Retire SecurityManager.
This change removes all the code that was calling getSecurityManager, and
removes all use of AccessController.doPrivileged. It also changes the
implementation of AccessController so it doesn't actually do anything; it's
only there for source-level compatibility.
Bug: 2585285
Change-Id: I1f0295a4f12bce0316d8073011d8593fee116f71
diff --git a/luni/src/main/java/java/io/BufferedWriter.java b/luni/src/main/java/java/io/BufferedWriter.java
index 3017065..c0af9bf 100644
--- a/luni/src/main/java/java/io/BufferedWriter.java
+++ b/luni/src/main/java/java/io/BufferedWriter.java
@@ -17,9 +17,7 @@
package java.io;
-import java.security.AccessController;
import java.util.Arrays;
-import org.apache.harmony.luni.util.PriviAction;
import org.apache.harmony.luni.util.SneakyThrow;
/**
@@ -46,8 +44,7 @@
private int pos;
- private final String lineSeparator = AccessController
- .doPrivileged(new PriviAction<String>("line.separator"));
+ private final String lineSeparator = System.getProperty("line.separator");
/**
* Constructs a new {@code BufferedWriter}, providing {@code out} with a buffer
diff --git a/luni/src/main/java/java/io/File.java b/luni/src/main/java/java/io/File.java
index 1e1d625..15bffbf 100644
--- a/luni/src/main/java/java/io/File.java
+++ b/luni/src/main/java/java/io/File.java
@@ -30,12 +30,10 @@
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
-import java.security.AccessController;
import java.util.ArrayList;
import java.util.List;
import java.util.Random;
import org.apache.harmony.luni.util.DeleteOnExit;
-import org.apache.harmony.luni.util.PriviAction;
/**
* An "abstract" representation of a file system entity identified by a
@@ -191,7 +189,7 @@
if (isAbsolute) {
this.path = this.absolutePath = cleanPath;
} else {
- String userDir = AccessController.doPrivileged(new PriviAction<String>("user.dir"));
+ String userDir = System.getProperty("user.dir");
this.absolutePath = cleanPath.isEmpty() ? userDir : join(userDir, cleanPath);
// We want path to be equal to cleanPath, but we'd like to reuse absolutePath's char[].
this.path = absolutePath.substring(absolutePath.length() - cleanPath.length());
@@ -277,22 +275,12 @@
* to actually attempt the operation.
*
* @return {@code true} if this file can be executed, {@code false} otherwise.
- * @throws SecurityException
- * If a security manager exists and
- * SecurityManager.checkExec(java.lang.String) disallows read
- * permission to this file object
- * @see java.lang.SecurityManager#checkExec(String)
- *
* @since 1.6
*/
public boolean canExecute() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkExec(path); // Seems bogus, but this is what the RI does.
- }
return canExecuteImpl(absolutePath);
}
private static native boolean canExecuteImpl(String path);
@@ -301,18 +289,11 @@
* Indicates whether the current context is allowed to read from this file.
*
* @return {@code true} if this file can be read, {@code false} otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies the
- * read request.
*/
public boolean canRead() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return canReadImpl(absolutePath);
}
private static native boolean canReadImpl(String path);
@@ -322,18 +303,11 @@
*
* @return {@code true} if this file can be written, {@code false}
* otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies the
- * write request.
*/
public boolean canWrite() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
return canWriteImpl(absolutePath);
}
private static native boolean canWriteImpl(String path);
@@ -359,19 +333,11 @@
* Callers must check the return value.
*
* @return {@code true} if this file was deleted, {@code false} otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies the
- * request.
- * @see java.lang.SecurityManager#checkDelete
*/
public boolean delete() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkDelete(path);
- }
return deleteImpl(absolutePath);
}
@@ -381,16 +347,8 @@
* Schedules this file to be automatically deleted once the virtual machine
* terminates. This will only happen when the virtual machine terminates
* normally as described by the Java Language Specification section 12.9.
- *
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies the
- * request.
*/
public void deleteOnExit() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkDelete(path);
- }
DeleteOnExit.getInstance().addFile(getAbsoluteName());
}
@@ -416,20 +374,11 @@
* underlying file system.
*
* @return {@code true} if this file exists, {@code false} otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
- * @see #getPath
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
*/
public boolean exists() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return existsImpl(absolutePath);
}
@@ -497,7 +446,6 @@
* @return the new file constructed from this file's canonical path.
* @throws IOException
* if an I/O error occurs.
- * @see java.lang.SecurityManager#checkPropertyAccess
*/
public File getCanonicalFile() throws IOException {
return new File(getCanonicalPath());
@@ -595,18 +543,11 @@
*
* @return {@code true} if this file is a directory, {@code false}
* otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
*/
public boolean isDirectory() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return isDirectoryImpl(absolutePath);
}
@@ -617,18 +558,11 @@
* file system.
*
* @return {@code true} if this file is a file, {@code false} otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
*/
public boolean isFile() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return isFileImpl(absolutePath);
}
@@ -642,18 +576,11 @@
* purpose.
*
* @return {@code true} if the file is hidden, {@code false} otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
*/
public boolean isHidden() {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return getName().startsWith(".");
}
@@ -663,18 +590,11 @@
* Returns 0 if the file does not exist.
*
* @return the time when this file was last modified.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
*/
public long lastModified() {
if (path.isEmpty()) {
return 0;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return lastModifiedImpl(absolutePath);
}
@@ -693,9 +613,6 @@
* otherwise.
* @throws IllegalArgumentException
* if {@code time < 0}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies write
- * access to this file.
*/
public boolean setLastModified(long time) {
if (path.isEmpty()) {
@@ -704,10 +621,6 @@
if (time < 0) {
throw new IllegalArgumentException("time < 0");
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
return setLastModifiedImpl(absolutePath, time);
}
@@ -741,20 +654,12 @@
* pathname the operation will fail. If the underlying file system
* does not support execute permission and the value of executable
* is false, this operation will fail.
- * @throws SecurityException -
- * If a security manager exists and
- * SecurityManager.checkWrite(java.lang.String) disallows write
- * permission to this file object
* @since 1.6
*/
public boolean setExecutable(boolean executable, boolean ownerOnly) {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
return setExecutableImpl(absolutePath, executable, ownerOnly);
}
@@ -785,20 +690,12 @@
* pathname the operation will fail. If the underlying file system
* does not support read permission and the value of readable is
* false, this operation will fail.
- * @throws SecurityException -
- * If a security manager exists and
- * SecurityManager.checkWrite(java.lang.String) disallows write
- * permission to this file object
* @since 1.6
*/
public boolean setReadable(boolean readable, boolean ownerOnly) {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
return setReadableImpl(absolutePath, readable, ownerOnly);
}
@@ -827,20 +724,12 @@
* @return true if and only if the operation succeeded. If the user does not
* have permission to change the access permissions of this abstract
* pathname the operation will fail.
- * @throws SecurityException -
- * If a security manager exists and
- * SecurityManager.checkWrite(java.lang.String) disallows write
- * permission to this file object
* @since 1.6
*/
public boolean setWritable(boolean writable, boolean ownerOnly) {
if (path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
return setWritableImpl(absolutePath, writable, ownerOnly);
}
@@ -861,15 +750,8 @@
* The result for a directory is not defined.
*
* @return the number of bytes in this file.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
*/
public long length() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
return lengthImpl(absolutePath);
}
@@ -884,17 +766,8 @@
* directory are not returned as part of the list.
*
* @return an array of strings with file names or {@code null}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
- * @see #isDirectory
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
*/
public String[] list() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(path);
- }
if (path.isEmpty()) {
return null;
}
@@ -916,12 +789,6 @@
* @param filter
* the filter to match names against, may be {@code null}.
* @return an array of files or {@code null}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
- * @see #getPath
- * @see #isDirectory
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
*/
public String[] list(FilenameFilter filter) {
String[] filenames = list();
@@ -944,11 +811,6 @@
* absolute, they are relative otherwise.
*
* @return an array of files or {@code null}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
- * @see #list
- * @see #isDirectory
*/
public File[] listFiles() {
return filenamesToFiles(list());
@@ -967,13 +829,6 @@
* @param filter
* the filter to match names against, may be {@code null}.
* @return an array of files or {@code null}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
- * @see #list(FilenameFilter filter)
- * @see #getPath
- * @see #isDirectory
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
*/
public File[] listFiles(FilenameFilter filter) {
return filenamesToFiles(list(filter));
@@ -991,12 +846,6 @@
* @param filter
* the filter to match names against, may be {@code null}.
* @return an array of files or {@code null}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies read
- * access to this file.
- * @see #getPath
- * @see #isDirectory
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
*/
public File[] listFiles(FileFilter filter) {
File[] files = listFiles();
@@ -1039,16 +888,9 @@
*
* @return {@code true} if the directory has been created, {@code false}
* otherwise.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies write
- * access for this file.
* @see #mkdirs
*/
public boolean mkdir() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
return mkdirImpl(absolutePath);
}
@@ -1064,9 +906,6 @@
* @return {@code true} if the necessary directories have been created,
* {@code false} if the target directory already exists or one of
* the directories can not be created.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies write
- * access for this file.
* @see #mkdir
*/
public boolean mkdirs() {
@@ -1100,15 +939,8 @@
* @return {@code true} if the file has been created, {@code false} if it
* already exists.
* @throws IOException if it's not possible to create the file.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies write
- * access for this file.
*/
public boolean createNewFile() throws IOException {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- }
if (path.isEmpty()) {
throw new IOException("No such file or directory");
}
@@ -1170,8 +1002,7 @@
}
File tmpDirFile = directory;
if (tmpDirFile == null) {
- String tmpDir = AccessController.doPrivileged(
- new PriviAction<String>("java.io.tmpdir", "."));
+ String tmpDir = System.getProperty("java.io.tmpdir", ".");
tmpDirFile = new File(tmpDir);
}
File result;
@@ -1199,19 +1030,11 @@
*
* @param newPath the new path.
* @return true on success.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies write
- * access for this file or {@code newPath}.
*/
public boolean renameTo(File newPath) {
if (path.isEmpty() || newPath.path.isEmpty()) {
return false;
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkWrite(path);
- security.checkWrite(newPath.path);
- }
return renameToImpl(absolutePath, newPath.absolutePath);
}
@@ -1312,10 +1135,6 @@
* @since 1.6
*/
public long getTotalSpace() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkPermission(new RuntimePermission("getFileSystemAttributes"));
- }
return getTotalSpaceImpl(absolutePath);
}
private static native long getTotalSpaceImpl(String path);
@@ -1334,10 +1153,6 @@
* @since 1.6
*/
public long getUsableSpace() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkPermission(new RuntimePermission("getFileSystemAttributes"));
- }
return getUsableSpaceImpl(absolutePath);
}
private static native long getUsableSpaceImpl(String path);
@@ -1352,10 +1167,6 @@
* @since 1.6
*/
public long getFreeSpace() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkPermission(new RuntimePermission("getFileSystemAttributes"));
- }
return getFreeSpaceImpl(absolutePath);
}
private static native long getFreeSpaceImpl(String path);
diff --git a/luni/src/main/java/java/io/FileInputStream.java b/luni/src/main/java/java/io/FileInputStream.java
index 4ab620b..e639cc9 100644
--- a/luni/src/main/java/java/io/FileInputStream.java
+++ b/luni/src/main/java/java/io/FileInputStream.java
@@ -69,18 +69,11 @@
* the file from which this stream reads.
* @throws FileNotFoundException
* if {@code file} does not exist.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies the
- * read request.
*/
public FileInputStream(File file) throws FileNotFoundException {
if (file == null) {
throw new NullPointerException("file == null");
}
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkRead(file.getPath());
- }
fd = new FileDescriptor();
fd.readOnly = true;
fd.descriptor = Platform.FILE_SYSTEM.open(file.getAbsolutePath(), IFileSystem.O_RDONLY);
@@ -95,18 +88,11 @@
* the FileDescriptor from which this stream reads.
* @throws NullPointerException
* if {@code fd} is {@code null}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies the
- * read request.
*/
public FileInputStream(FileDescriptor fd) {
if (fd == null) {
throw new NullPointerException("fd == null");
}
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkRead(fd);
- }
this.fd = fd;
this.shouldCloseFd = false;
// Note that we do not call guard.open here because the
diff --git a/luni/src/main/java/java/io/FileOutputStream.java b/luni/src/main/java/java/io/FileOutputStream.java
index 0c73d0b..fd91b53 100644
--- a/luni/src/main/java/java/io/FileOutputStream.java
+++ b/luni/src/main/java/java/io/FileOutputStream.java
@@ -69,9 +69,6 @@
*
* @param file the file to which this stream writes.
* @throws FileNotFoundException if file cannot be opened for writing.
- * @throws SecurityException if a {@code SecurityManager} is installed and
- * it denies the write request.
- * @see java.lang.SecurityManager#checkWrite(FileDescriptor)
*/
public FileOutputStream(File file) throws FileNotFoundException {
this(file, false);
@@ -85,17 +82,8 @@
* @param file the file to which this stream writes.
* @param append true to append to an existing file.
* @throws FileNotFoundException if the file cannot be opened for writing.
- * @throws SecurityException if a {@code SecurityManager} is installed and
- * it denies the write request.
- * @see java.lang.SecurityManager#checkWrite(FileDescriptor)
- * @see java.lang.SecurityManager#checkWrite(String)
*/
- public FileOutputStream(File file, boolean append)
- throws FileNotFoundException {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkWrite(file.getPath());
- }
+ public FileOutputStream(File file, boolean append) throws FileNotFoundException {
this.fd = new FileDescriptor();
this.mode = append ? IFileSystem.O_APPEND : IFileSystem.O_WRONLY;
this.fd.descriptor = Platform.FILE_SYSTEM.open(file.getAbsolutePath(), mode);
@@ -108,18 +96,11 @@
*
* @param fd the FileDescriptor to which this stream writes.
* @throws NullPointerException if {@code fd} is null.
- * @throws SecurityException if a {@code SecurityManager} is installed and
- * it denies the write request.
- * @see java.lang.SecurityManager#checkWrite(FileDescriptor)
*/
public FileOutputStream(FileDescriptor fd) {
if (fd == null) {
throw new NullPointerException();
}
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkWrite(fd);
- }
this.fd = fd;
this.shouldCloseFd = false;
this.channel = NioUtils.newFileChannel(this, fd.descriptor, IFileSystem.O_WRONLY);
diff --git a/luni/src/main/java/java/io/FilePermission.java b/luni/src/main/java/java/io/FilePermission.java
index 8216086..193b05e 100644
--- a/luni/src/main/java/java/io/FilePermission.java
+++ b/luni/src/main/java/java/io/FilePermission.java
@@ -17,7 +17,6 @@
package java.io;
-import java.security.AccessController;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.PrivilegedAction;
@@ -102,16 +101,11 @@
if (path.equals("<<ALL FILES>>")) {
includeAll = true;
} else {
- canonPath = AccessController
- .doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- try {
- return new File(path).getCanonicalPath();
- } catch (IOException e) {
- return path;
- }
- }
- });
+ canonPath = path;
+ try {
+ canonPath = new File(path).getCanonicalPath();
+ } catch (IOException e) {
+ }
if (path.equals("*") || path.endsWith(File.separator + "*")) {
allDir = true;
}
diff --git a/luni/src/main/java/java/io/ObjectInputStream.java b/luni/src/main/java/java/io/ObjectInputStream.java
index d20e233..e6f7a39 100644
--- a/luni/src/main/java/java/io/ObjectInputStream.java
+++ b/luni/src/main/java/java/io/ObjectInputStream.java
@@ -31,7 +31,6 @@
import java.lang.reflect.Method;
import java.lang.reflect.Modifier;
import java.lang.reflect.Proxy;
-import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
@@ -39,7 +38,6 @@
import java.util.Iterator;
import java.util.List;
import libcore.base.EmptyArray;
-import org.apache.harmony.luni.util.PriviAction;
/**
* A specialized {@link InputStream} that is able to read (deserialize) Java
@@ -354,17 +352,9 @@
*
* @throws IOException
* if an error occurs when creating this stream.
- * @throws SecurityException
- * if a security manager is installed and it denies subclassing
- * this class.
- * @see SecurityManager#checkPermission(java.security.Permission)
*/
protected ObjectInputStream() throws IOException, SecurityException {
super();
- SecurityManager currentManager = System.getSecurityManager();
- if (currentManager != null) {
- currentManager.checkPermission(SUBCLASS_IMPLEMENTATION_PERMISSION);
- }
// WARNING - we should throw IOException if not called from a subclass
// according to the JavaDoc. Add the test.
this.subclassOverridingImplementation = true;
@@ -381,45 +371,12 @@
* @throws StreamCorruptedException
* if the source stream does not contain serialized objects that
* can be read.
- * @throws SecurityException
- * if a security manager is installed and it denies subclassing
- * this class.
*/
- public ObjectInputStream(InputStream input)
- throws StreamCorruptedException, IOException {
+ public ObjectInputStream(InputStream input) throws StreamCorruptedException, IOException {
final Class<?> implementationClass = getClass();
final Class<?> thisClass = ObjectInputStream.class;
- SecurityManager sm = System.getSecurityManager();
- if (sm != null && implementationClass != thisClass) {
- boolean mustCheck = AccessController
- .doPrivileged(new PrivilegedAction<Boolean>() {
- public Boolean run() {
- try {
- Method method = implementationClass.getMethod("readFields",
- EmptyArray.CLASS);
- if (method.getDeclaringClass() != thisClass) {
- return Boolean.TRUE;
- }
- } catch (NoSuchMethodException ignored) {
- }
- try {
- Method method = implementationClass.getMethod("readUnshared",
- EmptyArray.CLASS);
- if (method.getDeclaringClass() != thisClass) {
- return Boolean.TRUE;
- }
- } catch (NoSuchMethodException ignored) {
- }
- return Boolean.FALSE;
- }
- });
- if (mustCheck) {
- sm
- .checkPermission(ObjectStreamConstants.SUBCLASS_IMPLEMENTATION_PERMISSION);
- }
- }
- this.input = (input instanceof DataInputStream) ? (DataInputStream) input
- : new DataInputStream(input);
+ this.input = (input instanceof DataInputStream)
+ ? (DataInputStream) input : new DataInputStream(input);
primitiveTypes = new DataInputStream(this);
enableResolve = false;
this.subclassOverridingImplementation = false;
@@ -527,22 +484,10 @@
* {@code true} to enable object replacement; {@code false} to
* disable it.
* @return the previous setting.
- * @throws SecurityException
- * if a security manager is installed and it denies enabling
- * object replacement for this stream.
* @see #resolveObject
* @see ObjectOutputStream#enableReplaceObject
*/
- protected boolean enableResolveObject(boolean enable)
- throws SecurityException {
- if (enable) {
- // The Stream has to be trusted for this feature to be enabled.
- // trusted means the stream's class loader has to be null
- SecurityManager currentManager = System.getSecurityManager();
- if (currentManager != null) {
- currentManager.checkPermission(SUBSTITUTION_PERMISSION);
- }
- }
+ protected boolean enableResolveObject(boolean enable) throws SecurityException {
boolean originalValue = enableResolve;
enableResolve = enable;
return originalValue;
@@ -1434,8 +1379,7 @@
try {
if (readMethod != null) {
// We have to be able to fetch its value, even if it is private
- AccessController.doPrivileged(new PriviAction<Object>(
- readMethod));
+ readMethod.setAccessible(true);
try {
readMethod.invoke(object, this);
} catch (InvocationTargetException e) {
diff --git a/luni/src/main/java/java/io/ObjectOutputStream.java b/luni/src/main/java/java/io/ObjectOutputStream.java
index d72dee4..452fbe9 100644
--- a/luni/src/main/java/java/io/ObjectOutputStream.java
+++ b/luni/src/main/java/java/io/ObjectOutputStream.java
@@ -249,17 +249,9 @@
*
* @throws IOException
* if an error occurs when creating this stream.
- * @throws SecurityException
- * if a security manager is installed and it denies subclassing
- * this class.
- * @see SecurityManager#checkPermission(java.security.Permission)
*/
protected ObjectOutputStream() throws IOException, SecurityException {
super();
- SecurityManager currentManager = System.getSecurityManager();
- if (currentManager != null) {
- currentManager.checkPermission(SUBCLASS_IMPLEMENTATION_PERMISSION);
- }
/*
* WARNING - we should throw IOException if not called from a subclass
* according to the JavaDoc. Add the test.
@@ -277,36 +269,10 @@
* @throws IOException
* if an error occurs while writing the object stream
* header
- * @throws SecurityException
- * if a security manager is installed and it denies subclassing
- * this class.
*/
public ObjectOutputStream(OutputStream output) throws IOException {
Class<?> implementationClass = getClass();
Class<?> thisClass = ObjectOutputStream.class;
- if (implementationClass != thisClass) {
- boolean mustCheck = false;
- try {
- Method method = implementationClass.getMethod("putFields", EmptyArray.CLASS);
- mustCheck = method.getDeclaringClass() != thisClass;
- } catch (NoSuchMethodException e) {
- }
- if (!mustCheck) {
- try {
- Method method = implementationClass.getMethod("writeUnshared",
- WRITE_UNSHARED_PARAM_TYPES);
- mustCheck = method.getDeclaringClass() != thisClass;
- } catch (NoSuchMethodException e) {
- }
- }
- if (mustCheck) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm
- .checkPermission(ObjectStreamConstants.SUBCLASS_IMPLEMENTATION_PERMISSION);
- }
- }
- }
this.output = (output instanceof DataOutputStream) ? (DataOutputStream) output
: new DataOutputStream(output);
this.enableReplace = false;
@@ -482,22 +448,10 @@
* {@code true} to enable object replacement; {@code false} to
* disable it.
* @return the previous setting.
- * @throws SecurityException
- * if a security manager is installed and it denies enabling
- * object replacement for this stream.
* @see #replaceObject
* @see ObjectInputStream#enableResolveObject
*/
- protected boolean enableReplaceObject(boolean enable)
- throws SecurityException {
- if (enable) {
- // The Stream has to be trusted for this feature to be enabled.
- // trusted means the stream's classloader has to be null
- SecurityManager currentManager = System.getSecurityManager();
- if (currentManager != null) {
- currentManager.checkPermission(SUBSTITUTION_PERMISSION);
- }
- }
+ protected boolean enableReplaceObject(boolean enable) throws SecurityException {
boolean originalValue = enableReplace;
enableReplace = enable;
return originalValue;
diff --git a/luni/src/main/java/java/io/ObjectStreamClass.java b/luni/src/main/java/java/io/ObjectStreamClass.java
index 9e6b86a..3868100 100644
--- a/luni/src/main/java/java/io/ObjectStreamClass.java
+++ b/luni/src/main/java/java/io/ObjectStreamClass.java
@@ -24,7 +24,6 @@
import java.lang.reflect.Modifier;
import java.lang.reflect.Proxy;
import java.nio.ByteOrder;
-import java.security.AccessController;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
@@ -35,7 +34,6 @@
import java.util.WeakHashMap;
import libcore.base.EmptyArray;
import org.apache.harmony.luni.platform.OSMemory;
-import org.apache.harmony.luni.util.PriviAction;
/**
* Represents a descriptor for identifying a class during serialization and
@@ -333,7 +331,7 @@
if (!useReflectFields) {
// The user declared a collection of emulated fields. Use them.
