtime characteristics
56 *       of the Java virtual machine and cause the system to misbehave. An
57 *       attacker can also access some information related to the running
58 *       application.
59 *   </td>
60 * </tr>
61 * <tr>
62 *   <td>monitor</td>
63 *   <td>Ability to retrieve runtime information about
64 *       the Java virtual machine such as thread
65 *       stack trace, a list of all loaded class names, and input arguments
66 *       to the Java virtual machine.</td>
67 *   <td>This allows malicious code to monitor runtime information and
68 *       uncover vulnerabilities.</td>
69 * </tr>
70 *
71 * </table>
72 *
73 * <p>
74 * Programmers do not normally create ManagementPermission objects directly.
75 * Instead they are created by the security policy code based on reading
76 * the security policy file.
77 *
78 * @author  Mandy Chung
79 * @since   1.5
80 *
81 * @see java.security.BasicPermission
82 * @see java.security.Permission
83 * @see java.security.Permissions
84 * @see java.security.PermissionCollection
85 * @see java.lang.SecurityManager
86 *
87 */
88
89public final class ManagementPermission extends java.security.BasicPermission {
90    private static final long serialVersionUID = 1897496590799378737L;
91
92    /**
93     * Constructs a ManagementPermission with the specified name.
94     *
95     * @param name Permission name. Must be either "monitor" or "control".
96     *
97     * @throws NullPointerException if <code>name</code> is <code>null</code>.
98     * @throws IllegalArgumentException if <code>name</code> is empty or invalid.
99     */
100    public ManagementPermission(String name) {
101        super(name);
102        if (!name.equals("control") && !name.equals("monitor")) {
103            throw new IllegalArgumentException("name: " + name);
104        }
105    }
106
107    /**
108     * Constructs a new ManagementPermission object.
109     *
110     * @param name Permission name. Must be either "monitor" or "control".
111     * @param actions Must be either null or the empty string.
112     *
113     * @throws NullPointerException if <code>name</code> is <code>null</code>.
114     * @throws IllegalArgumentException if <code>name</code> is empty or
115     * if arguments are invalid.
116     */
117    public ManagementPermission(String name, String actions)
118        throws IllegalArgumentException {
119        super(name);
120        if (!name.equals("control") && !name.equals("monitor")) {
121            throw new IllegalArgumentException("name: " + name);
122        }
123        if (actions != null && actions.length() > 0) {
124            throw new IllegalArgumentException("actions: " + actions);
125        }
126    }
127}
128