// We have to be able to fetch its value, even if it is private
- AccessController.doPrivileged(new PriviAction<Object>(f));
+ f.setAccessible(true);
try {
// static field, pass null
_fields = (ObjectStreamField[]) f.get(null);
@@ -404,8 +402,7 @@
* visibility. That is why we set accessible first (new
* API in reflect 1.2)
*/
- AccessController.doPrivileged(new PriviAction<Object>(
- field));
+ field.setAccessible(true);
try {
// Static field, parameter is ignored
return field.getLong(null);
diff --git a/luni/src/main/java/java/io/PrintStream.java b/luni/src/main/java/java/io/PrintStream.java
index 42e6750..5adf3ef 100644
--- a/luni/src/main/java/java/io/PrintStream.java
+++ b/luni/src/main/java/java/io/PrintStream.java
@@ -19,12 +19,10 @@
import java.nio.charset.Charset;
import java.nio.charset.IllegalCharsetNameException;
-import java.security.AccessController;
import java.util.Arrays;
import java.util.Formatter;
import java.util.IllegalFormatException;
import java.util.Locale;
-import org.apache.harmony.luni.util.PriviAction;
/**
* Wraps an existing {@link OutputStream} and provides convenience methods for
@@ -48,8 +46,7 @@
private String encoding;
- private final String lineSeparator = AccessController
- .doPrivileged(new PriviAction<String>("line.separator"));
+ private final String lineSeparator = System.getProperty("line.separator");
// private Formatter formatter;
@@ -136,9 +133,6 @@
* removed, otherwise a new file is created.
* @throws FileNotFoundException
* if an error occurs while opening or creating the target file.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
*/
public PrintStream(File file) throws FileNotFoundException {
super(new FileOutputStream(file));
@@ -157,9 +151,6 @@
* if an error occurs while opening or creating the target file.
* @throws NullPointerException
* if {@code csn} is {@code null}.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
* @throws UnsupportedEncodingException
* if the encoding specified by {@code csn} is not supported.
*/
@@ -185,9 +176,6 @@
* contents are removed, otherwise a new file is created.
* @throws FileNotFoundException
* if an error occurs while opening or creating the target file.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
*/
public PrintStream(String fileName) throws FileNotFoundException {
this(new File(fileName));
@@ -207,9 +195,6 @@
* if an error occurs while opening or creating the target file.
* @throws NullPointerException
* if {@code csn} is {@code null}.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
* @throws UnsupportedEncodingException
* if the encoding specified by {@code csn} is not supported.
*/
diff --git a/luni/src/main/java/java/io/PrintWriter.java b/luni/src/main/java/java/io/PrintWriter.java
index 3bc14b8..bd0fd20 100644
--- a/luni/src/main/java/java/io/PrintWriter.java
+++ b/luni/src/main/java/java/io/PrintWriter.java
@@ -17,11 +17,9 @@
package java.io;
-import java.security.AccessController;
import java.util.Formatter;
import java.util.IllegalFormatException;
import java.util.Locale;
-import org.apache.harmony.luni.util.PriviAction;
/**
* Wraps either an existing {@link OutputStream} or an existing {@link Writer}
@@ -47,8 +45,7 @@
*/
private boolean autoflush;
- private final String lineSeparator = AccessController
- .doPrivileged(new PriviAction<String>("line.separator"));
+ private final String lineSeparator = System.getProperty("line.separator");
/**
* Constructs a new {@code PrintWriter} with {@code out} as its target
@@ -127,9 +124,6 @@
* removed, otherwise a new file is created.
* @throws FileNotFoundException
* if an error occurs while opening or creating the target file.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
*/
public PrintWriter(File file) throws FileNotFoundException {
this(new OutputStreamWriter(new BufferedOutputStream(new FileOutputStream(file))), false);
@@ -150,9 +144,6 @@
* if an error occurs while opening or creating the target file.
* @throws NullPointerException
* if {@code csn} is {@code null}.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
* @throws UnsupportedEncodingException
* if the encoding specified by {@code csn} is not supported.
*/
@@ -174,9 +165,6 @@
* contents are removed, otherwise a new file is created.
* @throws FileNotFoundException
* if an error occurs while opening or creating the target file.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
*/
public PrintWriter(String fileName) throws FileNotFoundException {
this(new OutputStreamWriter(new BufferedOutputStream(new FileOutputStream(fileName))),
@@ -199,9 +187,6 @@
* if an error occurs while opening or creating the target file.
* @throws NullPointerException
* if {@code csn} is {@code null}.
- * @throws SecurityException
- * if a security manager exists and it denies writing to the
- * target file.
* @throws UnsupportedEncodingException
* if the encoding specified by {@code csn} is not supported.
*/
diff --git a/luni/src/main/java/java/io/RandomAccessFile.java b/luni/src/main/java/java/io/RandomAccessFile.java
index b4a92a8..7aaf5df 100644
--- a/luni/src/main/java/java/io/RandomAccessFile.java
+++ b/luni/src/main/java/java/io/RandomAccessFile.java
@@ -96,11 +96,6 @@
* @throws IllegalArgumentException
* if {@code mode} is not {@code "r"}, {@code "rw"}, {@code
* "rws"} or {@code "rwd"}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies
- * access request according to {@code mode}.
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
- * @see java.lang.SecurityManager#checkWrite(FileDescriptor)
*/
public RandomAccessFile(File file, String mode) throws FileNotFoundException {
int options;
@@ -124,14 +119,6 @@
}
this.mode = options;
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(file.getPath());
- if (!mode.equals("r")) {
- security.checkWrite(file.getPath());
- }
- }
-
fd.descriptor = Platform.FILE_SYSTEM.open(file.getAbsolutePath(), this.mode);
// if we are in "rws" mode, attempt to sync file+metadata
@@ -162,11 +149,6 @@
* @throws IllegalArgumentException
* if {@code mode} is not {@code "r"}, {@code "rw"}, {@code
* "rws"} or {@code "rwd"}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and it denies
- * access request according to {@code mode}.
- * @see java.lang.SecurityManager#checkRead(FileDescriptor)
- * @see java.lang.SecurityManager#checkWrite(FileDescriptor)
*/
public RandomAccessFile(String fileName, String mode) throws FileNotFoundException {
this(new File(fileName), mode);
diff --git a/luni/src/main/java/java/lang/Class.java b/luni/src/main/java/java/lang/Class.java
index 8ade55d..9dfba85 100644
--- a/luni/src/main/java/java/lang/Class.java
+++ b/luni/src/main/java/java/lang/Class.java
@@ -213,14 +213,6 @@
ClassLoader classLoader) throws ClassNotFoundException {
if (classLoader == null) {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- ClassLoader calling = VMStack.getCallingClassLoader();
- if (calling != null) {
- smgr.checkPermission(new RuntimePermission("getClassLoader"));
- }
- }
-
classLoader = ClassLoader.getSystemClassLoader();
}
// Catch an Exception thrown by the underlying native code. It wraps
@@ -264,12 +256,8 @@
* of length 0 is returned.
*
* @return the public class members of the class represented by this object.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
*/
public Class<?>[] getClasses() {
- checkPublicMemberAccess();
return getFullListOfClasses(true);
}
@@ -384,37 +372,24 @@
* representation of the bootstrap class loader.
*
* @return the class loader for the represented class.
- * @throws SecurityException
- * if a security manager exists and it does not allow accessing
- * the class loader.
* @see ClassLoader
*/
public ClassLoader getClassLoader() {
- SecurityManager smgr = System.getSecurityManager();
- ClassLoader loader = getClassLoaderImpl();
- if (smgr != null && loader != null) {
- ClassLoader calling = VMStack.getCallingClassLoader();
-
- if (calling != null && !calling.isAncestorOf(loader)) {
- smgr.checkPermission(new RuntimePermission("getClassLoader"));
- }
- }
-
if (this.isPrimitive()) {
return null;
}
+ ClassLoader loader = getClassLoaderImpl();
if (loader == null) {
loader = BootClassLoader.getInstance();
}
-
return loader;
}
/**
* This must be provided by the VM vendor, as it is used by other provided
* class implementations in this package. Outside of this class, it is used
- * by SecurityManager.checkMemberAccess(), classLoaderDepth(),
+ * by SecurityManager.classLoaderDepth(),
* currentClassLoader() and currentLoadedClass(). Return the ClassLoader for
* this Class without doing any security checks. The bootstrap ClassLoader
* is returned, unlike getClassLoader() which returns null in place of the
@@ -456,15 +431,10 @@
* @return the constructor described by {@code parameterTypes}.
* @throws NoSuchMethodException
* if the constructor can not be found.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getDeclaredConstructor(Class...)
*/
@SuppressWarnings("unchecked")
- public Constructor<T> getConstructor(Class<?>... parameterTypes) throws NoSuchMethodException,
- SecurityException {
- checkPublicMemberAccess();
+ public Constructor<T> getConstructor(Class<?>... parameterTypes) throws NoSuchMethodException, SecurityException {
return getMatchingConstructor(getDeclaredConstructors(this, true), parameterTypes);
}
@@ -476,13 +446,9 @@
*
* @return an array with the public constructors of the class represented by
* this {@code Class}.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getDeclaredConstructors()
*/
public Constructor<?>[] getConstructors() throws SecurityException {
- checkPublicMemberAccess();
return getDeclaredConstructors(this, true);
}
@@ -507,12 +473,8 @@
*
* @return an array with {@code Class} objects for all the classes and
* interfaces that are used in member declarations.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
*/
public Class<?>[] getDeclaredClasses() throws SecurityException {
- checkDeclaredMemberAccess();
return getDeclaredClasses(this, false);
}
@@ -563,15 +525,11 @@
* @return the constructor described by {@code parameterTypes}.
* @throws NoSuchMethodException
* if the requested constructor can not be found.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getConstructor(Class...)
*/
@SuppressWarnings("unchecked")
public Constructor<T> getDeclaredConstructor(Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException {
- checkDeclaredMemberAccess();
return getMatchingConstructor(getDeclaredConstructors(this, false), parameterTypes);
}
@@ -583,14 +541,9 @@
*
* @return an array with the constructors declared in the class represented
* by this {@code Class}.
- *
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getConstructors()
*/
public Constructor<?>[] getDeclaredConstructors() throws SecurityException {
- checkDeclaredMemberAccess();
return getDeclaredConstructors(this, false);
}
@@ -649,14 +602,9 @@
* @return the requested field in the class represented by this class.
* @throws NoSuchFieldException
* if the requested field can not be found.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getField(String)
*/
public Field getDeclaredField(String name) throws NoSuchFieldException, SecurityException {
- checkDeclaredMemberAccess();
-
Field[] fields = getClassCache().getDeclaredFields();
Field field = findFieldByName(fields, name);
@@ -675,14 +623,9 @@
*
* @return an array with the fields declared in the class represented by
* this class.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getFields()
*/
public Field[] getDeclaredFields() throws SecurityException {
- checkDeclaredMemberAccess();
-
// Return a copy of the private (to the package) array.
Field[] fields = getClassCache().getDeclaredFields();
return ClassCache.deepCopy(fields);
@@ -713,15 +656,10 @@
* if the requested constructor can not be found.
* @throws NullPointerException
* if {@code name} is {@code null}.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getMethod(String, Class...)
*/
public Method getDeclaredMethod(String name, Class<?>... parameterTypes)
throws NoSuchMethodException, SecurityException {
- checkDeclaredMemberAccess();
-
Method[] methods = getClassCache().getDeclaredMethods();
Method method = findMethodByName(methods, name, parameterTypes);
@@ -740,14 +678,9 @@
*
* @return an array with the methods declared in the class represented by
* this {@code Class}.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getMethods()
*/
public Method[] getDeclaredMethods() throws SecurityException {
- checkDeclaredMemberAccess();
-
// Return a copy of the private (to the package) array.
Method[] methods = getClassCache().getDeclaredMethods();
return ClassCache.deepCopy(methods);
@@ -826,7 +759,6 @@
@SuppressWarnings("unchecked")
public T[] getEnumConstants() {
if (isEnum()) {
- checkPublicMemberAccess();
T[] values = getClassCache().getEnumValuesInOrder();
// Copy the private (to the package) array.
@@ -847,14 +779,9 @@
* @return the public field specified by {@code name}.
* @throws NoSuchFieldException
* if the field can not be found.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getDeclaredField(String)
*/
public Field getField(String name) throws NoSuchFieldException, SecurityException {
- checkPublicMemberAccess();
-
Field[] fields = getClassCache().getAllPublicFields();
Field field = findFieldByName(fields, name);
@@ -897,14 +824,9 @@
*
* @return an array with the public fields of the class represented by this
* {@code Class}.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getDeclaredFields()
*/
public Field[] getFields() throws SecurityException {
- checkPublicMemberAccess();
-
// Return a copy of the private (to the package) array.
Field[] fields = getClassCache().getAllPublicFields();
return ClassCache.deepCopy(fields);
@@ -964,15 +886,10 @@
* @return the public field specified by {@code name}.
* @throws NoSuchMethodException
* if the method can not be found.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getDeclaredMethod(String, Class...)
*/
public Method getMethod(String name, Class<?>... parameterTypes) throws NoSuchMethodException,
SecurityException {
- checkPublicMemberAccess();
-
Method[] methods = getClassCache().getMethods();
Method method = findMethodByName(methods, name, parameterTypes);
@@ -995,65 +912,15 @@
*
* @return an array with the methods of the class represented by this
* {@code Class}.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
* @see #getDeclaredMethods()
*/
public Method[] getMethods() throws SecurityException {
- checkPublicMemberAccess();
-
// Return a copy of the private (to the package) array.
Method[] methods = getClassCache().getMethods();
return ClassCache.deepCopy(methods);
}
/**
- * Performs the security checks regarding the access of a public
- * member of this {@code Class}.
- *
- * <p><b>Note:</b> Because of the {@code getCallingClassLoader2()}
- * check, this method must be called exactly one level deep into a
- * public method on this instance.</p>
- */
- /*package*/ void checkPublicMemberAccess() {
- SecurityManager smgr = System.getSecurityManager();
-
- if (smgr != null) {
- smgr.checkMemberAccess(this, Member.PUBLIC);
-
- ClassLoader calling = VMStack.getCallingClassLoader2();
- ClassLoader current = getClassLoader();
-
- if (calling != null && !calling.isAncestorOf(current)) {
- smgr.checkPackageAccess(this.getPackage().getName());
- }
- }
- }
-
- /**
- * Performs the security checks regarding the access of a declared
- * member of this {@code Class}.
- *
- * <p><b>Note:</b> Because of the {@code getCallingClassLoader2()}
- * check, this method must be called exactly one level deep into a
- * public method on this instance.</p>
- */
- private void checkDeclaredMemberAccess() {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkMemberAccess(this, Member.DECLARED);
-
- ClassLoader calling = VMStack.getCallingClassLoader2();
- ClassLoader current = getClassLoader();
-
- if (calling != null && !calling.isAncestorOf(current)) {
- smgr.checkPackageAccess(this.getPackage().getName());
- }
- }
- }
-
- /**
* Returns an integer that represents the modifiers of the class represented
* by this {@code Class}. The returned value is a combination of bits
* defined by constants in the {@link Modifier} class.
@@ -1139,17 +1006,8 @@
*
* @return the {@code ProtectionDomain} of the class represented by this
* class.
- * @throws SecurityException
- * if a security manager exists and it does not allow member
- * access.
*/
public ProtectionDomain getProtectionDomain() {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- // Security check is independent of calling class loader.
- smgr.checkPermission(new RuntimePermission("getProtectionDomain"));
- }
-
return pd;
}
@@ -1415,17 +1273,12 @@
* if the default constructor is not visible.
* @throws InstantiationException
* if the instance can not be created.
- * @throws SecurityException
- * if a security manager exists and it does not allow creating
- * new instances.
*/
public T newInstance() throws InstantiationException, IllegalAccessException {
- checkPublicMemberAccess();
return newInstanceImpl();
}
- private native T newInstanceImpl() throws IllegalAccessException,
- InstantiationException;
+ private native T newInstanceImpl() throws IllegalAccessException, InstantiationException;
@Override
public String toString() {
@@ -1521,8 +1374,7 @@
* @param ao non-null; the object to modify
* @param flag the new value for the accessible flag
*/
- /*package*/ static native void setAccessibleNoCheck(AccessibleObject ao,
- boolean flag);
+ /*package*/ static native void setAccessibleNoCheck(AccessibleObject ao, boolean flag);
/**
* Copies two arrays into one. Assumes that the destination array is large
@@ -1539,41 +1391,8 @@
return result;
}
- /**
- * This must be provided by the vm vendor, as it is used by other provided
- * class implementations in this package. This method is used by
- * SecurityManager.classDepth(), and getClassContext() which use the
- * parameters (-1, false) and SecurityManager.classLoaderDepth(),
- * currentClassLoader(), and currentLoadedClass() which use the parameters
- * (-1, true). Walk the stack and answer an array containing the maxDepth
- * most recent classes on the stack of the calling thread. Starting with the
- * caller of the caller of getStackClasses(), return an array of not more
- * than maxDepth Classes representing the classes of running methods on the
- * stack (including native methods). Frames representing the VM
- * implementation of java.lang.reflect are not included in the list. If
- * stopAtPrivileged is true, the walk will terminate at any frame running
- * one of the following methods: <code><ul>
- * <li>java/security/AccessController.doPrivileged(Ljava/security/PrivilegedAction;)Ljava/lang/Object;</li>
- * <li>java/security/AccessController.doPrivileged(Ljava/security/PrivilegedExceptionAction;)Ljava/lang/Object;</li>
- * <li>java/security/AccessController.doPrivileged(Ljava/security/PrivilegedAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;</li>
- * <li>java/security/AccessController.doPrivileged(Ljava/security/PrivilegedExceptionAction;Ljava/security/AccessControlContext;)Ljava/lang/Object;</li>
- * </ul></code> If one of the doPrivileged methods is found, the walk terminate
- * and that frame is NOT included in the returned array. Notes:
- * <ul>
- * <li>This method operates on the defining classes of methods on stack.
- * NOT the classes of receivers.</li>
- * <li>The item at index zero in the result array describes the caller of
- * the caller of this method.</li>
- * </ul>
- *
- * @param maxDepth
- * maximum depth to walk the stack, -1 for the entire stack
- * @param stopAtPrivileged
- * stop at privileged classes
- * @return the array of the most recent classes on the stack
- */
+ // TODO: kill this.
static Class<?>[] getStackClasses(int maxDepth, boolean stopAtPrivileged) {
return VMStack.getClasses(maxDepth, stopAtPrivileged);
}
-
}
diff --git a/luni/src/main/java/java/lang/ClassLoader.java b/luni/src/main/java/java/lang/ClassLoader.java
index 43990cc..5287837 100644
--- a/luni/src/main/java/java/lang/ClassLoader.java
+++ b/luni/src/main/java/java/lang/ClassLoader.java
@@ -122,27 +122,9 @@
/**
* Returns the system class loader. This is the parent for new
* {@code ClassLoader} instances and is typically the class loader used to
- * start the application. If a security manager is present and the caller's
- * class loader is neither {@code null} nor the same as or an ancestor of
- * the system class loader, then this method calls the security manager's
- * checkPermission method with a RuntimePermission("getClassLoader")
- * permission to ensure that it is ok to access the system class loader. If
- * not, a {@code SecurityException} is thrown.
- *
- * @return the system class loader.
- * @throws SecurityException
- * if a security manager exists and it does not allow access to
- * the system class loader.
+ * start the application.
*/
public static ClassLoader getSystemClassLoader() {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- ClassLoader caller = VMStack.getCallingClassLoader();
- if (caller != null && !caller.isAncestorOf(SystemClassLoader.loader)) {
- smgr.checkPermission(new RuntimePermission("getClassLoader"));
- }
- }
-
return SystemClassLoader.loader;
}
@@ -194,10 +176,6 @@
/**
* Constructs a new instance of this class with the system class loader as
* its parent.
- *
- * @throws SecurityException
- * if a security manager exists and it does not allow the
- * creation of a new {@code ClassLoader}.
*/
protected ClassLoader() {
this(getSystemClassLoader(), false);
@@ -210,9 +188,6 @@
* @param parentLoader
* The {@code ClassLoader} to use as the new class loader's
* parent.
- * @throws SecurityException
- * if a security manager exists and it does not allow the
- * creation of new a new {@code ClassLoader}.
*/
protected ClassLoader(ClassLoader parentLoader) {
this(parentLoader, false);
@@ -222,16 +197,9 @@
* constructor for the BootClassLoader which needs parent to be null.
*/
ClassLoader(ClassLoader parentLoader, boolean nullAllowed) {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkCreateClassLoader();
- }
-
if (parentLoader == null && !nullAllowed) {
- throw new NullPointerException(
- "Parent ClassLoader may not be null");
+ throw new NullPointerException("Parent ClassLoader may not be null");
}
-
parent = parentLoader;
}
@@ -408,16 +376,8 @@
* Returns this class loader's parent.
*
* @return this class loader's parent or {@code null}.
- * @throws SecurityException
- * if a security manager exists and it does not allow to
- * retrieve the parent class loader.
*/
public final ClassLoader getParent() {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkPermission(new RuntimePermission("getClassLoader"));
- }
-
return parent;
}
@@ -828,8 +788,6 @@
* the classloader in which to load the library
* @throws UnsatisfiedLinkError
* if the library could not be loaded
- * @throws SecurityException
- * if the library was not allowed to be loaded
* <p>
* <strong>Note: </strong>This method does nothing in the Android reference
* implementation.
diff --git a/luni/src/main/java/java/lang/Enum.java b/luni/src/main/java/java/lang/Enum.java
index 88c4d73..42154cf 100644
--- a/luni/src/main/java/java/lang/Enum.java
+++ b/luni/src/main/java/java/lang/Enum.java
@@ -18,8 +18,6 @@
import java.io.Serializable;
import java.lang.reflect.Method;
-import java.security.AccessController;
-import java.security.PrivilegedExceptionAction;
/**
* The superclass of all enumerated types. Actual enumeration types inherit from
@@ -166,8 +164,6 @@
throw new NullPointerException("enumType == null || name == null");
}
- enumType.checkPublicMemberAccess();
-
T result = enumType.getClassCache().getEnumValue(name);
if (result == null) {
if (!enumType.isEnum()) {
diff --git a/luni/src/main/java/java/lang/ProcessBuilder.java b/luni/src/main/java/java/lang/ProcessBuilder.java
index d63af8b..7b8c0c4 100644
--- a/luni/src/main/java/java/lang/ProcessBuilder.java
+++ b/luni/src/main/java/java/lang/ProcessBuilder.java
@@ -182,14 +182,11 @@
* if any of the elements of {@link #command()} is {@code null}.
* @throws IndexOutOfBoundsException
* if {@link #command()} is empty.
- * @throws SecurityException
- * if {@link SecurityManager#checkExec(String)} doesn't allow
- * process creation.
* @throws IOException
* if an I/O error happens.
*/
public Process start() throws IOException {
- // BEGIN android-changed: push responsibility for argument checking into ProcessManager
+ // We push responsibility for argument checking into ProcessManager.
String[] cmdArray = command.toArray(new String[command.size()]);
String[] envArray = new String[environment.size()];
int i = 0;
@@ -197,7 +194,5 @@
envArray[i++] = entry.getKey() + "=" + entry.getValue();
}
return ProcessManager.getInstance().exec(cmdArray, envArray, directory, redirectErrorStream);
- // END android-changed
}
-
}
diff --git a/luni/src/main/java/java/lang/ProcessManager.java b/luni/src/main/java/java/lang/ProcessManager.java
index 5d8c059..52f1038 100644
--- a/luni/src/main/java/java/lang/ProcessManager.java
+++ b/luni/src/main/java/java/lang/ProcessManager.java
@@ -186,10 +186,7 @@
// Handle security and safety by copying mutable inputs and checking them.
String[] command = taintedCommand.clone();
String[] environment = taintedEnvironment != null ? taintedEnvironment.clone() : null;
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkExec(command[0]);
- }
+
// Check we're not passing null Strings to the native exec.
for (String arg : command) {
if (arg == null) {
diff --git a/luni/src/main/java/java/lang/Runtime.java b/luni/src/main/java/java/lang/Runtime.java
index 7a98c45..5729d75 100644
--- a/luni/src/main/java/java/lang/Runtime.java
+++ b/luni/src/main/java/java/lang/Runtime.java
@@ -123,10 +123,6 @@
* process.
* @throws IOException
* if the requested program can not be executed.
- * @throws SecurityException
- * if the current {@code SecurityManager} disallows program
- * execution.
- * @see SecurityManager#checkExec
*/
public Process exec(String[] progArray) throws java.io.IOException {
return exec(progArray, null, null);
@@ -148,10 +144,6 @@
* process.
* @throws IOException
* if the requested program can not be executed.
- * @throws SecurityException
- * if the current {@code SecurityManager} disallows program
- * execution.
- * @see SecurityManager#checkExec
*/
public Process exec(String[] progArray, String[] envp) throws java.io.IOException {
return exec(progArray, envp, null);
@@ -175,10 +167,6 @@
* process.
* @throws IOException
* if the requested program can not be executed.
- * @throws SecurityException
- * if the current {@code SecurityManager} disallows program
- * execution.
- * @see SecurityManager#checkExec
*/
public Process exec(String[] progArray, String[] envp, File directory) throws IOException {
// BEGIN android-changed: push responsibility for argument checking into ProcessManager
@@ -197,10 +185,6 @@
* process.
* @throws IOException
* if the requested program can not be executed.
- * @throws SecurityException
- * if the current {@code SecurityManager} disallows program
- * execution.
- * @see SecurityManager#checkExec
*/
public Process exec(String prog) throws java.io.IOException {
return exec(prog, null, null);
@@ -220,10 +204,6 @@
* process.
* @throws IOException
* if the requested program can not be executed.
- * @throws SecurityException
- * if the current {@code SecurityManager} disallows program
- * execution.
- * @see SecurityManager#checkExec
*/
public Process exec(String prog, String[] envp) throws java.io.IOException {
return exec(prog, envp, null);
@@ -246,10 +226,6 @@
* process.
* @throws IOException
* if the requested program can not be executed.
- * @throws SecurityException
- * if the current {@code SecurityManager} disallows program
- * execution.
- * @see SecurityManager#checkExec
*/
public Process exec(String prog, String[] envp, File directory) throws java.io.IOException {
// Sanity checks
@@ -280,18 +256,8 @@
* @param code
* the return code. By convention, non-zero return codes indicate
* abnormal terminations.
- * @throws SecurityException
- * if the current {@code SecurityManager} does not allow the
- * running thread to terminate the virtual machine.
- * @see SecurityManager#checkExit
*/
public void exit(int code) {
- // Security checks
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkExit(code);
- }
-
// Make sure we don't try this several times
synchronized(this) {
if (!shuttingDown) {
@@ -363,18 +329,8 @@
* the absolute (platform dependent) path to the library to load.
* @throws UnsatisfiedLinkError
* if the library can not be loaded.
- * @throws SecurityException
- * if the current {@code SecurityManager} does not allow to load
- * the library.
- * @see SecurityManager#checkLink
*/
public void load(String pathName) {
- // Security checks
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkLink(pathName);
- }
-
load(pathName, VMStack.getCallingClassLoader());
}
@@ -400,18 +356,8 @@
* the name of the library to load.
* @throws UnsatisfiedLinkError
* if the library can not be loaded.
- * @throws SecurityException
- * if the current {@code SecurityManager} does not allow to load
- * the library.
- * @see SecurityManager#checkLink
*/
public void loadLibrary(String libName) {
- // Security checks
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkLink(libName);
- }
-
loadLibrary(libName, VMStack.getCallingClassLoader());
}
@@ -488,10 +434,6 @@
*/
@Deprecated
public static void runFinalizersOnExit(boolean run) {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkExit(0);
- }
finalizeOnExit = run;
}
@@ -606,9 +548,6 @@
* been registered.
* @throws IllegalStateException
* if the virtual machine is already shutting down.
- * @throws SecurityException
- * if a SecurityManager is registered and the calling code
- * doesn't have the RuntimePermission("shutdownHooks").
*/
public void addShutdownHook(Thread hook) {
// Sanity checks
@@ -624,11 +563,6 @@
throw new IllegalArgumentException("Hook has already been started");
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new RuntimePermission("shutdownHooks"));
- }
-
synchronized (shutdownHooks) {
if (shutdownHooks.contains(hook)) {
throw new IllegalArgumentException("Hook already registered.");
@@ -647,9 +581,6 @@
* false} otherwise.
* @throws IllegalStateException
* if the virtual machine is already shutting down.
- * @throws SecurityException
- * if a SecurityManager is registered and the calling code
- * doesn't have the RuntimePermission("shutdownHooks").
*/
public boolean removeShutdownHook(Thread hook) {
// Sanity checks
@@ -661,11 +592,6 @@
throw new IllegalStateException("VM already shutting down");
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new RuntimePermission("shutdownHooks"));
- }
-
synchronized (shutdownHooks) {
return shutdownHooks.remove(hook);
}
@@ -678,21 +604,11 @@
* @param code
* the return code. By convention, non-zero return codes indicate
* abnormal terminations.
- * @throws SecurityException
- * if the current {@code SecurityManager} does not allow the
- * running thread to terminate the virtual machine.
- * @see SecurityManager#checkExit
* @see #addShutdownHook(Thread)
* @see #removeShutdownHook(Thread)
* @see #runFinalizersOnExit(boolean)
*/
public void halt(int code) {
- // Security checks
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkExit(code);
- }
-
// Get out of here...
nativeExit(code, false);
}
@@ -714,4 +630,4 @@
*/
public native long maxMemory();
-}
\ No newline at end of file
+}
diff --git a/luni/src/main/java/java/lang/RuntimePermission.java b/luni/src/main/java/java/lang/RuntimePermission.java
index a6714e8..752c74a 100644
--- a/luni/src/main/java/java/lang/RuntimePermission.java
+++ b/luni/src/main/java/java/lang/RuntimePermission.java
@@ -20,63 +20,13 @@
import java.security.BasicPermission;
/**
- * Represents the permission to execute a runtime-related function. There is no
- * action list associated with a {@code RuntimePermission}; the user either has
- * the permission or he doesn't.
+ * Legacy security code; this class exists for compatibility only.
*/
public final class RuntimePermission extends BasicPermission {
private static final long serialVersionUID = 7399184964622342223L;
/**
- * Constants for runtime permissions used in this package.
- */
- static final RuntimePermission permissionToSetSecurityManager = new RuntimePermission(
- "setSecurityManager");
-
- static final RuntimePermission permissionToCreateSecurityManager = new RuntimePermission(
- "createSecurityManager");
-
- static final RuntimePermission permissionToGetProtectionDomain = new RuntimePermission(
- "getProtectionDomain");
-
- static final RuntimePermission permissionToGetClassLoader = new RuntimePermission(
- "getClassLoader");
-
- static final RuntimePermission permissionToCreateClassLoader = new RuntimePermission(
- "createClassLoader");
-
- static final RuntimePermission permissionToModifyThread = new RuntimePermission(
- "modifyThread");
-
- static final RuntimePermission permissionToModifyThreadGroup = new RuntimePermission(
- "modifyThreadGroup");
-
- static final RuntimePermission permissionToExitVM = new RuntimePermission(
- "exitVM");
-
- static final RuntimePermission permissionToReadFileDescriptor = new RuntimePermission(
- "readFileDescriptor");
-
- static final RuntimePermission permissionToWriteFileDescriptor = new RuntimePermission(
- "writeFileDescriptor");
-
- static final RuntimePermission permissionToQueuePrintJob = new RuntimePermission(
- "queuePrintJob");
-
- static final RuntimePermission permissionToSetFactory = new RuntimePermission(
- "setFactory");
-
- static final RuntimePermission permissionToSetIO = new RuntimePermission(
- "setIO");
-
- static final RuntimePermission permissionToStopThread = new RuntimePermission(
- "stopThread");
-
- static final RuntimePermission permissionToSetContextClassLoader = new RuntimePermission(
- "setContextClassLoader");
-
- /**
* Creates an instance of {@code RuntimePermission} with the specified name.
*
* @param permissionName
diff --git a/luni/src/main/java/java/lang/SecurityManager.java b/luni/src/main/java/java/lang/SecurityManager.java
index 1daf1ac..a814bf5 100644
--- a/luni/src/main/java/java/lang/SecurityManager.java
+++ b/luni/src/main/java/java/lang/SecurityManager.java
@@ -28,38 +28,21 @@
import java.lang.reflect.Member;
import java.net.InetAddress;
import java.net.SocketPermission;
-import java.security.AccessControlContext;
import java.security.AccessController;
import java.security.AllPermission;
import java.security.Permission;
import java.security.Security;
import java.security.SecurityPermission;
import java.util.PropertyPermission;
-import org.apache.harmony.luni.util.PriviAction;
/**
- * <strong>Warning:</strong> security managers do <strong>not</strong> provide a
+ * Legacy security code; this class exists for compatibility only.
+ *
+ * <p>Security managers do <strong>not</strong> provide a
* secure environment for executing untrusted code. Untrusted code cannot be
* safely isolated within the Dalvik VM.
- *
- * <p>Provides security verification facilities for applications. {@code
- * SecurityManager} contains a set of {@code checkXXX} methods which determine
- * if it is safe to perform a specific operation such as establishing network
- * connections, modifying files, and many more. In general, these methods simply
- * return if they allow the application to perform the operation; if an
- * operation is not allowed, then they throw a {@link SecurityException}. The
- * only exception is {@link #checkTopLevelWindow(Object)}, which returns a
- * boolean to indicate permission.
*/
public class SecurityManager {
-
- private static final PropertyPermission READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
- "*", "read,write");
-
- private static final String PKG_ACC_KEY = "package.access";
-
- private static final String PKG_DEF_KEY = "package.definition";
-
/**
* Flag to indicate whether a security check is in progress.
*
@@ -70,589 +53,185 @@
/**
* Constructs a new {@code SecurityManager} instance.
- * <p>
- * The {@code RuntimePermission("createSecurityManager")} is checked if a
- * security manager is installed.
*/
public SecurityManager() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security
- .checkPermission(RuntimePermission.permissionToCreateSecurityManager);
- }
- Class<?> type = Security.class; // initialize Security properties
- if (type == null) {
- throw new AssertionError();
- }
}
/**
- * Checks whether the calling thread is allowed to accept socket
- * connections.
- *
- * @param host
- * the address of the host that attempts to connect.
- * @param port
- * the port number to check.
- * @throws NullPointerException
- * if {@code host} is {@code null}.
- * @throws SecurityException
- * if the calling thread is not allowed to accept socket
- * connections from {@code host} through {@code port}.
+ * Does nothing.
*/
public void checkAccept(String host, int port) {
- if (host == null) {
- throw new NullPointerException();
- }
- checkPermission(new SocketPermission(host + ':' + port, "accept"));
}
/**
- * Checks whether the calling thread is allowed to modify the specified
- * thread.
- *
- * @param thread
- * the thread to access.
- * @throws SecurityException
- * if the calling thread is not allowed to access {@code thread}.
+ * Does nothing.
*/
public void checkAccess(Thread thread) {
- // Only worry about system threads. Dead threads have a null group.
- ThreadGroup group = thread.getThreadGroup();
- if ((group != null) && (group.parent == null)) {
- checkPermission(RuntimePermission.permissionToModifyThread);
- }
}
/**
- * Checks whether the calling thread is allowed to modify the specified
- * thread group.
- *
- * @param group
- * the thread group to access.
- * @throws NullPointerException
- * if {@code group} is {@code null}.
- * @throws SecurityException
- * if the calling thread is not allowed to access {@code group}.
+ * Does nothing.
*/
public void checkAccess(ThreadGroup group) {
- // Only worry about system threads.
- if (group == null) {
- throw new NullPointerException();
- }
- if (group.parent == null) {
- checkPermission(RuntimePermission.permissionToModifyThreadGroup);
- }
}
/**
- * Checks whether the calling thread is allowed to establish socket
- * connections. A -1 port indicates the caller is trying to resolve the
- * hostname.
- *
- * @param host
- * the address of the host to connect to.
- * @param port
- * the port number to check, or -1 for resolve.
- * @throws NullPointerException
- * if {@code host} is {@code null}.
- * @throws SecurityException
- * if the calling thread is not allowed to connect to {@code
- * host} through {@code port}.
+ * Does nothing.
*/
public void checkConnect(String host, int port) {
- if (host == null) {
- throw new NullPointerException();
- }
- if (port > 0) {
- checkPermission(new SocketPermission(host + ':' + port, "connect"));
- } else {
- checkPermission(new SocketPermission(host, "resolve"));
- }
}
/**
- * Checks whether the specified security context is allowed to establish
- * socket connections. A -1 port indicates the caller is trying to resolve
- * the hostname.
- *
- * @param host
- * the address of the host to connect to.
- * @param port
- * the port number to check, or -1 for resolve.
- * @param context
- * the security context to use for the check.
- * @throws NullPointerException
- * if {@code host} is {@code null}.
- * @throws SecurityException
- * if {@code context} is not allowed to connect to {@code host}
- * through {@code port}.
+ * Does nothing.
*/
public void checkConnect(String host, int port, Object context) {
- // BEGIN android-added
- if (host == null) {
- throw new NullPointerException();
- }
- // END android-added
- if (port > 0) {
- checkPermission(new SocketPermission(host + ':' + port, "connect"),
- context);
- } else {
- checkPermission(new SocketPermission(host, "resolve"), context);
- }
}
/**
- * Checks whether the calling thread is allowed to create a class loader.
- *
- * @throws SecurityException
- * if the calling thread is not allowed to create a class
- * loader.
+ * Does nothing.
*/
public void checkCreateClassLoader() {
- checkPermission(RuntimePermission.permissionToCreateClassLoader);
}
/**
- * Checks whether the calling thread is allowed to delete the file with the
- * specified name, which should be passed in canonical form.
- *
- * @param file
- * the name of the file to delete.
- * @throws SecurityException
- * if the calling thread is not allowed to delete {@code file}.
+ * Does nothing.
*/
public void checkDelete(String file) {
- checkPermission(new FilePermission(file, "delete"));
}
/**
- * Checks whether the calling thread is allowed to execute the specified
- * platform specific command.
- *
- * @param cmd
- * the command line to execute.
- * @throws SecurityException
- * if the calling thread is not allowed to execute {@code cmd}.
+ * Does nothing.
*/
public void checkExec(String cmd) {
- checkPermission(new FilePermission(new File(cmd).isAbsolute() ? cmd
- : "<<ALL FILES>>", "execute"));
}
/**
- * Checks whether the calling thread is allowed to terminate the virtual
- * machine.
- *
- * @param status
- * the status that the virtual machine returns when it is
- * terminated.
- * @throws SecurityException
- * if the calling thread is not allowed to terminate the virtual
- * machine with {@code status}.
+ * Does nothing.
*/
public void checkExit(int status) {
- checkPermission(RuntimePermission.permissionToExitVM);
}
/**
- * Checks whether the calling thread is allowed to load the specified native
- * library.
- *
- * @param libName
- * the name of the library to load.
- * @throws SecurityException
- * if the calling thread is not allowed to load {@code libName}.
+ * Does nothing.
*/
public void checkLink(String libName) {
- if (libName == null) {
- throw new NullPointerException();
- }
- checkPermission(new RuntimePermission("loadLibrary." + libName));
}
/**
- * Checks whether the calling thread is allowed to listen on the specified
- * port.
- *
- * @param port
- * the port number to check.
- * @throws SecurityException
- * if the calling thread is not allowed listen on {@code port}.
+ * Does nothing.
*/
public void checkListen(int port) {
- if (port == 0) {
- checkPermission(new SocketPermission("localhost:1024-", "listen"));
- } else {
- checkPermission(new SocketPermission("localhost:" + port, "listen"));
- }
}
/**
- * Checks whether the calling thread is allowed to access members. The
- * default is to allow access to public members (that is, {@code
- * java.lang.reflect.Member.PUBLIC}) and to classes loaded by the same
- * loader as the original caller (that is, the method that called the
- * reflect API). Due to the nature of the check, overriding implementations
- * cannot call {@code super.checkMemberAccess()} since the stack would no
- * longer be of the expected shape.
- *
- * @param cls
- * the class of which members are accessed.
- * @param type
- * the access type, either {@code
- * java.lang.reflect.Member.PUBLIC} or {@code
- * java.lang.reflect.Member.DECLARED}.
- * @throws SecurityException
- * if the calling thread is not allowed to access members of
- * {@code cls}.
+ * Does nothing.
*/
public void checkMemberAccess(Class<?> cls, int type) {
- if (cls == null) {
- throw new NullPointerException();
- }
- if (type == Member.PUBLIC) {
- return;
- }
- //
- // Need to compare the classloaders.
- // Stack shape is
- // <user code> <- want this class
- // Class.getDeclared*();
- // Class.checkMemberAccess();
- // SecurityManager.checkMemberAccess(); <- current frame
- //
- // Use getClassLoaderImpl() since getClassLoader()
- // returns null for the bootstrap class loader.
- if (ClassLoader.getStackClassLoader(3) == cls.getClassLoaderImpl()) {
- return;
- }
-
- // Forward off to the permission mechanism.
- checkPermission(new RuntimePermission("accessDeclaredMembers"));
}
/**
- * Checks whether the calling thread is allowed to use the specified IP
- * multicast group address.
- *
- * @param maddr
- * the internet group address to use.
- * @throws SecurityException
- * if the calling thread is not allowed to use {@code maddr}.
+ * Does nothing.
*/
public void checkMulticast(InetAddress maddr) {
- checkPermission(new SocketPermission(maddr.getHostAddress(),
- "accept,connect"));
}
/**
- * Checks whether the calling thread is allowed to use the specified IP
- * multicast group address.
- *
- * @param maddr
- * the internet group address to use.
- * @param ttl
- * the value in use for multicast send. This parameter is
- * ignored.
- * @throws SecurityException
- * if the calling thread is not allowed to use {@code maddr}.
+ * Does nothing.
* @deprecated use {@link #checkMulticast(java.net.InetAddress)}
*/
@Deprecated
public void checkMulticast(InetAddress maddr, byte ttl) {
- checkPermission(new SocketPermission(maddr.getHostAddress(),
- "accept,connect"));
}
/**
- * Checks whether the calling thread is allowed to access the specified
- * package.
- *
- * @param packageName
- * the name of the package to access.
- * @throws SecurityException
- * if the calling thread is not allowed to access {@code
- * packageName}.
+ * Does nothing.
*/
public void checkPackageAccess(String packageName) {
- if (packageName == null) {
- throw new NullPointerException();
- }
- if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
- checkPermission(new RuntimePermission("accessClassInPackage."
- + packageName));
- }
}
/**
- * Checks whether the calling thread is allowed to define new classes in the
- * specified package.
- *
- * @param packageName
- * the name of the package to add a class to.
- * @throws SecurityException
- * if the calling thread is not allowed to add classes to
- * {@code packageName}.
+ * Does nothing.
*/
public void checkPackageDefinition(String packageName) {
- if (packageName == null) {
- throw new NullPointerException();
- }
- if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
- checkPermission(new RuntimePermission("defineClassInPackage."
- + packageName));
- }
}
/**
- * Returns true if the package name is restricted by the specified security
- * property.
- */
- private static boolean checkPackageProperty(final String property,
- final String pkg) {
- String list = AccessController.doPrivileged(PriviAction
- .getSecurityProperty(property));
- if (list != null) {
- int plen = pkg.length();
- String[] tokens = list.split(", *");
- for (String token : tokens) {
- int tlen = token.length();
- if (plen > tlen
- && pkg.startsWith(token)
- && (token.charAt(tlen - 1) == '.' || pkg.charAt(tlen) == '.')) {
- return true;
- } else if (plen == tlen && token.startsWith(pkg)) {
- return true;
- } else if (plen + 1 == tlen && token.startsWith(pkg)
- && token.charAt(tlen - 1) == '.') {
- return true;
- }
- }
- }
-
- return false;
- }
-
- /**
- * Checks whether the calling thread is allowed to access the system
- * properties.
- *
- * @throws SecurityException
- * if the calling thread is not allowed to access system
- * properties.
+ * Does nothing.
*/
public void checkPropertiesAccess() {
- checkPermission(READ_WRITE_ALL_PROPERTIES_PERMISSION);
}
/**
- * Checks whether the calling thread is allowed to access a particular
- * system property.
- *
- * @param key
- * the name of the property to access.
- * @throws SecurityException
- * if the calling thread is not allowed to access the {@code
- * key} system property.
+ * Does nothing.
*/
public void checkPropertyAccess(String key) {
- checkPermission(new PropertyPermission(key, "read"));
}
/**
- * Checks whether the calling thread is allowed to read from the file with
- * the specified file descriptor.
- *
- * @param fd
- * the file descriptor of the file to read from.
- * @throws SecurityException
- * if the calling thread is not allowed to read from {@code fd}.
+ * Does nothing.
*/
public void checkRead(FileDescriptor fd) {
- if (fd == null) {
- throw new NullPointerException();
- }
- checkPermission(RuntimePermission.permissionToReadFileDescriptor);
}
/**
- * Checks whether the calling thread is allowed to read from the file with
- * the specified name, which should be passed in canonical form.
- *
- * @param file
- * the name of the file or directory to read from.
- * @throws SecurityException
- * if the calling thread is not allowed to read from {@code
- * file}.
+ * Does nothing.
*/
public void checkRead(String file) {
- checkPermission(new FilePermission(file, "read"));
}
/**
- * Checks whether the given security context is allowed to read from the
- * file named by the argument, which should be passed in canonical form.
- *
- * @param file
- * the name of the file or directory to check.
- * @param context
- * the security context to use for the check.
- * @throws SecurityException
- * if {@code context} is not allowed to read from {@code file}.
+ * Does nothing.
*/
public void checkRead(String file, Object context) {
- checkPermission(new FilePermission(file, "read"), context);
}
/**
- * Checks whether the calling thread is allowed to perform the security
- * operation named by the target.
- *
- * @param target
- * the name of the operation to perform.
- * @throws SecurityException
- * if the calling thread is not allowed to perform
- * {@code target}.
+ * Does nothing.
*/
public void checkSecurityAccess(String target) {
- checkPermission(new SecurityPermission(target));
}
/**
- * Checks whether the calling thread is allowed to set the net object
- * factories.
- *
- * @throws SecurityException
- * if the calling thread is not allowed to set the net object
- * factories.
+ * Does nothing.
*/
public void checkSetFactory() {
- checkPermission(RuntimePermission.permissionToSetFactory);
}
/**
- * Checks whether the calling thread is trusted to show the specified top
- * level window.
- *
- * @param window
- * the window to show.
- * @return {@code true} if the calling thread is allowed to show {@code
- * window}; {@code false} otherwise.
- * @throws NullPointerException
- * if {@code window} is {@code null}.
+ * Returns true.
*/
public boolean checkTopLevelWindow(Object window) {
- if (window == null) {
- throw new NullPointerException();
- }
- try {
- Class<?> awtPermission = Class.forName("java.awt.AWTPermission");
- Constructor<?> constructor = awtPermission
- .getConstructor(String.class);
- Object perm = constructor
- .newInstance("showWindowWithoutWarningBanner");
- checkPermission((Permission) perm);
- } catch (ClassNotFoundException e) {
- } catch (NoSuchMethodException e) {
- } catch (InstantiationException e) {
- } catch (IllegalAccessException e) {
- } catch (InvocationTargetException e) {
- } catch (SecurityException e) {
- return false;
- }
return true;
}
/**
- * Checks whether the calling thread is allowed to access the system
- * clipboard.
- *
- * @throws SecurityException
- * if the calling thread is not allowed to access the system
- * clipboard.
+ * Does nothing.
*/
public void checkSystemClipboardAccess() {
- try {
- Class<?> awtPermission = Class.forName("java.awt.AWTPermission");
- Constructor<?> constructor = awtPermission
- .getConstructor(String.class);
- Object perm = constructor.newInstance("accessClipboard");
- checkPermission((Permission) perm);
- return;
- } catch (ClassNotFoundException e) {
- } catch (NoSuchMethodException e) {
- } catch (InstantiationException e) {
- } catch (IllegalAccessException e) {
- } catch (InvocationTargetException e) {
- }
- throw new SecurityException();
}
/**
- * Checks whether the calling thread is allowed to access the AWT event
- * queue.
- *
- * @throws SecurityException
- * if the calling thread is not allowed to access the AWT event
- * queue.
+ * Does nothing.
*/
public void checkAwtEventQueueAccess() {
- try {
- Class<?> awtPermission = Class.forName("java.awt.AWTPermission");
- Constructor<?> constructor = awtPermission
- .getConstructor(String.class);
- Object perm = constructor.newInstance("accessEventQueue");
- checkPermission((Permission) perm);
- return;
- } catch (ClassNotFoundException e) {
- } catch (NoSuchMethodException e) {
- } catch (InstantiationException e) {
- } catch (IllegalAccessException e) {
- } catch (InvocationTargetException e) {
- }
- throw new SecurityException();
}
/**
- * Checks whether the calling thread is allowed to start a new print job.
- *
- * @throws SecurityException
- * if the calling thread is not allowed to start a new print
- * job.
+ * Does nothing.
*/
public void checkPrintJobAccess() {
- checkPermission(RuntimePermission.permissionToQueuePrintJob);
}
/**
- * Checks whether the calling thread is allowed to write to the file with
- * the specified file descriptor.
- *
- * @param fd
- * the file descriptor of the file to write to.
- * @throws SecurityException
- * if the calling thread is not allowed to write to {@code fd}.
+ * Does nothing.
*/
public void checkWrite(FileDescriptor fd) {
- if (fd == null) {
- throw new NullPointerException();
- }
- checkPermission(RuntimePermission.permissionToWriteFileDescriptor);
}
/**
- * Checks whether the calling thread is allowed to write to the file with
- * the specified name, which should be passed in canonical form.
- *
- * @param file
- * the name of the file or directory to write to.
- * @throws SecurityException
- * if the calling thread is not allowed to write to
- * {@code file}.
+ * Does nothing.
*/
public void checkWrite(String file) {
- checkPermission(new FilePermission(file, "write"));
}
/**
@@ -750,36 +329,11 @@
}
/**
- * Returns the first class in the call stack that was loaded by a class
- * loader which is not a system class loader.
- *
- * @return the most recent class loaded by a non-system class loader.
+ * Returns null.
* @deprecated Use {@link #checkPermission}.
*/
@Deprecated
protected Class<?> currentLoadedClass() {
- /*
- * First, check if AllPermission is allowed. If so, then we are
- * effectively running in an unsafe environment, so just answer null
- * (==> everything is a system class).
- */
- try {
- checkPermission(new AllPermission());
- return null;
- } catch (SecurityException ex) {
- }
-
- /*
- * Now, check if there are any non-system class loaders in the stack up
- * to the first privileged method (or the end of the stack.
- */
- Class<?>[] classes = Class.getStackClasses(-1, true);
- for (int i = 0; i < classes.length; i++) {
- ClassLoader cl = classes[i].getClassLoaderImpl();
- if (!cl.isSystemClassLoader()) {
- return classes[i];
- }
- }
return null;
}
@@ -846,8 +400,7 @@
/**
* Returns an object which encapsulates the security state of the current
- * point in the execution. In our case, this is an {@link
- * java.security.AccessControlContext}.
+ * point in the execution.
*
* @return an object that encapsulates information about the current
* execution environment.
@@ -857,51 +410,14 @@
}
/**
- * Checks whether the calling thread is allowed to access the resource being
- * guarded by the specified permission object.
- *
- * @param permission
- * the permission to check.
- * @throws SecurityException
- * if the requested {@code permission} is denied according to
- * the current security policy.
+ * Does nothing.
*/
public void checkPermission(Permission permission) {
- try {
- inCheck = true;
- AccessController.checkPermission(permission);
- } finally {
- inCheck = false;
- }
}
/**
- * Checks whether the specified security context is allowed to access the
- * resource being guarded by the specified permission object.
- *
- * @param permission
- * the permission to check.
- * @param context
- * the security context for which to check permission.
- * @throws SecurityException
- * if {@code context} is not an instance of {@code
- * AccessControlContext} or if the requested {@code permission}
- * is denied for {@code context} according to the current
- * security policy.
+ * Does nothing.
*/
public void checkPermission(Permission permission, Object context) {
- try {
- inCheck = true;
- // Must be an AccessControlContext. If we don't check
- // this, then applications could pass in an arbitrary
- // object which circumvents the security check.
- if (context instanceof AccessControlContext) {
- ((AccessControlContext) context).checkPermission(permission);
- } else {
- throw new SecurityException();
- }
- } finally {
- inCheck = false;
- }
}
}
diff --git a/luni/src/main/java/java/lang/System.java b/luni/src/main/java/java/lang/System.java
index 8ba0472..9de5a05 100644
--- a/luni/src/main/java/java/lang/System.java
+++ b/luni/src/main/java/java/lang/System.java
@@ -100,16 +100,8 @@
* @param newIn
* the user defined input stream to set as the standard input
* stream.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPermission()} method does not allow the change of the
- * stream.
*/
public static void setIn(InputStream newIn) {
- SecurityManager secMgr = System.getSecurityManager();
- if(secMgr != null) {
- secMgr.checkPermission(RuntimePermission.permissionToSetIO);
- }
setFieldImpl("in", "Ljava/io/InputStream;", newIn);
}
@@ -119,16 +111,8 @@
* @param newOut
* the user defined output stream to set as the standard output
* stream.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPermission()} method does not allow the change of the
- * stream.
*/
public static void setOut(java.io.PrintStream newOut) {
- SecurityManager secMgr = System.getSecurityManager();
- if(secMgr != null) {
- secMgr.checkPermission(RuntimePermission.permissionToSetIO);
- }
setFieldImpl("out", "Ljava/io/PrintStream;", newOut);
}
@@ -139,16 +123,8 @@
* @param newErr
* the user defined output stream to set as the standard error
* output stream.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPermission()} method does not allow the change of the
- * stream.
*/
public static void setErr(java.io.PrintStream newErr) {
- SecurityManager secMgr = System.getSecurityManager();
- if(secMgr != null) {
- secMgr.checkPermission(RuntimePermission.permissionToSetIO);
- }
setFieldImpl("err", "Ljava/io/PrintStream;", newErr);
}
@@ -204,10 +180,6 @@
*
* @param code
* the return code.
- * @throws SecurityException
- * if the running thread has not enough permission to exit the
- * virtual machine.
- * @see SecurityManager#checkExit
*/
public static void exit(int code) {
Runtime.getRuntime().exit(code);
@@ -230,20 +202,11 @@
* the name of the environment variable.
* @return the value of the specified environment variable or {@code null}
* if no variable exists with the given name.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPermission()} method does not allow the querying of
- * single environment variables.
*/
public static String getenv(String name) {
if (name == null) {
throw new NullPointerException();
}
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPermission(new RuntimePermission("getenv." + name));
- }
-
return getEnvByName(name);
}
@@ -258,17 +221,8 @@
* Returns an unmodifiable map of all available environment variables.
*
* @return the map representing all environment variables.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPermission()} method does not allow the querying of
- * all environment variables.
*/
public static Map<String, String> getenv() {
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPermission(new RuntimePermission("getenv.*"));
- }
-
Map<String, String> map = new HashMap<String, String>();
int index = 0;
@@ -315,33 +269,14 @@
* subsequent calls to getProperty and getProperties.
*
* @return the system properties.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPropertiesAccess()} method does not allow the operation.
*/
public static Properties getProperties() {
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPropertiesAccess();
- }
-
- return internalGetProperties();
- }
-
- /**
- * Returns the system properties without any security checks. This is used
- * for access from within java.lang.
- *
- * @return the system properties
- */
- static Properties internalGetProperties() {
if (System.systemProperties == null) {
SystemProperties props = new SystemProperties();
props.preInit();
props.postInit();
System.systemProperties = props;
}
-
return systemProperties;
}
@@ -394,9 +329,6 @@
* the name of the system property to look up.
* @return the value of the specified system property or {@code null} if the
* property doesn't exist.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPropertyAccess()} method does not allow the operation.
*/
public static String getProperty(String propertyName) {
return getProperty(propertyName, null);
@@ -413,20 +345,12 @@
* does not exist.
* @return the value of the specified system property or the {@code
* defaultValue} if the property does not exist.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPropertyAccess()} method does not allow the operation.
*/
public static String getProperty(String prop, String defaultValue) {
- if (prop.length() == 0) {
+ if (prop.isEmpty()) {
throw new IllegalArgumentException();
}
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPropertyAccess(prop);
- }
-
- return internalGetProperties().getProperty(prop, defaultValue);
+ return getProperties().getProperty(prop, defaultValue);
}
/**
@@ -438,19 +362,12 @@
* the value to associate with the given property {@code prop}.
* @return the old value of the property or {@code null} if the property
* didn't exist.
- * @throws SecurityException
- * if a security manager exists and write access to the
- * specified property is not allowed.
*/
public static String setProperty(String prop, String value) {
- if (prop.length() == 0) {
+ if (prop.isEmpty()) {
throw new IllegalArgumentException();
}
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPermission(new PropertyPermission(prop, "write"));
- }
- return (String)internalGetProperties().setProperty(prop, value);
+ return (String) getProperties().setProperty(prop, value);
}
/**
@@ -463,23 +380,15 @@
* if the argument {@code key} is {@code null}.
* @throws IllegalArgumentException
* if the argument {@code key} is empty.
- * @throws SecurityException
- * if a security manager exists and write access to the
- * specified property is not allowed.
*/
public static String clearProperty(String key) {
if (key == null) {
throw new NullPointerException();
}
- if (key.length() == 0) {
+ if (key.isEmpty()) {
throw new IllegalArgumentException();
}
-
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPermission(new PropertyPermission(key, "write"));
- }
- return (String)internalGetProperties().remove(key);
+ return (String) getProperties().remove(key);
}
/**
@@ -523,14 +432,8 @@
*
* @param pathName
* the path of the file to be loaded.
- * @throws SecurityException
- * if the library was not allowed to be loaded.
*/
public static void load(String pathName) {
- SecurityManager smngr = System.getSecurityManager();
- if (smngr != null) {
- smngr.checkLink(pathName);
- }
Runtime.getRuntime().load(pathName, VMStack.getCallingClassLoader());
}
@@ -543,14 +446,8 @@
* the name of the library to load.
* @throws UnsatisfiedLinkError
* if the library could not be loaded.
- * @throws SecurityException
- * if the library was not allowed to be loaded.
*/
public static void loadLibrary(String libName) {
- SecurityManager smngr = System.getSecurityManager();
- if (smngr != null) {
- smngr.checkLink(libName);
- }
Runtime.getRuntime().loadLibrary(libName, VMStack.getCallingClassLoader());
}
@@ -581,17 +478,9 @@
* Sets all system properties.
*
* @param p
- * the new system property.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkPropertiesAccess()} method does not allow the operation.
+ * the new system properties.
*/
public static void setProperties(Properties p) {
- SecurityManager secMgr = System.getSecurityManager();
- if (secMgr != null) {
- secMgr.checkPropertiesAccess();
- }
-
systemProperties = p;
}
diff --git a/luni/src/main/java/java/lang/Thread.java b/luni/src/main/java/java/lang/Thread.java
index e26ecf0..71c10f2 100644
--- a/luni/src/main/java/java/lang/Thread.java
+++ b/luni/src/main/java/java/lang/Thread.java
@@ -33,10 +33,8 @@
package java.lang;
import dalvik.system.VMStack;
-import java.security.AccessController;
import java.util.HashMap;
import java.util.Map;
-import org.apache.harmony.security.fortress.SecurityUtils;
/**
* A {@code Thread} is a concurrent unit of execution. It has its own call stack
@@ -275,15 +273,10 @@
* @param runnable
* a {@code Runnable} whose method <code>run</code> will be
* executed by the new {@code Thread}
- * @throws SecurityException
- * if <code>group.checkAccess()</code> fails with a
- * SecurityException
* @throws IllegalThreadStateException
* if <code>group.destroy()</code> has already been done
* @see java.lang.ThreadGroup
* @see java.lang.Runnable
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
*/
public Thread(ThreadGroup group, Runnable runnable) {
create(group, runnable, null, 0);
@@ -300,15 +293,10 @@
* executed by the new {@code Thread}
* @param threadName
* the name for the {@code Thread} being created
- * @throws SecurityException
- * if <code>group.checkAccess()</code> fails with a
- * SecurityException
* @throws IllegalThreadStateException
* if <code>group.destroy()</code> has already been done
* @see java.lang.ThreadGroup
* @see java.lang.Runnable
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
*/
public Thread(ThreadGroup group, Runnable runnable, String threadName) {
if (threadName == null) {
@@ -326,15 +314,10 @@
* {@code ThreadGroup} to which the new {@code Thread} will belong
* @param threadName
* the name for the {@code Thread} being created
- * @throws SecurityException
- * if <code>group.checkAccess()</code> fails with a
- * SecurityException
* @throws IllegalThreadStateException
* if <code>group.destroy()</code> has already been done
* @see java.lang.ThreadGroup
* @see java.lang.Runnable
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
*/
public Thread(ThreadGroup group, String threadName) {
if (threadName == null) {
@@ -360,15 +343,10 @@
* a stack size for the new {@code Thread}. This has a highly
* platform-dependent interpretation. It may even be ignored
* completely.
- * @throws SecurityException
- * if <code>group.checkAccess()</code> fails with a
- * SecurityException
* @throws IllegalThreadStateException
* if <code>group.destroy()</code> has already been done
* @see java.lang.ThreadGroup
* @see java.lang.Runnable
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
*/
public Thread(ThreadGroup group, Runnable runnable, String threadName, long stackSize) {
if (threadName == null) {
@@ -420,53 +398,17 @@
* be executed by the new Thread
* @param threadName Name for the Thread being created
* @param stackSize Platform dependent stack size
- * @throws SecurityException if <code>group.checkAccess()</code> fails
- * with a SecurityException
* @throws IllegalThreadStateException if <code>group.destroy()</code> has
* already been done
* @see java.lang.ThreadGroup
* @see java.lang.Runnable
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
*/
private void create(ThreadGroup group, Runnable runnable, String threadName, long stackSize) {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- if (group == null) {
- group = smgr.getThreadGroup();
- }
-
- /*
- * Freaky security requirement: If the Thread's class is actually
- * a subclass of Thread and it tries to override either
- * getContextClassLoader() or setContextClassLoader(), the
- * SecurityManager has to allow this.
- */
- if (getClass() != Thread.class) {
- Class[] signature = new Class[] { ClassLoader.class };
-
- try {
- getClass().getDeclaredMethod("getContextClassLoader", signature);
- smgr.checkPermission(new RuntimePermission("enableContextClassLoaderOverride"));
- } catch (NoSuchMethodException ex) {
- // Ignore. Just interested in the method's existence.
- }
-
- try {
- getClass().getDeclaredMethod("setContextClassLoader", signature);
- smgr.checkPermission(new RuntimePermission("enableContextClassLoaderOverride"));
- } catch (NoSuchMethodException ex) {
- // Ignore. Just interested in the method's existence.
- }
- }
- }
-
Thread currentThread = Thread.currentThread();
if (group == null) {
group = currentThread.getThreadGroup();
}
- group.checkAccess();
if (group.isDestroyed()) {
throw new IllegalThreadStateException("Group already destroyed");
}
@@ -492,13 +434,9 @@
// Transfer over InheritableThreadLocals.
if (currentThread.inheritableValues != null) {
- inheritableValues
- = new ThreadLocal.Values(currentThread.inheritableValues);
+ inheritableValues = new ThreadLocal.Values(currentThread.inheritableValues);
}
- // store current AccessControlContext as inherited context for this thread
- SecurityUtils.putContext(this, AccessController.getContext());
-
// add ourselves to our ThreadGroup of choice
this.group.addThread(this);
}
@@ -514,26 +452,9 @@
}
/**
- * Is used for operations that require approval from a SecurityManager. If
- * there's none installed, this method is a no-op. If there's a
- * SecurityManager installed, {@link SecurityManager#checkAccess(Thread)} is
- * called for that SecurityManager.
- *
- * @throws SecurityException
- * if a SecurityManager is installed and it does not allow
- * access to the Thread.
- *
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
+ * Does nothing.
*/
public final void checkAccess() {
- // Forwards the message to the SecurityManager (if there's one) passing
- // the receiver as parameter
-
- SecurityManager currentManager = System.getSecurityManager();
- if (currentManager != null) {
- currentManager.checkAccess(this);
- }
}
/**
@@ -587,37 +508,16 @@
* @param threads
* array into which the Threads will be copied
* @return How many Threads were copied over
- * @throws SecurityException
- * if the installed SecurityManager fails
- * {@link SecurityManager#checkAccess(Thread)}
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
*/
public static int enumerate(Thread[] threads) {
Thread thread = Thread.currentThread();
- thread.checkAccess();
return thread.getThreadGroup().enumerate(threads);
}
/**
- * <p>
- * Returns the stack traces of all the currently live threads and puts them
- * into the given map.
- * </p>
- *
- * @return A Map of current Threads to StackTraceElement arrays.
- * @throws SecurityException
- * if the current SecurityManager fails the
- * {@link SecurityManager#checkPermission(java.security.Permission)}
- * call.
+ * Returns a map of all the currently live threads to their stack traces.
*/
public static Map<Thread, StackTraceElement[]> getAllStackTraces() {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkPermission(new RuntimePermission("getStackTrace"));
- securityManager.checkPermission(new RuntimePermission("modifyThreadGroup"));
- }
-
Map<Thread, StackTraceElement[]> map = new HashMap<Thread, StackTraceElement[]>();
// Find out how many live threads we have. Allocate a bit more
@@ -636,40 +536,12 @@
/**
* Returns the context ClassLoader for this Thread.
- * <p>
- * If the conditions
- * <ol>
- * <li>there is a security manager
- * <li>the caller's class loader is not null
- * <li>the caller's class loader is not the same as the requested
- * context class loader and not an ancestor thereof
- * </ol>
- * are satisfied, a security check for
- * <code>RuntimePermission("getClassLoader")</code> is performed first.
*
* @return ClassLoader The context ClassLoader
* @see java.lang.ClassLoader
* @see #getContextClassLoader()
- *
- * @throws SecurityException
- * if the aforementioned security check fails.
*/
public ClassLoader getContextClassLoader() {
- // First, if the conditions
- // 1) there is a security manager
- // 2) the caller's class loader is not null
- // 3) the caller's class loader is not the same as the context
- // class loader and not an ancestor thereof
- // are satisfied we should perform a security check.
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- ClassLoader calling = VMStack.getCallingClassLoader();
-
- if (calling != null && !calling.isAncestorOf(contextClassLoader)) {
- sm.checkPermission(new RuntimePermission("getClassLoader"));
- }
- }
-
return contextClassLoader;
}
@@ -716,25 +588,9 @@
}
/**
- * Returns the a stack trace representing the current execution state of
- * this Thread.
- * <p>
- * The <code>RuntimePermission("getStackTrace")</code> is checked before
- * returning a result.
- * </p>
- *
- * @return an array of StackTraceElements.
- * @throws SecurityException
- * if the current SecurityManager fails the
- * {@link SecurityManager#checkPermission(java.security.Permission)}
- * call.
+ * Returns an array of {@link StackTraceElement} representing the current thread's stack.
*/
public StackTraceElement[] getStackTrace() {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkPermission(new RuntimePermission("getStackTrace"));
- }
-
StackTraceElement ste[] = VMStack.getThreadStackTrace(this);
return ste != null ? ste : EMPTY_STACK_TRACE;
}
@@ -792,10 +648,7 @@
}
/**
- * Posts an interrupt request to this {@code Thread}. Unless the caller is
- * the {@link #currentThread()}, the method {@code checkAccess()} is called
- * for the installed {@code SecurityManager}, if any. This may result in a
- * {@code SecurityException} being thrown. The further behavior depends on
+ * Posts an interrupt request to this {@code Thread}. The behavior depends on
* the state of this {@code Thread}:
* <ul>
* <li>
@@ -815,16 +668,10 @@
* exception in this case.
* <ul>
*
- * @throws SecurityException
- * if <code>checkAccess()</code> fails with a SecurityException
- * @see java.lang.SecurityException
- * @see java.lang.SecurityManager
* @see Thread#interrupted
* @see Thread#isInterrupted
*/
public void interrupt() {
- checkAccess();
-
if (interruptAction != null) {
interruptAction.run();
}
@@ -994,15 +841,11 @@
* suspended, however, makes it resume to the point where it was when it was
* suspended.
*
- * @throws SecurityException
- * if <code>checkAccess()</code> fails with a SecurityException
* @see Thread#suspend()
* @deprecated Used with deprecated method {@link Thread#suspend}
*/
@Deprecated
public final void resume() {
- checkAccess();
-
VMThread vmt = this.vmThread;
if (vmt != null) {
vmt.resume();
@@ -1023,23 +866,11 @@
/**
* Set the context ClassLoader for the receiver.
- * <p>
- * The <code>RuntimePermission("setContextClassLoader")</code>
- * is checked prior to setting the handler.
- * </p>
*
* @param cl The context ClassLoader
- * @throws SecurityException if the current SecurityManager fails the
- * checkPermission call.
- * @see java.lang.ClassLoader
* @see #getContextClassLoader()
*/
public void setContextClassLoader(ClassLoader cl) {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkPermission(new RuntimePermission("setContextClassLoader"));
- }
-
contextClassLoader = cl;
}
@@ -1049,13 +880,9 @@
*
* @param isDaemon
* indicates whether the Thread should be daemon or not
- * @throws SecurityException
- * if <code>checkAccess()</code> fails with a SecurityException
* @see Thread#isDaemon
*/
public final void setDaemon(boolean isDaemon) {
- checkAccess();
-
if (hasBeenStarted) {
throw new IllegalThreadStateException("Thread already started."); // TODO Externalize?
}
@@ -1066,27 +893,13 @@
}
/**
- * <p>
* Sets the default uncaught exception handler. This handler is invoked in
* case any Thread dies due to an unhandled exception.
- * </p>
- * <p>
- * The <code>RuntimePermission("setDefaultUncaughtExceptionHandler")</code>
- * is checked prior to setting the handler.
- * </p>
*
* @param handler
- * The handler to set or <code>null</code>.
- * @throws SecurityException
- * if the current SecurityManager fails the checkPermission
- * call.
+ * The handler to set or null.
*/
public static void setDefaultUncaughtExceptionHandler(UncaughtExceptionHandler handler) {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkPermission(new RuntimePermission ("setDefaultUncaughtExceptionHandler"));
- }
-
Thread.defaultUncaughtHandler = handler;
}
@@ -1110,8 +923,6 @@
* Sets the name of the Thread.
*
* @param threadName the new name for the Thread
- * @throws SecurityException if <code>checkAccess()</code> fails with a
- * SecurityException
* @see Thread#getName
*/
public final void setName(String threadName) {
@@ -1119,8 +930,6 @@
throw new NullPointerException();
}
- checkAccess();
-
name = threadName;
VMThread vmt = this.vmThread;
if (vmt != null) {
@@ -1137,16 +946,12 @@
*
* @param priority
* new priority for the Thread
- * @throws SecurityException
- * if <code>checkAccess()</code> fails with a SecurityException
* @throws IllegalArgumentException
* if the new priority is greater than Thread.MAX_PRIORITY or
* less than Thread.MIN_PRIORITY
* @see Thread#getPriority
*/
public final void setPriority(int priority) {
- checkAccess();
-
if (priority < Thread.MIN_PRIORITY || priority > Thread.MAX_PRIORITY) {
throw new IllegalArgumentException("Priority out of range"); // TODO Externalize?
}
@@ -1171,12 +976,8 @@
*
* @param handler
* The handler to set or <code>null</code>.
- * @throws SecurityException
- * if the current SecurityManager fails the checkAccess call.
*/
public void setUncaughtExceptionHandler(UncaughtExceptionHandler handler) {
- checkAccess();
-
uncaughtHandler = handler;
}
@@ -1238,8 +1039,6 @@
* resumed if it was suspended and awakened if it was sleeping, so that it
* can proceed to throw ThreadDeath.
*
- * @throws SecurityException if <code>checkAccess()</code> fails with a
- * SecurityException
* @deprecated because stopping a thread in this manner is unsafe and can
* leave your application and the VM in an unpredictable state.
*/
@@ -1255,8 +1054,6 @@
* <code>throwable()</code>.
*
* @param throwable Throwable object to be thrown by the Thread
- * @throws SecurityException if <code>checkAccess()</code> fails with a
- * SecurityException
* @throws NullPointerException if <code>throwable()</code> is
* <code>null</code>
* @deprecated because stopping a thread in this manner is unsafe and can
@@ -1264,14 +1061,6 @@
*/
@Deprecated
public final synchronized void stop(Throwable throwable) {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- securityManager.checkAccess(this);
- if (Thread.currentThread() != this) {
- securityManager.checkPermission(new RuntimePermission("stopThread"));
- }
- }
-
if (throwable == null) {
throw new NullPointerException();
}
@@ -1289,15 +1078,11 @@
* means that N requests are equivalent to just one - only one resume
* request is needed in this case.
*
- * @throws SecurityException
- * if <code>checkAccess()</code> fails with a SecurityException
* @see Thread#resume()
* @deprecated May cause deadlocks.
*/
@Deprecated
public final void suspend() {
- checkAccess();
-
VMThread vmt = this.vmThread;
if (vmt != null) {
vmt.suspend();
diff --git a/luni/src/main/java/java/lang/ThreadGroup.java b/luni/src/main/java/java/lang/ThreadGroup.java
index 93e4a6d..540a836 100644
--- a/luni/src/main/java/java/lang/ThreadGroup.java
+++ b/luni/src/main/java/java/lang/ThreadGroup.java
@@ -27,7 +27,6 @@
* {@code ThreadGroup} is a means of organizing threads into a hierarchical structure.
* This class is obsolete. See <i>Effective Java</i> Item 73, "Avoid thread groups" for details.
* @see Thread
- * @see SecurityManager
*/
public class ThreadGroup implements Thread.UncaughtExceptionHandler {
@@ -74,8 +73,6 @@
* will be child of the {@code ThreadGroup} to which the calling thread belongs.
*
* @param name the name
- * @throws SecurityException if {@code checkAccess()} for the parent
- * group fails with a SecurityException
* @see Thread#currentThread
*/
@@ -90,18 +87,13 @@
* @param parent the parent
* @param name the name
* @throws NullPointerException if {@code parent == null}
- * @throws SecurityException if {@code checkAccess()} for the parent
- * group fails with a SecurityException
* @throws IllegalThreadStateException if {@code parent} has been
* destroyed already
*/
public ThreadGroup(ThreadGroup parent, String name) {
- if (Thread.currentThread() != null) {
- // If parent is null we must throw NullPointerException, but that
- // will be done "for free" with the message send below
- parent.checkAccess();
+ if (parent == null) {
+ throw new NullPointerException("parent == null");
}
-
this.name = name;
this.parent = parent;
if (parent != null) {
@@ -212,16 +204,9 @@
}
/**
- * Checks the accessibility of this {@code ThreadGroup} from the perspective of the
- * caller. If there is a {@code SecurityManager} installed, calls
- * {@code checkAccess} with this thread group as a parameter, otherwise does
- * nothing.
+ * Does nothing.
*/
public final void checkAccess() {
- SecurityManager currentManager = System.getSecurityManager();
- if (currentManager != null) {
- currentManager.checkAccess(this);
- }
}
/**
@@ -233,12 +218,8 @@
* @throws IllegalThreadStateException if this thread group or any of its
* subgroups has been destroyed already or if it still contains
* threads.
- * @throws SecurityException if {@code this.checkAccess()} fails with
- * a SecurityException
*/
public final void destroy() {
- checkAccess();
-
synchronized (threadRefs) {
synchronized (groups) {
if (isDestroyed) {
@@ -373,8 +354,6 @@
*/
private int enumerateGeneric(Object[] enumeration, boolean recurse, int enumerationIndex,
boolean enumeratingThreads) {
- checkAccess();
-
if (enumeratingThreads) {
synchronized (threadRefs) {
// walk the references directly so we can iterate in reverse order
@@ -440,9 +419,6 @@
* @return the parent
*/
public final ThreadGroup getParent() {
- if (parent != null) {
- parent.checkAccess();
- }
return parent;
}
@@ -450,13 +426,9 @@
* Interrupts every {@code Thread} in this group and recursively in all its
* subgroups.
*
- * @throws SecurityException if {@code this.checkAccess()} fails with
- * a SecurityException
- *
* @see Thread#interrupt
*/
public final void interrupt() {
- checkAccess();
synchronized (threadRefs) {
for (Thread thread : threads) {
thread.interrupt();
@@ -597,9 +569,6 @@
* Resumes every thread in this group and recursively in all its
* subgroups.
*
- * @throws SecurityException if {@code this.checkAccess()} fails with
- * a SecurityException
- *
* @see Thread#resume
* @see #suspend
*
@@ -608,7 +577,6 @@
@SuppressWarnings("deprecation")
@Deprecated
public final void resume() {
- checkAccess();
synchronized (threadRefs) {
for (Thread thread : threads) {
thread.resume();
@@ -626,14 +594,10 @@
* thread groups are automatically destroyed when they become empty.
*
* @param isDaemon the new value
- * @throws SecurityException if {@code checkAccess()} for the parent
- * group fails with a SecurityException
- *
* @see #isDaemon
* @see #destroy
*/
public final void setDaemon(boolean isDaemon) {
- checkAccess();
this.isDaemon = isDaemon;
}
@@ -647,16 +611,12 @@
*
* @param newMax the new maximum priority to be set
*
- * @throws SecurityException if {@code checkAccess()} fails with a
- * SecurityException
* @throws IllegalArgumentException if the new priority is greater than
* Thread.MAX_PRIORITY or less than Thread.MIN_PRIORITY
*
* @see #getMaxPriority
*/
public final void setMaxPriority(int newMax) {
- checkAccess();
-
if (newMax <= this.maxPriority) {
if (newMax < Thread.MIN_PRIORITY) {
newMax = Thread.MIN_PRIORITY;
@@ -675,9 +635,6 @@
/**
* Stops every thread in this group and recursively in all its subgroups.
*
- * @throws SecurityException if {@code this.checkAccess()} fails with
- * a SecurityException
- *
* @see Thread#stop()
* @see Thread#stop(Throwable)
* @see ThreadDeath
@@ -694,8 +651,6 @@
@SuppressWarnings("deprecation")
private boolean stopHelper() {
- checkAccess();
-
boolean stopCurrent = false;
synchronized (threadRefs) {
Thread current = Thread.currentThread();
@@ -719,9 +674,6 @@
* Suspends every thread in this group and recursively in all its
* subgroups.
*
- * @throws SecurityException if {@code this.checkAccess()} fails with
- * a SecurityException
- *
* @see Thread#suspend
* @see #resume
*
@@ -737,8 +689,6 @@
@SuppressWarnings("deprecation")
private boolean suspendHelper() {
- checkAccess();
-
boolean suspendCurrent = false;
synchronized (threadRefs) {
Thread current = Thread.currentThread();
diff --git a/luni/src/main/java/java/lang/reflect/AccessibleObject.java b/luni/src/main/java/java/lang/reflect/AccessibleObject.java
index 83763a2..0897b08 100644
--- a/luni/src/main/java/java/lang/reflect/AccessibleObject.java
+++ b/luni/src/main/java/java/lang/reflect/AccessibleObject.java
@@ -102,19 +102,11 @@
* @param flag
* the new value for the accessible flag
*
- * @throws SecurityException
- * if the request is denied
- *
* @see #setAccessible(boolean)
* @see ReflectPermission
*/
public static void setAccessible(AccessibleObject[] objects, boolean flag)
throws SecurityException {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkPermission(new ReflectPermission("suppressAccessChecks"));
- }
-
synchronized(AccessibleObject.class) {
for (int i = 0; i < objects.length; i++) {
objects[i].flag = flag;
@@ -151,17 +143,9 @@
* @param flag
* the new value for the accessible flag
*
- * @throws SecurityException
- * if the request is denied
- *
* @see ReflectPermission
*/
public void setAccessible(boolean flag) throws SecurityException {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkPermission(new ReflectPermission("suppressAccessChecks"));
- }
-
this.flag = flag;
}
diff --git a/luni/src/main/java/java/lang/reflect/Member.java b/luni/src/main/java/java/lang/reflect/Member.java
index 0600588..a43ac6e 100644
--- a/luni/src/main/java/java/lang/reflect/Member.java
+++ b/luni/src/main/java/java/lang/reflect/Member.java
@@ -29,16 +29,12 @@
/**
* Designates all public members of a class or interface (including
* inherited members).
- *
- * @see java.lang.SecurityManager#checkMemberAccess
*/
public static final int PUBLIC = 0;
/**
* Designates all declared members of a class or interface (without
* inherited members).
- *
- * @see java.lang.SecurityManager#checkMemberAccess
*/
public static final int DECLARED = 1;
diff --git a/luni/src/main/java/java/net/AddressCache.java b/luni/src/main/java/java/net/AddressCache.java
index cbde9a4..3b0ded2 100644
--- a/luni/src/main/java/java/net/AddressCache.java
+++ b/luni/src/main/java/java/net/AddressCache.java
@@ -16,10 +16,8 @@
package java.net;
-import java.security.AccessController;
import java.util.LinkedHashMap;
import java.util.Map;
-import org.apache.harmony.luni.util.PriviAction;
/**
* Implements caching for {@code InetAddress}. We use a unified cache for both positive and negative
@@ -126,15 +124,7 @@
// Calculate the expiry time.
String propertyName = isPositive ? "networkaddress.cache.ttl" : "networkaddress.cache.negative.ttl";
long defaultTtlNanos = isPositive ? DEFAULT_POSITIVE_TTL_NANOS : DEFAULT_NEGATIVE_TTL_NANOS;
- // Fast-path the default case...
long expiryNanos = System.nanoTime() + defaultTtlNanos;
- if (System.getSecurityManager() != null || System.getProperty(propertyName, null) != null) {
- // ...and let those using a SecurityManager or custom properties pay full price.
- expiryNanos = customTtl(propertyName, defaultTtlNanos);
- if (expiryNanos == Long.MIN_VALUE) {
- return;
- }
- }
// Update the cache.
synchronized (map) {
map.put(hostname, new AddressCacheEntry(value, expiryNanos));
@@ -150,7 +140,7 @@
}
private long customTtl(String propertyName, long defaultTtlNanos) {
- String ttlString = AccessController.doPrivileged(new PriviAction<String>(propertyName, null));
+ String ttlString = System.getProperty(propertyName, null);
if (ttlString == null) {
return System.nanoTime() + defaultTtlNanos;
}
diff --git a/luni/src/main/java/java/net/Authenticator.java b/luni/src/main/java/java/net/Authenticator.java
index 3b5fd8c..4a06729 100644
--- a/luni/src/main/java/java/net/Authenticator.java
+++ b/luni/src/main/java/java/net/Authenticator.java
@@ -134,17 +134,10 @@
* realm of the connection that requests authentication.
* @param rScheme
* scheme of the connection that requests authentication.
- * @throws SecurityException
- * if a security manager denies the password authentication
- * permission.
*/
public static synchronized PasswordAuthentication requestPasswordAuthentication(
InetAddress rAddr, int rPort, String rProtocol, String rPrompt,
String rScheme) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(requestPasswordAuthenticationPermission);
- }
if (thisAuthenticator == null) {
return null;
}
@@ -170,15 +163,8 @@
*
* @param a
* authenticator which has to be set as default.
- * @throws SecurityException
- * if a security manager denies the password authentication
- * permission.
*/
public static void setDefault(Authenticator a) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(setDefaultAuthenticatorPermission);
- }
thisAuthenticator = a;
}
@@ -201,17 +187,10 @@
* realm of the connection that requests authentication.
* @param rScheme
* scheme of the connection that requests authentication.
- * @throws SecurityException
- * if a security manager denies the password authentication
- * permission.
*/
public static synchronized PasswordAuthentication requestPasswordAuthentication(
String rHost, InetAddress rAddr, int rPort, String rProtocol,
String rPrompt, String rScheme) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(requestPasswordAuthenticationPermission);
- }
if (thisAuthenticator == null) {
return null;
}
@@ -263,18 +242,11 @@
* url of the connection that requests authentication.
* @param reqType
* requestor type of the connection that requests authentication.
- * @throws SecurityException
- * if a security manager denies the password authentication
- * permission.
*/
public static PasswordAuthentication requestPasswordAuthentication(
String rHost, InetAddress rAddr, int rPort, String rProtocol,
String rPrompt, String rScheme, URL rURL,
Authenticator.RequestorType reqType) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(requestPasswordAuthenticationPermission);
- }
if (thisAuthenticator == null) {
return null;
}
diff --git a/luni/src/main/java/java/net/CookieHandler.java b/luni/src/main/java/java/net/CookieHandler.java
index 918c34a..8063ace 100644
--- a/luni/src/main/java/java/net/CookieHandler.java
+++ b/luni/src/main/java/java/net/CookieHandler.java
@@ -27,36 +27,17 @@
private static CookieHandler systemWideCookieHandler;
- private final static NetPermission getCookieHandlerPermission = new NetPermission(
- "getCookieHandler");
-
- private final static NetPermission setCookieHandlerPermission = new NetPermission(
- "setCookieHandler");
-
/**
* Returns the system-wide cookie handler or {@code null} if not set.
- *
- * @return the system-wide cookie handler.
*/
public static CookieHandler getDefault() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(getCookieHandlerPermission);
- }
return systemWideCookieHandler;
}
/**
* Sets the system-wide cookie handler.
- *
- * @param cHandler
- * a cookie handler to set as the system-wide default handler.
*/
public static void setDefault(CookieHandler cHandler) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(setCookieHandlerPermission);
- }
systemWideCookieHandler = cHandler;
}
diff --git a/luni/src/main/java/java/net/DatagramSocket.java b/luni/src/main/java/java/net/DatagramSocket.java
index a3900ba..395c353 100644
--- a/luni/src/main/java/java/net/DatagramSocket.java
+++ b/luni/src/main/java/java/net/DatagramSocket.java
@@ -92,22 +92,10 @@
createSocket(aPort, (addr == null) ? Inet4Address.ANY : addr);
}
- /**
- * Sends prior to attempting to bind the socket, checks whether the port is
- * within the valid port range and verifies with the security manager that
- * the port may be bound by the current context.
- *
- * @param aPort
- * the port on the localhost that is to be bound.
- */
- void checkListen(int aPort) {
+ private void checkListen(int aPort) {
if (aPort < 0 || aPort > 65535) {
throw new IllegalArgumentException("Port out of range: " + aPort);
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkListen(aPort);
- }
}
/**
@@ -147,15 +135,6 @@
// Ignored
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- if (anAddress.isMulticastAddress()) {
- security.checkMulticast(anAddress);
- } else {
- security.checkConnect(anAddress.getHostName(), aPort);
- }
- }
-
try {
impl.connect(anAddress, aPort);
} catch (SocketException e) {
@@ -220,16 +199,7 @@
if (!isBound()) {
return Inet4Address.ANY;
}
- InetAddress anAddr = impl.getLocalAddress();
- try {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkConnect(anAddr.getHostName(), -1);
- }
- } catch (SecurityException e) {
- return Inet4Address.ANY;
- }
- return anAddr;
+ return impl.getLocalAddress();
}
/**
@@ -307,9 +277,7 @@
* pack}. All fields of {@code pack} must be set according to the data
* received. If the received data is longer than the packet buffer size it
* is truncated. This method blocks until a packet is received or a timeout
- * has expired. If a security manager exists, its {@code checkAccept} method
- * determines whether or not a packet is discarded. Any packets from
- * unacceptable origins are silently discarded.
+ * has expired.
*
* @param pack
* the {@code DatagramPacket} to store the received data.
@@ -326,11 +294,8 @@
// means that we have received the packet into the temporary buffer
boolean copy = false;
- SecurityManager security = System.getSecurityManager();
-
- if (address != null || security != null) {
- // The socket is connected or we need to check security permissions
-
+ if (address != null) {
+ // The socket is connected.
// Check pack before peeking
if (pack == null) {
throw new NullPointerException();
@@ -361,21 +326,7 @@
}
}
- if (address == null) {
- // if we are not connected let's check if we are allowed to
- // receive packets from sender's address and port
- try {
- security.checkAccept(senderAddr.getHostName(),
- senderPort);
- // address & port are valid
- break;
- } catch (SecurityException e) {
- if (!copy) {
- // drop this packet and continue
- impl.receive(tempPack);
- }
- }
- } else if (port == senderPort && address.equals(senderAddr)) {
+ if (port == senderPort && address.equals(senderAddr)) {
// we are connected and the packet came
// from the address & port we are connected to
break;
@@ -387,8 +338,8 @@
}
if (copy) {
- System.arraycopy(tempPack.getData(), 0, pack.getData(), pack
- .getOffset(), tempPack.getLength());
+ System.arraycopy(tempPack.getData(), 0, pack.getData(), pack.getOffset(),
+ tempPack.getLength());
// we shouldn't update the pack's capacity field in order to be
// compatible with RI
pack.setLengthOnly(tempPack.getLength());
@@ -403,10 +354,7 @@
}
/**
- * Sends a packet over this socket. The packet must satisfy the security
- * policy before it may be sent. If a security manager is installed, this
- * method checks whether it is allowed to send this packet to the specified
- * address.
+ * Sends a packet over this socket.
*
* @param pack
* the {@code DatagramPacket} which has to be sent.
@@ -431,14 +379,6 @@
if (packAddr == null) {
throw new NullPointerException("Destination address is null");
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- if (packAddr.isMulticastAddress()) {
- security.checkMulticast(packAddr);
- } else {
- security.checkConnect(packAddr.getHostName(), pack.getPort());
- }
- }
}
impl.send(pack);
}
@@ -521,10 +461,7 @@
/**
* Sets the socket implementation factory. This may only be invoked once
* over the lifetime of the application. This factory is used to create
- * a new datagram socket implementation. If a security manager is set its
- * method {@code checkSetFactory()} is called to check if the operation is
- * allowed. A {@code SecurityException} is thrown if the operation is not
- * allowed.
+ * a new datagram socket implementation.
*
* @param fac
* the socket factory to use.
@@ -532,12 +469,8 @@
* if the factory has already been set.
* @see DatagramSocketImplFactory
*/
- public static synchronized void setDatagramSocketImplFactory(
- DatagramSocketImplFactory fac) throws IOException {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkSetFactory();
- }
+ public static synchronized void setDatagramSocketImplFactory(DatagramSocketImplFactory fac)
+ throws IOException {
if (factory != null) {
throw new SocketException("Factory already set");
}
@@ -669,16 +602,6 @@
// make sure the socket is open
checkClosedAndBind(true);
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- if (inetAddr.getAddress().isMulticastAddress()) {
- security.checkMulticast(inetAddr.getAddress());
- } else {
- security.checkConnect(inetAddr.getAddress().getHostName(),
- inetAddr.getPort());
- }
- }
-
// now try to do the connection at the native level. To be
// compatible for the case when the address is inaddr_any we just
// eat the exception an act as if we are connected at the java level
diff --git a/luni/src/main/java/java/net/HttpURLConnection.java b/luni/src/main/java/java/net/HttpURLConnection.java
index 8e33d51..2cd4556 100644
--- a/luni/src/main/java/java/net/HttpURLConnection.java
+++ b/luni/src/main/java/java/net/HttpURLConnection.java
@@ -606,13 +606,8 @@
*
* @param auto
* the value to enable or disable this option.
- * @see SecurityManager#checkSetFactory()
*/
public static void setFollowRedirects(boolean auto) {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkSetFactory();
- }
followRedirects = auto;
}
diff --git a/luni/src/main/java/java/net/InetAddress.java b/luni/src/main/java/java/net/InetAddress.java
index bc414c7..69e9825 100644
--- a/luni/src/main/java/java/net/InetAddress.java
+++ b/luni/src/main/java/java/net/InetAddress.java
@@ -26,7 +26,6 @@
import java.io.ObjectStreamField;
import java.io.Serializable;
import java.nio.ByteOrder;
-import java.security.AccessController;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
@@ -34,7 +33,6 @@
import java.util.List;
import org.apache.harmony.luni.platform.OSMemory;
import org.apache.harmony.luni.platform.Platform;
-import org.apache.harmony.luni.util.PriviAction;
/**
* An Internet Protocol (IP) address. This can be either an IPv4 address or an IPv6 address, and
@@ -273,11 +271,6 @@
return new InetAddress[] { makeInetAddress(bytes, null) };
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkConnect(host, -1);
- }
-
return lookupHostByName(host);
}
@@ -296,8 +289,7 @@
static native byte[] ipStringToByteArray(String address);
static boolean preferIPv6Addresses() {
- String propertyName = "java.net.preferIPv6Addresses";
- String propertyValue = AccessController.doPrivileged(new PriviAction<String>(propertyName));
+ String propertyValue = System.getProperty("java.net.preferIPv6Addresses");
return Boolean.parseBoolean(propertyValue);
}
@@ -353,15 +345,6 @@
} catch (UnknownHostException e) {
return hostName = byteArrayToIpString(ipaddress);
}
- SecurityManager security = System.getSecurityManager();
- try {
- // Only check host names, not addresses
- if (security != null && !isNumeric(hostName)) {
- security.checkConnect(hostName, -1);
- }
- } catch (SecurityException e) {
- return byteArrayToIpString(ipaddress);
- }
return hostName;
}
@@ -387,15 +370,6 @@
} catch (UnknownHostException e) {
return byteArrayToIpString(ipaddress);
}
- SecurityManager security = System.getSecurityManager();
- try {
- // Only check host names, not addresses
- if (security != null && !isNumeric(canonicalName)) {
- security.checkConnect(canonicalName, -1);
- }
- } catch (SecurityException e) {
- return byteArrayToIpString(ipaddress);
- }
return canonicalName;
}
@@ -438,14 +412,6 @@
*/
public static InetAddress getLocalHost() throws UnknownHostException {
String host = gethostname();
- SecurityManager security = System.getSecurityManager();
- try {
- if (security != null) {
- security.checkConnect(host, -1);
- }
- } catch (SecurityException e) {
- return Inet4Address.LOOPBACK;
- }
return lookupHostByName(host)[0];
}
private static native String gethostname();
@@ -529,17 +495,11 @@
*/
private static native String getnameinfo(byte[] addr);
- static String getHostNameInternal(String host, boolean isCheck) throws UnknownHostException {
+ static String getHostNameInternal(String host) throws UnknownHostException {
if (host == null || host.isEmpty()) {
return Inet4Address.LOOPBACK.getHostAddress();
}
if (!isNumeric(host)) {
- if (isCheck) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkConnect(host, -1);
- }
- }
return lookupHostByName(host)[0].getHostAddress();
}
return host;
diff --git a/luni/src/main/java/java/net/InetSocketAddress.java b/luni/src/main/java/java/net/InetSocketAddress.java
index f9f973b..31b369f 100644
--- a/luni/src/main/java/java/net/InetSocketAddress.java
+++ b/luni/src/main/java/java/net/InetSocketAddress.java
@@ -75,10 +75,6 @@
* the specified port number to which this socket is bound.
* @param host
* the specified hostname to which this socket is bound.
- * @throws SecurityException
- * if a {@link SecurityManager} is installed and its {@code
- * checkConnect()} method does not allow the resolving of the
- * host name.
*/
public InetSocketAddress(String host, int port) {
this(host, port, true);
@@ -95,10 +91,6 @@
InetAddress addr = null;
if (needResolved) {
- SecurityManager smgr = System.getSecurityManager();
- if (smgr != null) {
- smgr.checkConnect(hostname, port);
- }
try {
addr = InetAddress.getByName(hostname);
hostname = null;
diff --git a/luni/src/main/java/java/net/MulticastSocket.java b/luni/src/main/java/java/net/MulticastSocket.java
index 4f6f2f4..8064e06 100644
--- a/luni/src/main/java/java/net/MulticastSocket.java
+++ b/luni/src/main/java/java/net/MulticastSocket.java
@@ -202,8 +202,6 @@
* received.
* @throws IOException
* if the specified address is not a multicast address.
- * @throws SecurityException
- * if the caller is not authorized to join the group.
* @throws IllegalArgumentException
* if no multicast group is specified.
* @since 1.4
@@ -222,8 +220,6 @@
* if {@code groupAddr} is {@code null}.
* @throws IOException
* if the specified group address is not a multicast address.
- * @throws SecurityException
- * if the caller is not authorized to leave the group.
*/
public void leaveGroup(InetAddress groupAddr) throws IOException {
checkJoinOrLeave(groupAddr);
@@ -240,8 +236,6 @@
* dropped.
* @throws IOException
* if the specified group address is not a multicast address.
- * @throws SecurityException
- * if the caller is not authorized to leave the group.
* @throws IllegalArgumentException
* if {@code groupAddress} is {@code null}.
* @since 1.4
@@ -274,10 +268,6 @@
if (!groupAddr.isMulticastAddress()) {
throw new IOException("Not a multicast group: " + groupAddr);
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkMulticast(groupAddr);
- }
}
private void checkJoinOrLeave(InetAddress groupAddr) throws IOException {
@@ -285,10 +275,6 @@
if (!groupAddr.isMulticastAddress()) {
throw new IOException("Not a multicast group: " + groupAddr);
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkMulticast(groupAddr);
- }
}
/**
@@ -308,14 +294,6 @@
public void send(DatagramPacket pack, byte ttl) throws IOException {
checkClosedAndBind(false);
InetAddress packAddr = pack.getAddress();
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- if (packAddr.isMulticastAddress()) {
- security.checkMulticast(packAddr, ttl);
- } else {
- security.checkConnect(packAddr.getHostName(), pack.getPort());
- }
- }
int currTTL = getTimeToLive();
if (packAddr.isMulticastAddress() && (byte) currTTL != ttl) {
try {
diff --git a/luni/src/main/java/java/net/NetPermission.java b/luni/src/main/java/java/net/NetPermission.java
index cb8bcdd..e12a3bf 100644
--- a/luni/src/main/java/java/net/NetPermission.java
+++ b/luni/src/main/java/java/net/NetPermission.java
@@ -33,7 +33,6 @@
* </dl>
*
* @see java.security.BasicPermission
- * @see SecurityManager
*/
public final class NetPermission extends java.security.BasicPermission {
diff --git a/luni/src/main/java/java/net/NetworkInterface.java b/luni/src/main/java/java/net/NetworkInterface.java
index c5675b3..1a2546f 100644
--- a/luni/src/main/java/java/net/NetworkInterface.java
+++ b/luni/src/main/java/java/net/NetworkInterface.java
@@ -139,21 +139,7 @@
* @return the address list of the represented network interface.
*/
public Enumeration<InetAddress> getInetAddresses() {
- SecurityManager sm = System.getSecurityManager();
- if (sm == null || addresses.isEmpty()) {
- return Collections.enumeration(addresses);
- }
- // TODO: Android should ditch SecurityManager and the associated pollution.
- List<InetAddress> result = new ArrayList<InetAddress>(addresses.size());
- for (InetAddress address : addresses) {
- try {
- sm.checkConnect(address.getHostName(), CHECK_CONNECT_NO_PORT);
- } catch (SecurityException e) {
- continue;
- }
- result.add(address);
- }
- return Collections.enumeration(result);
+ return Collections.enumeration(addresses);
}
/**
@@ -350,31 +336,11 @@
}
/**
- * Returns a List the InterfaceAddresses for this network interface.
- * <p>
- * If there is a security manager, its checkConnect method is called with
- * the InetAddress for each InterfaceAddress. Only InterfaceAddresses where
- * the checkConnect doesn't throw a SecurityException will be returned.
- *
- * @return a List of the InterfaceAddresses for this network interface.
+ * Returns a List of the InterfaceAddresses for this network interface.
* @since 1.6
*/
public List<InterfaceAddress> getInterfaceAddresses() {
- SecurityManager sm = System.getSecurityManager();
- if (sm == null) {
- return Collections.unmodifiableList(interfaceAddresses);
- }
- // TODO: Android should ditch SecurityManager and the associated pollution.
- List<InterfaceAddress> result = new ArrayList<InterfaceAddress>(interfaceAddresses.size());
- for (InterfaceAddress ia : interfaceAddresses) {
- try {
- sm.checkConnect(ia.getAddress().getHostName(), CHECK_CONNECT_NO_PORT);
- } catch (SecurityException e) {
- continue;
- }
- result.add(ia);
- }
- return result;
+ return Collections.unmodifiableList(interfaceAddresses);
}
/**
diff --git a/luni/src/main/java/java/net/ProxySelector.java b/luni/src/main/java/java/net/ProxySelector.java
index 8455274..1166db7 100644
--- a/luni/src/main/java/java/net/ProxySelector.java
+++ b/luni/src/main/java/java/net/ProxySelector.java
@@ -93,37 +93,18 @@
private static ProxySelector defaultSelector = new ProxySelectorImpl();
- private final static NetPermission getProxySelectorPermission
- = new NetPermission("getProxySelector");
- private final static NetPermission setProxySelectorPermission
- = new NetPermission("setProxySelector");
-
/**
* Returns the default proxy selector, or null if none exists.
- *
- * @throws SecurityException if a security manager is installed but it
- * doesn't have the NetPermission("getProxySelector").
*/
public static ProxySelector getDefault() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(getProxySelectorPermission);
- }
return defaultSelector;
}
/**
* Sets the default proxy selector. If {@code selector} is null, the current
* proxy selector will be removed.
- *
- * @throws SecurityException if a security manager is installed but it
- * doesn't have the NetPermission("setProxySelector").
*/
public static void setDefault(ProxySelector selector) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(setProxySelectorPermission);
- }
defaultSelector = selector;
}
diff --git a/luni/src/main/java/java/net/ResponseCache.java b/luni/src/main/java/java/net/ResponseCache.java
index 5eeb551..cbb4f0f 100644
--- a/luni/src/main/java/java/net/ResponseCache.java
+++ b/luni/src/main/java/java/net/ResponseCache.java
@@ -35,10 +35,6 @@
* Returns the system's default response cache, or null.
*/
public static ResponseCache getDefault() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new NetPermission("getResponseCache"));
- }
return defaultResponseCache;
}
@@ -46,10 +42,6 @@
* Sets the system's default response cache. Use null to remove the response cache.
*/
public static void setDefault(ResponseCache responseCache) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new NetPermission("setResponseCache"));
- }
defaultResponseCache = responseCache;
}
diff --git a/luni/src/main/java/java/net/ServerSocket.java b/luni/src/main/java/java/net/ServerSocket.java
index 24aab75..9683b70 100644
--- a/luni/src/main/java/java/net/ServerSocket.java
+++ b/luni/src/main/java/java/net/ServerSocket.java
@@ -148,9 +148,6 @@
Socket aSocket = new Socket();
try {
implAccept(aSocket);
- } catch (SecurityException e) {
- aSocket.close();
- throw e;
} catch (IOException e) {
aSocket.close();
throw e;
@@ -158,22 +155,10 @@
return aSocket;
}
- /**
- * Checks whether the server may listen for connection requests on {@code
- * aport}. Throws an exception if the port is outside the valid range
- * {@code 0 <= aport <= 65535 }or does not satisfy the security policy.
- *
- * @param aPort
- * the candidate port to listen on.
- */
- void checkListen(int aPort) {
+ private void checkListen(int aPort) {
if (aPort < 0 || aPort > 65535) {
throw new IllegalArgumentException("Port out of range: " + aPort);
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkListen(aPort);
- }
}
/**
@@ -264,11 +249,6 @@
impl.accept(aSocket.impl);
aSocket.accepted();
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkAccept(aSocket.getInetAddress().getHostAddress(),
- aSocket.getPort());
- }
}
/**
@@ -284,10 +264,6 @@
*/
public static synchronized void setSocketFactory(SocketImplFactory aFactory)
throws IOException {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkSetFactory();
- }
if (factory != null) {
throw new SocketException("Factory already set");
}
@@ -384,10 +360,6 @@
}
port = inetAddr.getPort();
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkListen(port);
- }
synchronized (this) {
try {
diff --git a/luni/src/main/java/java/net/Socket.java b/luni/src/main/java/java/net/Socket.java
index bf79f4a..d55ed36 100644
--- a/luni/src/main/java/java/net/Socket.java
+++ b/luni/src/main/java/java/net/Socket.java
@@ -73,9 +73,6 @@
* @throws IllegalArgumentException
* if the argument {@code proxy} is {@code null} or of an
* invalid type.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given proxy.
* @see SocketImplFactory
* @see SocketImpl
*/
@@ -94,7 +91,6 @@
host = address.getHostName();
}
int port = address.getPort();
- checkConnectPermission(host, port);
}
this.impl = factory != null ? factory.createSocketImpl() : new PlainSocketImpl(proxy);
}
@@ -117,9 +113,6 @@
* if the host name could not be resolved into an IP address.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
*/
private void tryAllAddresses(String dstName, int dstPort, InetAddress
localAddress, int localPort, boolean streaming) throws IOException {
@@ -134,8 +127,7 @@
checkDestination(dstAddress, dstPort);
startupSocket(dstAddress, dstPort, localAddress, localPort, streaming);
return;
- } catch (SecurityException e1) {
- } catch (IOException e2) {
+ } catch (IOException ex) {
}
}
@@ -163,9 +155,6 @@
* if the host name could not be resolved into an IP address.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
*/
public Socket(String dstName, int dstPort) throws UnknownHostException, IOException {
this(dstName, dstPort, null, 0);
@@ -195,9 +184,6 @@
* if the host name could not be resolved into an IP address.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
*/
public Socket(String dstName, int dstPort, InetAddress localAddress, int localPort) throws IOException {
this();
@@ -224,9 +210,6 @@
* if the host name could not be resolved into an IP address.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
* @deprecated Use {@code Socket(String, int)} instead of this for streaming
* sockets or an appropriate constructor of {@code
* DatagramSocket} for UDP transport.
@@ -248,9 +231,6 @@
* the port on the target host to connect to.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
*/
public Socket(InetAddress dstAddress, int dstPort) throws IOException {
this();
@@ -274,9 +254,6 @@
* the port on the local host to bind to.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
*/
public Socket(InetAddress dstAddress, int dstPort,
InetAddress localAddress, int localPort) throws IOException {
@@ -299,9 +276,6 @@
* socket otherwise.
* @throws IOException
* if an error occurs while creating the socket.
- * @throws SecurityException
- * if a security manager exists and it denies the permission to
- * connect to the given address and port.
* @deprecated Use {@code Socket(InetAddress, int)} instead of this for
* streaming sockets or an appropriate constructor of {@code
* DatagramSocket} for UDP transport.
@@ -339,22 +313,6 @@
if (dstPort < 0 || dstPort > 65535) {
throw new IllegalArgumentException("Port out of range: " + dstPort);
}
- checkConnectPermission(destAddr.getHostAddress(), dstPort);
- }
-
- /**
- * Checks whether the connection destination satisfies the security policy.
- *
- * @param hostname
- * the destination hostname.
- * @param dstPort
- * the port on the destination host.
- */
- private void checkConnectPermission(String hostname, int dstPort) {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkConnect(hostname, dstPort);
- }
}
/**
@@ -559,10 +517,6 @@
*/
public static synchronized void setSocketImplFactory(SocketImplFactory fac)
throws IOException {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkSetFactory();
- }
if (factory != null) {
throw new SocketException("Factory already set");
}
diff --git a/luni/src/main/java/java/net/SocketPermission.java b/luni/src/main/java/java/net/SocketPermission.java
index 977e310..07dce9f 100644
--- a/luni/src/main/java/java/net/SocketPermission.java
+++ b/luni/src/main/java/java/net/SocketPermission.java
@@ -376,7 +376,7 @@
private String getIPString(boolean isCheck) {
if (!resolved) {
try {
- ipString = InetAddress.getHostNameInternal(hostName, isCheck);
+ ipString = InetAddress.getHostNameInternal(hostName);
} catch (UnknownHostException e) {
// ignore
}
diff --git a/luni/src/main/java/java/net/URL.java b/luni/src/main/java/java/net/URL.java
index 87ea203..776ad65 100644
--- a/luni/src/main/java/java/net/URL.java
+++ b/luni/src/main/java/java/net/URL.java
@@ -20,11 +20,9 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectOutputStream;
-import java.security.AccessController;
import java.util.Hashtable;
import java.util.Locale;
import java.util.StringTokenizer;
-import org.apache.harmony.luni.util.PriviAction;
/**
* A URL instance specifies the location of a resource on the internet as
@@ -136,10 +134,6 @@
if (streamHandlerFactory != null) {
throw new Error("Factory already set");
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSetFactory();
- }
streamHandlers.clear();
streamHandlerFactory = streamFactory;
}
@@ -195,13 +189,8 @@
* if the given string {@code spec} could not be parsed as a URL
* or an invalid protocol has been found.
*/
- public URL(URL context, String spec, URLStreamHandler handler)
- throws MalformedURLException {
+ public URL(URL context, String spec, URLStreamHandler handler) throws MalformedURLException {
if (handler != null) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(specifyStreamHandlerPermission);
- }
strmHandler = handler;
}
@@ -366,10 +355,6 @@
* @throws MalformedURLException
* if the combination of all arguments do not represent a valid
* URL or the protocol is invalid.
- * @throws SecurityException
- * if {@code handler} is non-{@code null}, and a security
- * manager is installed that disallows user-defined protocol
- * handlers.
*/
public URL(String protocol, String host, int port, String file,
URLStreamHandler handler) throws MalformedURLException {
@@ -410,10 +395,6 @@
throw new MalformedURLException("Unknown protocol: " + protocol);
}
} else {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(specifyStreamHandlerPermission);
- }
strmHandler = handler;
}
}
@@ -556,9 +537,7 @@
// Check if there is a list of packages which can provide handlers.
// If so, then walk this list looking for an applicable one.
- String packageList = AccessController
- .doPrivileged(new PriviAction<String>(
- "java.protocol.handler.pkgs"));
+ String packageList = System.getProperty("java.protocol.handler.pkgs");
if (packageList != null) {
StringTokenizer st = new StringTokenizer(packageList, "|");
while (st.hasMoreTokens()) {
@@ -678,9 +657,6 @@
* connection to this URL.
* @throws IOException
* if an I/O error occurs while opening the connection.
- * @throws SecurityException
- * if a security manager is installed and it denies to connect
- * to the proxy.
* @throws IllegalArgumentException
* if the argument proxy is {@code null} or is an invalid type.
* @throws UnsupportedOperationException
@@ -691,15 +667,6 @@
if (proxy == null) {
throw new IllegalArgumentException("proxy == null");
}
-
- SecurityManager sm = System.getSecurityManager();
- if (sm != null && proxy.type() != Proxy.Type.DIRECT) {
- InetSocketAddress pAddress = (InetSocketAddress) proxy.address();
- String pHostName = pAddress.isUnresolved() ? pAddress.getHostName()
- : pAddress.getAddress().getHostAddress();
- sm.checkConnect(pHostName, pAddress.getPort());
- }
-
return strmHandler.openConnection(this, proxy);
}
diff --git a/luni/src/main/java/java/net/URLClassLoader.java b/luni/src/main/java/java/net/URLClassLoader.java
index 6929834..797344a 100644
--- a/luni/src/main/java/java/net/URLClassLoader.java
+++ b/luni/src/main/java/java/net/URLClassLoader.java
@@ -27,11 +27,8 @@
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
-import java.security.AccessControlContext;
-import java.security.AccessController;
import java.security.CodeSource;
import java.security.PermissionCollection;
-import java.security.PrivilegedAction;
import java.security.SecureClassLoader;
import java.security.cert.Certificate;
import java.util.ArrayList;
@@ -63,53 +60,6 @@
private URLStreamHandlerFactory factory;
- private AccessControlContext currentContext;
-
- static class SubURLClassLoader extends URLClassLoader {
- // The subclass that overwrites the loadClass() method
- private boolean checkingPackageAccess = false;
-
- SubURLClassLoader(URL[] urls) {
- super(urls, ClassLoader.getSystemClassLoader());
- }
-
- SubURLClassLoader(URL[] urls, ClassLoader parent) {
- super(urls, parent);
- }
-
- /**
- * Overrides the {@code loadClass()} of {@code ClassLoader}. It calls
- * the security manager's {@code checkPackageAccess()} before
- * attempting to load the class.
- *
- * @return the Class object.
- * @param className
- * String the name of the class to search for.
- * @param resolveClass
- * boolean indicates if class should be resolved after
- * loading.
- * @throws ClassNotFoundException
- * If the class could not be found.
- */
- @Override
- protected synchronized Class<?> loadClass(String className,
- boolean resolveClass) throws ClassNotFoundException {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null && !checkingPackageAccess) {
- int index = className.lastIndexOf('.');
- if (index > 0) { // skip if class is from a default package
- try {
- checkingPackageAccess = true;
- sm.checkPackageAccess(className.substring(0, index));
- } finally {
- checkingPackageAccess = false;
- }
- }
- }
- return super.loadClass(className, resolveClass);
- }
- }
-
static class IndexFile {
private HashMap<String, ArrayList<URL>> map;
@@ -590,10 +540,6 @@
* @param urls
* the list of URLs where a specific class or file could be
* found.
- * @throws SecurityException
- * if a security manager exists and its {@code
- * checkCreateClassLoader()} method doesn't allow creation of
- * new ClassLoaders.
*/
public URLClassLoader(URL[] urls) {
this(urls, ClassLoader.getSystemClassLoader(), null);
@@ -609,10 +555,6 @@
* found.
* @param parent
* the class loader to assign as this loader's parent.
- * @throws SecurityException
- * if a security manager exists and its {@code
- * checkCreateClassLoader()} method doesn't allow creation of
- * new class loaders.
*/
public URLClassLoader(URL[] urls, ClassLoader parent) {
this(urls, parent, null);
@@ -646,33 +588,7 @@
if (name == null) {
return null;
}
- ArrayList<URL> result = AccessController.doPrivileged(
- new PrivilegedAction<ArrayList<URL>>() {
- public ArrayList<URL> run() {
- ArrayList<URL> results = new ArrayList<URL>();
- findResourcesImpl(name, results);
- return results;
- }
- }, currentContext);
- SecurityManager sm;
- int length = result.size();
- if (length > 0 && (sm = System.getSecurityManager()) != null) {
- ArrayList<URL> reduced = new ArrayList<URL>(length);
- for (int i = 0; i < length; i++) {
- URL url = result.get(i);
- try {
- sm.checkPermission(url.openConnection().getPermission());
- reduced.add(url);
- } catch (IOException e) {
- } catch (SecurityException e) {
- }
- }
- result = reduced;
- }
- return Collections.enumeration(result);
- }
-
- void findResourcesImpl(String name, ArrayList<URL> result) {
+ ArrayList<URL> result = new ArrayList<URL>();
int n = 0;
while (true) {
URLHandler handler = getHandler(n++);
@@ -681,9 +597,9 @@
}
handler.findResources(name, result);
}
+ return Collections.enumeration(result);
}
-
/**
* Converts an input stream into a byte array.
*
@@ -691,8 +607,7 @@
* the input stream
* @return byte[] the byte array
*/
- private static byte[] getBytes(InputStream is)
- throws IOException {
+ private static byte[] getBytes(InputStream is) throws IOException {
byte[] buf = new byte[4096];
ByteArrayOutputStream bos = new ByteArrayOutputStream(4096);
int count;
@@ -771,49 +686,30 @@
/**
* Returns a new {@code URLClassLoader} instance for the given URLs and the
- * system {@code ClassLoader} as its parent. The method {@code loadClass()}
- * of the new instance will call {@code
- * SecurityManager.checkPackageAccess()} before loading a class.
+ * system {@code ClassLoader} as its parent.
*
* @param urls
* the list of URLs that is passed to the new {@code
- * URLClassloader}.
+ * URLClassLoader}.
* @return the created {@code URLClassLoader} instance.
*/
public static URLClassLoader newInstance(final URL[] urls) {
- URLClassLoader sub = AccessController
- .doPrivileged(new PrivilegedAction<URLClassLoader>() {
- public URLClassLoader run() {
- return new SubURLClassLoader(urls);
- }
- });
- sub.currentContext = AccessController.getContext();
- return sub;
+ return new URLClassLoader(urls, ClassLoader.getSystemClassLoader());
}
/**
* Returns a new {@code URLClassLoader} instance for the given URLs and the
- * specified {@code ClassLoader} as its parent. The method {@code
- * loadClass()} of the new instance will call the SecurityManager's {@code
- * checkPackageAccess()} before loading a class.
+ * specified {@code ClassLoader} as its parent.
*
* @param urls
- * the list of URLs that is passed to the new URLClassloader.
+ * the list of URLs that is passed to the new URLClassLoader.
* @param parentCl
* the parent class loader that is passed to the new
- * URLClassloader.
+ * URLClassLoader.
* @return the created {@code URLClassLoader} instance.
*/
- public static URLClassLoader newInstance(final URL[] urls,
- final ClassLoader parentCl) {
- URLClassLoader sub = AccessController
- .doPrivileged(new PrivilegedAction<URLClassLoader>() {
- public URLClassLoader run() {
- return new SubURLClassLoader(urls, parentCl);
- }
- });
- sub.currentContext = AccessController.getContext();
- return sub;
+ public static URLClassLoader newInstance(final URL[] urls, final ClassLoader parentCl) {
+ return new URLClassLoader(urls, parentCl);
}
/**
@@ -831,22 +727,10 @@
* @param factory
* the factory that will be used to create protocol-specific
* stream handlers.
- * @throws SecurityException
- * if a security manager exists and its {@code
- * checkCreateClassLoader()} method doesn't allow creation of
- * new {@code ClassLoader}s.
*/
- public URLClassLoader(URL[] searchUrls, ClassLoader parent,
- URLStreamHandlerFactory factory) {
+ public URLClassLoader(URL[] searchUrls, ClassLoader parent, URLStreamHandlerFactory factory) {
super(parent);
- // Required for pre-v1.2 security managers to work
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkCreateClassLoader();
- }
this.factory = factory;
- // capture the context of the thread that creates this URLClassLoader
- currentContext = AccessController.getContext();
int nbUrls = searchUrls.length;
originalUrls = new ArrayList<URL>(nbUrls);
handlerList = new ArrayList<URLHandler>(nbUrls);
@@ -872,14 +756,9 @@
* if the specified class cannot be loaded.
*/
@Override
- protected Class<?> findClass(final String clsName)
- throws ClassNotFoundException {
- Class<?> cls = AccessController.doPrivileged(
- new PrivilegedAction<Class<?>>() {
- public Class<?> run() {
- return findClassImpl(clsName);
- }
- }, currentContext);
+ protected Class<?> findClass(final String clsName) throws ClassNotFoundException {
+ // TODO: merge?
+ Class<?> cls = findClassImpl(clsName);
if (cls != null) {
return cls;
}
@@ -926,22 +805,8 @@
if (name == null) {
return null;
}
- URL result = AccessController.doPrivileged(new PrivilegedAction<URL>() {
- public URL run() {
- return findResourceImpl(name);
- }
- }, currentContext);
- SecurityManager sm;
- if (result != null && (sm = System.getSecurityManager()) != null) {
- try {
- sm.checkPermission(result.openConnection().getPermission());
- } catch (IOException e) {
- return null;
- } catch (SecurityException e) {
- return null;
- }
- }
- return result;
+ // TODO: merge?
+ return findResourceImpl(name);
}
/**
@@ -953,7 +818,6 @@
*/
URL findResourceImpl(String resName) {
int n = 0;
-
while (true) {
URLHandler handler = getHandler(n++);
if (handler == null) {
diff --git a/luni/src/main/java/java/net/URLConnection.java b/luni/src/main/java/java/net/URLConnection.java
index e467932..c895d41 100644
--- a/luni/src/main/java/java/net/URLConnection.java
+++ b/luni/src/main/java/java/net/URLConnection.java
@@ -20,15 +20,12 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.Date;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.StringTokenizer;
-import org.apache.harmony.luni.util.PriviAction;
/**
* A connection to a URL for reading or writing. For HTTP connections, see
@@ -278,9 +275,7 @@
// search through the package list for the right class for the Content
// Type
- String packageList = AccessController
- .doPrivileged(new PriviAction<String>(
- "java.content.handler.pkgs"));
+ String packageList = System.getProperty("java.content.handler.pkgs");
if (packageList != null) {
final StringTokenizer st = new StringTokenizer(packageList, "|");
while (st.countTokens() > 0) {
@@ -297,21 +292,14 @@
}
if (cHandler == null) {
- cHandler = AccessController
- .doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- try {
- // Try looking up AWT image content handlers
- String className = "org.apache.harmony.awt.www.content."
- + typeString;
- return Class.forName(className).newInstance();
- } catch (ClassNotFoundException e) {
- } catch (IllegalAccessException e) {
- } catch (InstantiationException e) {
- }
- return null;
- }
- });
+ try {
+ // Try looking up AWT image content handlers
+ String className = "org.apache.harmony.awt.www.content." + typeString;
+ cHandler = Class.forName(className).newInstance();
+ } catch (ClassNotFoundException e) {
+ } catch (IllegalAccessException e) {
+ } catch (InstantiationException e) {
+ }
}
if (cHandler != null) {
if (!(cHandler instanceof ContentHandler)) {
@@ -851,18 +839,12 @@
* @param contentFactory
* the content factory to be set.
* @throws Error
- * if the security manager does not allow to set the content
- * factory or it has been already set earlier ago.
+ * if the factory has been already set.
*/
- public static synchronized void setContentHandlerFactory(
- ContentHandlerFactory contentFactory) {
+ public static synchronized void setContentHandlerFactory(ContentHandlerFactory contentFactory) {
if (contentHandlerFactory != null) {
throw new Error("Factory already set");
}
- SecurityManager sManager = System.getSecurityManager();
- if (sManager != null) {
- sManager.checkSetFactory();
- }
contentHandlerFactory = contentFactory;
}
@@ -949,10 +931,6 @@
* the MIME table to be set.
*/
public static void setFileNameMap(FileNameMap map) {
- SecurityManager manager = System.getSecurityManager();
- if (manager != null) {
- manager.checkSetFactory();
- }
synchronized (URLConnection.class) {
fileNameMap = map;
}
diff --git a/luni/src/main/java/java/nio/DatagramChannelImpl.java b/luni/src/main/java/java/nio/DatagramChannelImpl.java
index e732e28..35c24dd 100644
--- a/luni/src/main/java/java/nio/DatagramChannelImpl.java
+++ b/luni/src/main/java/java/nio/DatagramChannelImpl.java
@@ -131,17 +131,6 @@
// check the address
InetSocketAddress inetSocketAddress = SocketChannelImpl.validateAddress(address);
- // security check
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- if (inetSocketAddress.getAddress().isMulticastAddress()) {
- sm.checkMulticast(inetSocketAddress.getAddress());
- } else {
- sm.checkConnect(inetSocketAddress.getAddress().getHostName(),
- inetSocketAddress.getPort());
- }
- }
-
try {
begin();
Platform.NETWORK.connect(fd,
@@ -225,17 +214,6 @@
receivePacket.getData(), receivePacket.getOffset(), receivePacket.getLength(),
false, isConnected());
- // security check
- SecurityManager sm = System.getSecurityManager();
- if (!isConnected() && sm != null) {
- try {
- sm.checkAccept(receivePacket.getAddress().getHostAddress(),
- receivePacket.getPort());
- } catch (SecurityException e) {
- // do discard the datagram packet
- receivePacket = null;
- }
- }
if (receivePacket != null && receivePacket.getAddress() != null) {
if (received > 0) {
@@ -263,17 +241,6 @@
received = Platform.NETWORK.recvDirect(fd, receivePacket, address,
target.position(), target.remaining(), false, isConnected());
- // security check
- SecurityManager sm = System.getSecurityManager();
- if (!isConnected() && sm != null) {
- try {
- sm.checkAccept(receivePacket.getAddress().getHostAddress(),
- receivePacket.getPort());
- } catch (SecurityException e) {
- // do discard the datagram packet
- receivePacket = null;
- }
- }
if (receivePacket != null && receivePacket.getAddress() != null) {
// copy the data of received packet
if (received > 0) {
@@ -303,20 +270,8 @@
throw new IOException();
}
- if (isConnected()) {
- if (!connectAddress.equals(isa)) {
- throw new IllegalArgumentException();
- }
- } else {
- // not connected, check security
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- if (isa.getAddress().isMulticastAddress()) {
- sm.checkMulticast(isa.getAddress());
- } else {
- sm.checkConnect(isa.getAddress().getHostAddress(), isa.getPort());
- }
- }
+ if (isConnected() && !connectAddress.equals(isa)) {
+ throw new IllegalArgumentException();
}
// the return value.
diff --git a/luni/src/main/java/java/nio/ServerSocketChannelImpl.java b/luni/src/main/java/java/nio/ServerSocketChannelImpl.java
index 9cefe5f..01d86a4 100644
--- a/luni/src/main/java/java/nio/ServerSocketChannelImpl.java
+++ b/luni/src/main/java/java/nio/ServerSocketChannelImpl.java
@@ -155,10 +155,6 @@
sockChannel.setBound(true);
sockChannel.finishAccept();
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkAccept(socket.getInetAddress().getHostAddress(), socket.getPort());
- }
connectOK = true;
} finally {
if (!connectOK) {
diff --git a/luni/src/main/java/java/nio/SocketChannelImpl.java b/luni/src/main/java/java/nio/SocketChannelImpl.java
index dbef3c0..560f17d 100644
--- a/luni/src/main/java/java/nio/SocketChannelImpl.java
+++ b/luni/src/main/java/java/nio/SocketChannelImpl.java
@@ -170,11 +170,6 @@
int port = inetSocketAddress.getPort();
String hostName = normalAddr.getHostName();
- // security check
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkConnect(hostName, port);
- }
// connect result
int result = EOF;
diff --git a/luni/src/main/java/java/nio/channels/DatagramChannel.java b/luni/src/main/java/java/nio/channels/DatagramChannel.java
index dd09e16..486b168 100644
--- a/luni/src/main/java/java/nio/channels/DatagramChannel.java
+++ b/luni/src/main/java/java/nio/channels/DatagramChannel.java
@@ -121,11 +121,8 @@
* if another thread interrupts the calling thread while the
* operation is in progress. The calling thread will have the
* interrupt state set and the channel will be closed.
- * @throws SecurityException
- * if there is a security manager, and the address is not
- * permitted to be accessed.
* @throws IOException
- * if some other I/O error occurrs.
+ * if some other I/O error occurs.
*/
public abstract DatagramChannel connect(SocketAddress address)
throws IOException;
@@ -175,9 +172,6 @@
* if another thread interrupts the calling thread while the
* operation is in progress. The calling thread will have the
* interrupt state set and the channel will be closed.
- * @throws SecurityException
- * if there is a security manager, and the address is not
- * permitted to be accessed.
* @throws IOException
* some other I/O error occurs.
*/
@@ -216,14 +210,10 @@
* if another thread interrupts the calling thread while the
* operation is in progress. The calling thread will have the
* interrupt state set and the channel will be closed.
- * @throws SecurityException
- * if there is a security manager, and the address is not
- * permitted to access.
* @throws IOException
* some other I/O error occurs.
*/
- public abstract int send(ByteBuffer source, SocketAddress address)
- throws IOException;
+ public abstract int send(ByteBuffer source, SocketAddress address) throws IOException;
/**
* Reads a datagram from this channel into the byte buffer.
diff --git a/luni/src/main/java/java/nio/channels/ServerSocketChannel.java b/luni/src/main/java/java/nio/channels/ServerSocketChannel.java
index 67d3b8e..f3c3390 100644
--- a/luni/src/main/java/java/nio/channels/ServerSocketChannel.java
+++ b/luni/src/main/java/java/nio/channels/ServerSocketChannel.java
@@ -107,9 +107,6 @@
* if another I/O error occurs.
* @throws NotYetBoundException
* if the socket has not yet been bound.
- * @throws SecurityException
- * if there is a security manager and it does not permit to
- * access the new connection.
*/
public abstract SocketChannel accept() throws IOException;
}
diff --git a/luni/src/main/java/java/nio/channels/SocketChannel.java b/luni/src/main/java/java/nio/channels/SocketChannel.java
index 9ca75ef..6e54ab9 100644
--- a/luni/src/main/java/java/nio/channels/SocketChannel.java
+++ b/luni/src/main/java/java/nio/channels/SocketChannel.java
@@ -97,9 +97,6 @@
* if another thread interrupts the calling thread while this
* operation is executing. The calling thread will have the
* interrupt state set and the channel will be closed.
- * @throws SecurityException
- * if there is a security manager and it denies the access of
- * {@code address}.
* @throws UnresolvedAddressException
* if the address is not resolved.
* @throws UnsupportedAddressTypeException
@@ -187,9 +184,6 @@
* if the address is not resolved.
* @throws UnsupportedAddressTypeException
* if the address type is not supported.
- * @throws SecurityException
- * if there is a security manager and it denies the access of
- * {@code address}.
* @throws IOException
* if an I/O error occurs.
*/
diff --git a/luni/src/main/java/java/nio/channels/spi/AbstractInterruptibleChannel.java b/luni/src/main/java/java/nio/channels/spi/AbstractInterruptibleChannel.java
index 47f2512..8befb1b 100644
--- a/luni/src/main/java/java/nio/channels/spi/AbstractInterruptibleChannel.java
+++ b/luni/src/main/java/java/nio/channels/spi/AbstractInterruptibleChannel.java
@@ -23,9 +23,6 @@
import java.nio.channels.Channel;
import java.nio.channels.ClosedByInterruptException;
import java.nio.channels.InterruptibleChannel;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
/**
* {@code AbstractInterruptibleChannel} is the root class for interruptible
@@ -37,27 +34,15 @@
* argument to the {@code end} method should indicate if the I/O operation has
* actually completed so that any change may be visible to the invoker.
*/
-public abstract class AbstractInterruptibleChannel implements Channel,
- InterruptibleChannel {
+public abstract class AbstractInterruptibleChannel implements Channel, InterruptibleChannel {
static Method setInterruptAction = null;
-
static {
try {
- setInterruptAction = AccessController
- .doPrivileged(new PrivilegedExceptionAction<Method>() {
- public Method run() throws Exception {
- return Thread.class.getDeclaredMethod(
- "setInterruptAction",
- new Class[] { Runnable.class });
-
- }
- });
+ setInterruptAction = Thread.class.getDeclaredMethod("setInterruptAction", Runnable.class);
setInterruptAction.setAccessible(true);
- } catch (PrivilegedActionException e) {
- // FIXME: be accommodate before VM actually provides
- // setInterruptAction method
- // throw new Error(e);
+ } catch (NoSuchMethodException e) {
+ throw new AssertionError(e);
}
}
diff --git a/luni/src/main/java/java/nio/channels/spi/SelectorProvider.java b/luni/src/main/java/java/nio/channels/spi/SelectorProvider.java
index 201ea9f..66ecb7e 100644
--- a/luni/src/main/java/java/nio/channels/spi/SelectorProvider.java
+++ b/luni/src/main/java/java/nio/channels/spi/SelectorProvider.java
@@ -24,8 +24,6 @@
import java.nio.channels.Pipe;
import java.nio.channels.ServerSocketChannel;
import java.nio.channels.SocketChannel;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ServiceLoader;
/**
@@ -44,17 +42,9 @@
/**
* Constructs a new {@code SelectorProvider}.
- *
- * @throws SecurityException
- * if there is a security manager installed that does not permit
- * the runtime permission labeled "selectorProvider".
*/
protected SelectorProvider() {
super();
- if (System.getSecurityManager() != null) {
- System.getSecurityManager().checkPermission(
- new RuntimePermission("selectorProvider"));
- }
}
/**
@@ -80,11 +70,7 @@
provider = loadProviderByJar();
}
if (provider == null) {
- provider = AccessController.doPrivileged(new PrivilegedAction<SelectorProvider>() {
- public SelectorProvider run() {
- return new SelectorProviderImpl();
- }
- });
+ provider = new SelectorProviderImpl();
}
}
return provider;
@@ -150,15 +136,8 @@
* @return the channel.
* @throws IOException
* if an I/O error occurs.
- * @throws SecurityException
- * if there is a security manager installed that does not permit
- * the runtime permission labeled "selectorProvider".
*/
public Channel inheritedChannel() throws IOException {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new RuntimePermission("inheritedChannel"));
- }
// Android never has stdin/stdout connected to a socket.
return null;
}
diff --git a/luni/src/main/java/java/nio/charset/Charset.java b/luni/src/main/java/java/nio/charset/Charset.java
index 800d810..04c8324 100644
--- a/luni/src/main/java/java/nio/charset/Charset.java
+++ b/luni/src/main/java/java/nio/charset/Charset.java
@@ -21,8 +21,6 @@
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.spi.CharsetProvider;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
@@ -565,11 +563,7 @@
}
private static Charset getDefaultCharset() {
- String encoding = AccessController.doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- return System.getProperty("file.encoding", "UTF-8");
- }
- });
+ String encoding = System.getProperty("file.encoding", "UTF-8");
try {
return Charset.forName(encoding);
} catch (UnsupportedCharsetException e) {
diff --git a/luni/src/main/java/java/nio/charset/spi/CharsetProvider.java b/luni/src/main/java/java/nio/charset/spi/CharsetProvider.java
index d24bebd..c3ed3c8 100644
--- a/luni/src/main/java/java/nio/charset/spi/CharsetProvider.java
+++ b/luni/src/main/java/java/nio/charset/spi/CharsetProvider.java
@@ -23,22 +23,10 @@
* The service provider class for character sets.
*/
public abstract class CharsetProvider {
-
- // The permission required to construct a new provider.
- private static final RuntimePermission CONSTRUCT_PERM = new RuntimePermission(
- "charsetProvider");
-
/**
* Constructor for subclassing with concrete types.
- *
- * @throws SecurityException
- * if there is a security manager installed that does not permit
- * the runtime permission labeled "charsetProvider".
*/
protected CharsetProvider() {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null)
- securityManager.checkPermission(CONSTRUCT_PERM);
}
/**
diff --git a/luni/src/main/java/java/security/AccessControlContext.java b/luni/src/main/java/java/security/AccessControlContext.java
index b161b7f..288bc2c 100644
--- a/luni/src/main/java/java/security/AccessControlContext.java
+++ b/luni/src/main/java/java/security/AccessControlContext.java
@@ -56,10 +56,6 @@
/**
* Constructs a new instance of {@code AccessControlContext} with the
* specified {@code AccessControlContext} and {@code DomainCombiner}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this constructor
- * need the {@code SecurityPermission} {@code createAccessControlContext} to
- * be granted, otherwise a {@code SecurityException} will be thrown.
*
* @param acc
* the {@code AccessControlContext} related to the given {@code
@@ -67,19 +63,10 @@
* @param combiner
* the {@code DomainCombiner} related to the given {@code
* AccessControlContext}
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this constructor
* @throws NullPointerException
* if {@code acc} is {@code null}
*/
- public AccessControlContext(AccessControlContext acc,
- DomainCombiner combiner) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new SecurityPermission(
- "createAccessControlContext"));
- }
+ public AccessControlContext(AccessControlContext acc, DomainCombiner combiner) {
// no need to clone() here as ACC is immutable
this.context = acc.context;
this.combiner = combiner;
@@ -119,44 +106,6 @@
}
/**
- * Package-level ctor which is used in AccessController.<br>
- * ProtectionDomains passed as <code>stack</code> is then passed into
- * {@link #AccessControlContext(ProtectionDomain[])}, therefore:<br>
- * <il>
- * <li>it must not be null
- * <li>duplicates will be removed
- * <li>null-s will be removed
- * </li>
- *
- * @param stack - array of ProtectionDomains
- * @param inherited - inherited context, which may be null
- */
- AccessControlContext(ProtectionDomain[] stack,
- AccessControlContext inherited) {
- this(stack); // removes dups, removes nulls, checks for stack==null
- this.inherited = inherited;
- }
-
- /**
- * Package-level ctor which is used in AccessController.<br>
- * ProtectionDomains passed as <code>stack</code> is then passed into
- * {@link #AccessControlContext(ProtectionDomain[])}, therefore:<br>
- * <il>
- * <li>it must not be null
- * <li>duplicates will be removed
- * <li>null-s will be removed
- * </li>
- *
- * @param stack - array of ProtectionDomains
- * @param combiner - combiner
- */
- AccessControlContext(ProtectionDomain[] stack,
- DomainCombiner combiner) {
- this(stack); // removes dups, removes nulls, checks for stack==null
- this.combiner = combiner;
- }
-
- /**
* Checks the specified permission against the vm's current security policy.
* The check is based on this {@code AccessControlContext} as opposed to the
* {@link AccessController#checkPermission(Permission)} method which
@@ -189,8 +138,7 @@
}
for (int i = 0; i < context.length; i++) {
if (!context[i].implies(perm)) {
- throw new AccessControlException("Permission check failed "
- + perm, perm);
+ throw new AccessControlException("Permission check failed " + perm, perm);
}
}
if (inherited != null) {
@@ -236,22 +184,11 @@
/**
* Returns the {@code DomainCombiner} associated with this {@code
* AccessControlContext}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code getDomainCombiner} to be granted,
- * otherwise a {@code SecurityException} will be thrown.
*
* @return the {@code DomainCombiner} associated with this {@code
* AccessControlContext}
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method
*/
public DomainCombiner getDomainCombiner() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new SecurityPermission("getDomainCombiner"));
- }
return combiner;
}
diff --git a/luni/src/main/java/java/security/AccessController.java b/luni/src/main/java/java/security/AccessController.java
index d395592..99ec698 100644
--- a/luni/src/main/java/java/security/AccessController.java
+++ b/luni/src/main/java/java/security/AccessController.java
@@ -32,234 +32,66 @@
package java.security;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.WeakHashMap;
-import org.apache.harmony.security.fortress.SecurityUtils;
-
/**
- * {@code AccessController} provides static methods to perform access control
- * checks and privileged operations.
+ * Legacy security code; this class exists for compatibility only.
*/
public final class AccessController {
private AccessController() {
- throw new Error("statics only.");
}
/**
- * A map used to store a mapping between a given Thread and
- * AccessControllerContext-s used in successive calls of doPrivileged(). A
- * WeakHashMap is used to allow automatic wiping of the dead threads from
- * the map. The thread (normally Thread.currentThread()) is used as a key
- * for the map, and a value is ArrayList where all AccessControlContext-s
- * are stored.
- * ((ArrayList)contexts.get(Thread.currentThread())).lastElement() - is
- * reference to the latest context passed to the doPrivileged() call.
- *
- * TODO: ThreadLocal?
- */
- private static final WeakHashMap<Thread, ArrayList<AccessControlContext>> contexts = new WeakHashMap<Thread, ArrayList<AccessControlContext>>();
-
- /**
- * Returns the result of executing the specified privileged action. Only the
- * {@code ProtectionDomain} of the direct caller of this method and the
- * {@code ProtectionDomain}s of all subsequent classes in the call chain are
- * checked to be granted the necessary permission if access checks are
- * performed.
- * <p>
- * If an instance of {@code RuntimeException} is thrown during the execution
- * of the {@code PrivilegedAction#run()} method of the given action, it will
- * be propagated through this method.
- *
- * @param action
- * the action to be executed with privileges
- * @return the result of executing the privileged action
- * @throws NullPointerException
- * if the specified action is {@code null}
+ * Calls {@code action.run()}.
*/
public static <T> T doPrivileged(PrivilegedAction<T> action) {
- if (action == null) {
- throw new NullPointerException("action == null");
- }
- return doPrivileged(action, null);
+ return action.run();
}
/**
- * Returns the result of executing the specified privileged action. The
- * {@code ProtectionDomain} of the direct caller of this method, the {@code
- * ProtectionDomain}s of all subsequent classes in the call chain and all
- * {@code ProtectionDomain}s of the given context are checked to be granted
- * the necessary permission if access checks are performed.
- * <p>
- * If an instance of {@code RuntimeException} is thrown during the execution
- * of the {@code PrivilegedAction#run()} method of the given action, it will
- * be propagated through this method.
- *
- * @param action
- * the action to be executed with privileges
- * @param context
- * the {@code AccessControlContext} whose protection domains are
- * checked additionally
- * @return the result of executing the privileged action
- * @throws NullPointerException
- * if the specified action is {@code null}
+ * Calls {@code action.run()}.
*/
- public static <T> T doPrivileged(PrivilegedAction<T> action,
- AccessControlContext context) {
- if (action == null) {
- throw new NullPointerException("action == null");
- }
- List<AccessControlContext> contextsStack = contextsForThread();
- contextsStack.add(context);
- try {
- return action.run();
- } finally {
- contextsStack.remove(contextsStack.size() - 1);
- }
+ public static <T> T doPrivileged(PrivilegedAction<T> action, AccessControlContext context) {
+ return action.run();
}
/**
- * Returns the result of executing the specified privileged action. Only the
- * {@code ProtectionDomain} of the direct caller of this method and the
- * {@code ProtectionDomain}s of all subsequent classes in the call chain are
- * checked to be granted the necessary permission if access checks are
- * performed.
- * <p>
- * If a checked exception is thrown by the action's run method, it will be
- * wrapped and propagated through this method.
- * <p>
- * If an instance of {@code RuntimeException} is thrown during the execution
- * of the {@code PrivilegedAction#run()} method of the given action, it will
- * be propagated through this method.
- *
- * @param action
- * the action to be executed with privileges
- * @return the result of executing the privileged action
- * @throws PrivilegedActionException
- * if the action's run method throws any checked exception
- * @throws NullPointerException
- * if the specified action is {@code null}
+ * Calls {@code action.run()}.
*/
- public static <T> T doPrivileged(PrivilegedExceptionAction<T> action)
- throws PrivilegedActionException {
- return doPrivileged(action, null);
- }
-
- /**
- * Returns the result of executing the specified privileged action. The
- * {@code ProtectionDomain} of the direct caller of this method, the {@code
- * ProtectionDomain}s of all subsequent classes in the call chain and all
- * {@code ProtectionDomain}s of the given context are checked to be granted
- * the necessary permission if access checks are performed.
- * <p>
- * If a checked exception is thrown by the action's run method, it will be
- * wrapped and propagated through this method.
- * <p>
- * If an instance of {@code RuntimeException} is thrown during the execution
- * of the {@code PrivilegedAction#run()} method of the given action, it will
- * be propagated through this method.
- *
- * @param action
- * the action to be executed with privileges
- * @param context
- * the {@code AccessControlContext} whose protection domains are
- * checked additionally
- * @return the result of executing the privileged action
- * @throws PrivilegedActionException
- * if the action's run method throws any checked exception
- * @throws NullPointerException
- * if the specified action is {@code null}
- */
- public static <T> T doPrivileged(PrivilegedExceptionAction<T> action,
- AccessControlContext context) throws PrivilegedActionException {
- if (action == null) {
- throw new NullPointerException("action == null");
- }
- List<AccessControlContext> contextsStack = contextsForThread();
- contextsStack.add(context);
+ public static <T> T doPrivileged(PrivilegedExceptionAction<T> action) throws PrivilegedActionException {
try {
return action.run();
} catch (RuntimeException e) {
throw e; // so we don't wrap RuntimeExceptions with PrivilegedActionException
} catch (Exception e) {
throw new PrivilegedActionException(e);
- } finally {
- contextsStack.remove(contextsStack.size() - 1);
- }
- }
-
- public static <T> T doPrivilegedWithCombiner(PrivilegedAction<T> action) {
- return doPrivileged(action, newContextSameDomainCombiner());
- }
-
- public static <T> T doPrivilegedWithCombiner(PrivilegedExceptionAction<T> action)
- throws PrivilegedActionException {
- return doPrivileged(action, newContextSameDomainCombiner());
- }
-
- private static AccessControlContext newContextSameDomainCombiner() {
- List<AccessControlContext> contextsStack = contextsForThread();
- DomainCombiner domainCombiner = contextsStack.isEmpty()
- ? null
- : contextsStack.get(contextsStack.size() - 1).getDomainCombiner();
- return new AccessControlContext(new ProtectionDomain[0], domainCombiner);
- }
-
- private static List<AccessControlContext> contextsForThread() {
- Thread currThread = Thread.currentThread();
-
- /*
- * Thread.currentThread() is null when Thread.class is being initialized, and contexts is
- * null when AccessController.class is still being initialized. In either case, return an
- * empty list so callers need not worry.
- */
- if (currThread == null || contexts == null) {
- return new ArrayList<AccessControlContext>();
- }
-
- synchronized (contexts) {
- ArrayList<AccessControlContext> result = contexts.get(currThread);
- if (result == null) {
- result = new ArrayList<AccessControlContext>();
- contexts.put(currThread, result);
- }
- return result;
}
}
/**
- * Checks the specified permission against the VM's current security policy.
- * The check is performed in the context of the current thread. This method
- * returns silently if the permission is granted, otherwise an {@code
- * AccessControlException} is thrown.
- * <p>
- * A permission is considered granted if every {@link ProtectionDomain} in
- * the current execution context has been granted the specified permission.
- * If privileged operations are on the execution context, only the {@code
- * ProtectionDomain}s from the last privileged operation are taken into
- * account.
- * <p>
- * This method delegates the permission check to
- * {@link AccessControlContext#checkPermission(Permission)} on the current
- * callers' context obtained by {@link #getContext()}.
- *
- * @param permission
- * the permission to check against the policy
- * @throws AccessControlException
- * if the specified permission is not granted
- * @throws NullPointerException
- * if the specified permission is {@code null}
- * @see AccessControlContext#checkPermission(Permission)
- *
+ * Calls {@code action.run()}.
*/
- public static void checkPermission(Permission permission)
- throws AccessControlException {
- if (permission == null) {
- throw new NullPointerException("permission == null");
- }
+ public static <T> T doPrivileged(PrivilegedExceptionAction<T> action, AccessControlContext context) throws PrivilegedActionException {
+ return doPrivileged(action);
+ }
- getContext().checkPermission(permission);
+ /**
+ * Calls {@code action.run()}.
+ */
+ public static <T> T doPrivilegedWithCombiner(PrivilegedAction<T> action) {
+ return action.run();
+ }
+
+ /**
+ * Calls {@code action.run()}.
+ */
+ public static <T> T doPrivilegedWithCombiner(PrivilegedExceptionAction<T> action) throws PrivilegedActionException {
+ return doPrivileged(action);
+ }
+
+ /**
+ * Does nothing.
+ */
+ public static void checkPermission(Permission permission) throws AccessControlException {
}
/**
@@ -283,36 +115,7 @@
* @see Thread#currentThread
*/
public static AccessControlContext getContext() {
-
- // duplicates (if any) will be removed in ACC constructor
- ProtectionDomain[] stack = getStackDomains();
-
- Thread currentThread = Thread.currentThread();
- if (currentThread == null || AccessController.contexts == null) {
- // Big boo time. No need to check anything ?
- return new AccessControlContext(stack);
- }
-
- List<AccessControlContext> threadContexts = contextsForThread();
-
- // if we're in a doPrivileged method, use its context.
- AccessControlContext that = threadContexts.isEmpty()
- ? SecurityUtils.getContext(currentThread)
- : threadContexts.get(threadContexts.size() - 1);
-
- if (that != null && that.combiner != null) {
- ProtectionDomain[] assigned = null;
- if (that.context != null && that.context.length != 0) {
- assigned = new ProtectionDomain[that.context.length];
- System.arraycopy(that.context, 0, assigned, 0, assigned.length);
- }
- ProtectionDomain[] protectionDomains = that.combiner.combine(stack, assigned);
- if (protectionDomains == null) {
- protectionDomains = new ProtectionDomain[0];
- }
- return new AccessControlContext(protectionDomains, that.combiner);
- }
-
- return new AccessControlContext(stack, that);
+ // TODO: just return null?
+ return new AccessControlContext(getStackDomains());
}
}
diff --git a/luni/src/main/java/java/security/BasicPermission.java b/luni/src/main/java/java/security/BasicPermission.java
index 50e3d30..9bc59ac 100644
--- a/luni/src/main/java/java/security/BasicPermission.java
+++ b/luni/src/main/java/java/security/BasicPermission.java
@@ -21,23 +21,7 @@
import java.io.Serializable;
/**
- * {@code BasicPermission} is the common base class of all permissions which
- * have a name but no action lists. A {@code BasicPermission} is granted or it
- * is not.
- * <p>
- * Names of a BasicPermission follow the dot separated, hierarchical property
- * naming convention. Asterisk '*' can be used as wildcards. Either by itself,
- * matching anything, or at the end of the name, immediately preceded by a '.'.
- * For example:
- *
- * <pre>
- * java.io.* grants all permissions under the java.io permission hierarchy
- * * grants all permissions
- * </pre>
- * <p>
- * While this class ignores the action list in the
- * {@link #BasicPermission(String, String)} constructor, subclasses may
- * implement actions on top of this class.
+ * Legacy security code; this class exists for compatibility only.
*/
public abstract class BasicPermission extends Permission implements
Serializable {
diff --git a/luni/src/main/java/java/security/DomainCombiner.java b/luni/src/main/java/java/security/DomainCombiner.java
index 520ad93..374f0eb 100644
--- a/luni/src/main/java/java/security/DomainCombiner.java
+++ b/luni/src/main/java/java/security/DomainCombiner.java
@@ -18,12 +18,7 @@
package java.security;
/**
- * {@code DomainCombiner} is used to update and optimize {@code
- * ProtectionDomain}s from an {@code AccessControlContext}.
- *
- * @see AccessControlContext
- * @see AccessControlContext#AccessControlContext(AccessControlContext,
- * DomainCombiner)
+ * Legacy security code; this class exists for compatibility only.
*/
public interface DomainCombiner {
@@ -33,15 +28,11 @@
* duplicates and perform other optimizations.
*
* @param current
- * the protection domains of the current execution thread (since
- * the most recent call to {@link AccessController#doPrivileged}
- * ).
+ * the protection domains of the current execution thread
* @param assigned
- * the protection domains of the parent thread, maybe {@code
- * null}.
+ * the protection domains of the parent thread, may be {@code null}.
* @return a single {@code ProtectionDomain} array computed from the two
* provided arrays.
*/
- ProtectionDomain[] combine(ProtectionDomain[] current,
- ProtectionDomain[] assigned);
+ ProtectionDomain[] combine(ProtectionDomain[] current, ProtectionDomain[] assigned);
}
diff --git a/luni/src/main/java/java/security/Identity.java b/luni/src/main/java/java/security/Identity.java
index 0e3b4cf..8684a5e 100644
--- a/luni/src/main/java/java/security/Identity.java
+++ b/luni/src/main/java/java/security/Identity.java
@@ -82,25 +82,13 @@
/**
* Adds a {@code Certificate} to this {@code Identity}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code addIdentityCertificate} to be
- * granted, otherwise a {@code SecurityException} will be thrown.
*
* @param certificate
* the {@code Certificate} to be added to this {@code Identity}.
* @throws KeyManagementException
* if the certificate is not valid.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
- public void addCertificate(Certificate certificate)
- throws KeyManagementException {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("addIdentityCertificate");
- }
+ public void addCertificate(Certificate certificate) throws KeyManagementException {
PublicKey certPK = certificate.getPublicKey();
if (publicKey != null) {
if (!checkKeysEqual(publicKey, certPK)) {
@@ -141,32 +129,17 @@
/**
* Removes the specified {@code Certificate} from this {@code Identity}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code "removeIdentityCertificate"} to be
- * granted, otherwise a {@code SecurityException} will be thrown.
- * <p>
*
* @param certificate
* the {@code Certificate} to be removed.
* @throws KeyManagementException
* if the certificate is not found.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
- public void removeCertificate(Certificate certificate)
- throws KeyManagementException {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("removeIdentityCertificate");
- }
+ public void removeCertificate(Certificate certificate) throws KeyManagementException {
if (certificates != null) {
- // BEGIN android-added
if (!certificates.contains(certificate)) {
throw new KeyManagementException("Certificate not found");
}
- // END android-added
certificates.removeElement(certificate);
}
}
@@ -254,25 +227,14 @@
/**
* Sets the specified {@code PublicKey} to this {@code Identity}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code setIdentityPublicKey} to be
- * granted, otherwise a {@code SecurityException} will be thrown.
*
* @param key
* the {@code PublicKey} to be set.
* @throws KeyManagementException
* if another {@code Identity} in the same scope as this {@code
* Identity} already has the same {@code PublicKey}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public void setPublicKey(PublicKey key) throws KeyManagementException {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("setIdentityPublicKey");
- }
// this check does not always work
if ((scope != null) && (key != null)) {
Identity i = scope.getIdentity(key);
@@ -302,28 +264,13 @@
/**
* Sets an information string for this {@code Identity}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code setIdentityInfo} to be granted,
- * otherwise a {@code SecurityException} will be thrown.
- *
* @param info
* the information to be set.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public void setInfo(String info) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("setIdentityInfo");
- }
this.info = info;
}
-
-
-
/**
* Returns the information string of this {@code Identity}.
*
@@ -333,9 +280,6 @@
return info;
}
-
-
-
/**
* Compares the specified object with this {@code Identity} for equality and
* returns {@code true} if the specified object is equal, {@code false}
@@ -363,9 +307,6 @@
return identityEquals(i);
}
-
-
-
/**
* Returns the name of this {@code Identity}.
*
@@ -375,9 +316,6 @@
return name;
}
-
-
-
/**
* Returns the hash code value for this {@code Identity}. Returns the same
* hash code for {@code Identity}s that are equal to each other as required
@@ -399,29 +337,15 @@
return hash;
}
-
-
-
/**
* Returns a string containing a concise, human-readable description of the
* this {@code Identity} including its name and its scope.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method
- * needs the {@code SecurityPermission} {@code printIdentity} to be granted,
- * otherwise a {@code SecurityException} will be thrown.
*
* @return a printable representation for this {@code Identity}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
@Override
@SuppressWarnings("nls")
public String toString() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("printIdentity");
- }
String s = (this.name == null ? "" : this.name);
if (scope != null) {
s += " [" + scope.getName() + "]";
diff --git a/luni/src/main/java/java/security/IdentityScope.java b/luni/src/main/java/java/security/IdentityScope.java
index e5acc96..a590db2 100644
--- a/luni/src/main/java/java/security/IdentityScope.java
+++ b/luni/src/main/java/java/security/IdentityScope.java
@@ -81,11 +81,7 @@
* implementation as fallback, i.e., return null if fails to init an instance.
*/
if (systemScope == null) {
- String className = AccessController.doPrivileged(new PrivilegedAction<String>(){
- public String run() {
- return Security.getProperty("system.scope");
- }
- });
+ String className = Security.getProperty("system.scope");
if(className != null){
try {
systemScope = (IdentityScope) Class.forName(className).newInstance();
@@ -104,10 +100,6 @@
* the scope to set.
*/
protected static void setSystemScope(IdentityScope scope) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("setSystemScope");
- }
systemScope = scope;
}
diff --git a/luni/src/main/java/java/security/KeyStore.java b/luni/src/main/java/java/security/KeyStore.java
index ab4b924..29c88a0 100644
--- a/luni/src/main/java/java/security/KeyStore.java
+++ b/luni/src/main/java/java/security/KeyStore.java
@@ -176,8 +176,7 @@
* NoSuchAlgorithmException) as in 1.4 release
* @see #getDefaultType
*/
- public static KeyStore getInstance(String type, Provider provider)
- throws KeyStoreException {
+ public static KeyStore getInstance(String type, Provider provider) throws KeyStoreException {
// check parameters
if (provider == null) {
throw new IllegalArgumentException();
@@ -197,21 +196,15 @@
/**
* Returns the default type for {@code KeyStore} instances.
- * <p>
- * The default is specified in the {@code 'keystore.type'} property in the
- * file named {@code JAVA_HOME/lib/security/java.security}. If this property
+ *
+ * <p>The default is specified in the {@code 'keystore.type'} property in the
+ * file named {@code java.security} properties file. If this property
* is not set, {@code "jks"} will be used.
*
* @return the default type for {@code KeyStore} instances
*/
public static final String getDefaultType() {
- String dt = AccessController.doPrivileged(
- new PrivilegedAction<String>() {
- public String run() {
- return Security.getProperty(PROPERTYNAME);
- }
- }
- );
+ String dt = Security.getProperty(PROPERTYNAME);
return (dt == null ? DEFAULT_KEYSTORE_TYPE : dt);
}
@@ -826,8 +819,7 @@
if (!keyStore.isInit) {
throw new IllegalArgumentException("KeyStore was not initialized");
}
- return new BuilderImpl(keyStore, protectionParameter,
- null, null, null, null);
+ return new BuilderImpl(keyStore, protectionParameter, null, null, null);
}
/**
@@ -887,8 +879,7 @@
throw new IllegalArgumentException("Not a regular file: " + file.getName());
}
// create new instance
- return new BuilderImpl(null, protectionParameter, file,
- type, provider, AccessController.getContext());
+ return new BuilderImpl(null, protectionParameter, file, type, provider);
}
/**
@@ -926,8 +917,7 @@
if (protectionParameter == null) {
throw new NullPointerException("protectionParameter == null");
}
- return new BuilderImpl(null, protectionParameter, null,
- type, provider, AccessController.getContext());
+ return new BuilderImpl(null, protectionParameter, null, type, provider);
}
/*
@@ -958,16 +948,13 @@
// Store last Exception in getKeyStore()
private KeyStoreException lastException;
- // Store AccessControlContext which is used in getKeyStore() method
- private final AccessControlContext accControlContext;
-
/**
* Constructor BuilderImpl initializes private fields: keyStore,
* protParameter, typeForKeyStore providerForKeyStore fileForLoad,
* isGetKeyStore
*/
BuilderImpl(KeyStore ks, ProtectionParameter pp, File file,
- String type, Provider provider, AccessControlContext context) {
+ String type, Provider provider) {
super();
keyStore = ks;
protParameter = pp;
@@ -976,7 +963,6 @@
providerForKeyStore = provider;
isGetKeyStore = false;
lastException = null;
- accControlContext = context;
}
/**
@@ -1009,15 +995,13 @@
}
try {
- final KeyStore ks;
- final char[] passwd;
-
// get KeyStore instance using type or type and provider
- ks = (providerForKeyStore == null ? KeyStore
+ final KeyStore ks = (providerForKeyStore == null ? KeyStore
.getInstance(typeForKeyStore) : KeyStore
.getInstance(typeForKeyStore, providerForKeyStore));
// protection parameter should be PasswordProtection
// or CallbackHandlerProtection
+ final char[] passwd;
if (protParameter instanceof PasswordProtection) {
passwd = ((PasswordProtection) protParameter)
.getPassword();
@@ -1030,25 +1014,17 @@
}
// load KeyStore from file
- AccessController.doPrivileged(
- new PrivilegedExceptionAction<Object>() {
- public Object run() throws Exception {
- if (fileForLoad != null) {
- FileInputStream fis = null;
- try {
- fis = new FileInputStream(fileForLoad);
- ks.load(fis, passwd);
- } finally {
- IoUtils.closeQuietly(fis);
- }
- } else {
- ks.load(new TmpLSParameter(
- protParameter));
- }
- return null;
- }
- }, accControlContext);
-
+ if (fileForLoad != null) {
+ FileInputStream fis = null;
+ try {
+ fis = new FileInputStream(fileForLoad);
+ ks.load(fis, passwd);
+ } finally {
+ IoUtils.closeQuietly(fis);
+ }
+ } else {
+ ks.load(new TmpLSParameter(protParameter));
+ }
isGetKeyStore = true;
return ks;
diff --git a/luni/src/main/java/java/security/Permission.java b/luni/src/main/java/java/security/Permission.java
index 60a5c7e..044c01f 100644
--- a/luni/src/main/java/java/security/Permission.java
+++ b/luni/src/main/java/java/security/Permission.java
@@ -20,10 +20,7 @@
import java.io.Serializable;
/**
- * {@code Permission} is the common base class of all permissions that
- * participate in the access control security framework around
- * {@link AccessController} and {@link AccessControlContext}. A permission
- * constitutes of a name and associated actions.
+ * Legacy security code; this class exists for compatibility only.
*/
public abstract class Permission implements Guard, Serializable {
@@ -81,8 +78,6 @@
/**
* Indicates whether the specified permission is implied by this permission.
- * The {@link AccessController} uses this method to check whether permission
- * protected access is allowed with the present policy.
*
* @param permission
* the permission to check against this permission.
@@ -111,23 +106,9 @@
}
/**
- * Invokes {@link SecurityManager#checkPermission(Permission)} with this
- * permission as its argument. This method implements the {@link Guard}
- * interface.
- *
- * @param obj
- * as specified in {@link Guard#checkGuard(Object)} but ignored
- * in this implementation.
- * @throws SecurityException
- * if this permission is not granted.
- * @see Guard
- * @see SecurityManager#checkPermission(Permission)
+ * Does nothing.
*/
public void checkGuard(Object obj) throws SecurityException {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(this);
- }
}
/**
diff --git a/luni/src/main/java/java/security/Policy.java b/luni/src/main/java/java/security/Policy.java
index 8a5934d..b2887a3 100644
--- a/luni/src/main/java/java/security/Policy.java
+++ b/luni/src/main/java/java/security/Policy.java
@@ -108,9 +108,6 @@
* @throws NoSuchAlgorithmException
* if no Provider supports a PolicySpi implementation for the
* specified type.
- * @throws SecurityException
- * if the caller does not have permission to get a Policy
- * instance for the specified type.
* @throws NullPointerException
* if the specified type is null.
* @throws IllegalArgumentException
@@ -119,8 +116,6 @@
*/
public static Policy getInstance(String type, Policy.Parameters params)
throws NoSuchAlgorithmException {
- checkSecurityPermission(new SecurityPermission(CREATE_POLICY + type));
-
if (type == null) {
throw new NullPointerException();
}
@@ -159,9 +154,6 @@
* @throws NoSuchAlgorithmException
* if the specified provider does not support a PolicySpi
* implementation for the specified type.
- * @throws SecurityException
- * if the caller does not have permission to get a Policy
- * instance for the specified type.
* @throws NullPointerException
* if the specified type is null.
* @throws IllegalArgumentException
@@ -175,7 +167,6 @@
if ((provider == null) || provider.isEmpty()) {
throw new IllegalArgumentException("Provider is null or empty string");
}
- checkSecurityPermission(new SecurityPermission(CREATE_POLICY + type));
Provider impProvider = Security.getProvider(provider);
if (impProvider == null) {
@@ -210,27 +201,15 @@
* implementation from the specified Provider.
* @throws NullPointerException
* if the specified type is null.
- * @throws SecurityException
- * if the caller does not have permission to get a Policy
- * instance for the specified type.
*/
public static Policy getInstance(String type, Policy.Parameters params,
Provider provider) throws NoSuchAlgorithmException {
if (provider == null) {
throw new IllegalArgumentException("provider == null");
}
- checkSecurityPermission(new SecurityPermission(CREATE_POLICY + type));
-
return getInstanceImpl(type, params, provider);
}
- private static void checkSecurityPermission(SecurityPermission permission) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(permission);
- }
- }
-
private static Policy getInstanceImpl(String type, Policy.Parameters params, Provider provider)
throws NoSuchAlgorithmException {
if (type == null) {
@@ -442,18 +421,10 @@
* Returns the current system security policy. If no policy has been
* instantiated then this is done using the security property {@code
* "policy.provider"}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code getPolicy} to be granted, otherwise
- * a {@code SecurityException} will be thrown.
*
* @return the current system security policy.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public static Policy getPolicy() {
- checkSecurityPermission(GET_POLICY);
return getAccessiblePolicy();
}
@@ -462,34 +433,18 @@
// In case of any error, including undefined provider name,
// returns new instance of org.apache.harmony.security.FilePolicy provider.
private static Policy getDefaultProvider() {
- final String defaultClass = AccessController
- .doPrivileged(new PolicyUtils.SecurityPropertyAccessor(
- POLICY_PROVIDER));
+ final String defaultClass = Security.getProperty(POLICY_PROVIDER);
if (defaultClass == null) {
- // TODO log warning
- // System.err.println("No policy provider specified. Loading the "
- // + DefaultPolicy.class.getName());
return new DefaultPolicy();
}
// TODO accurate classloading
- return AccessController.doPrivileged(new PrivilegedAction<Policy>() {
-
- public Policy run() {
- try {
- return (Policy) Class.forName(defaultClass, true,
- ClassLoader.getSystemClassLoader()).newInstance();
- } catch (Exception e) {
- //TODO log error
- //System.err.println("Error loading policy provider <"
- // + defaultClass + "> : " + e
- // + "\nSwitching to the default "
- // + DefaultPolicy.class.getName());
- return new DefaultPolicy();
- }
- }
- });
-
+ try {
+ return (Policy) Class.forName(defaultClass, true,
+ ClassLoader.getSystemClassLoader()).newInstance();
+ } catch (Exception e) {
+ return new DefaultPolicy();
+ }
}
/**
@@ -518,19 +473,10 @@
/**
* Sets the system wide policy.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code setPolicy} to be granted, otherwise
- * a {@code SecurityException} will be thrown.
- *
* @param policy
* the {@code Policy} to set.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public static void setPolicy(Policy policy) {
- checkSecurityPermission(SET_POLICY);
synchronized (Policy.class) {
activePolicy = policy;
}
diff --git a/luni/src/main/java/java/security/PrivilegedAction.java b/luni/src/main/java/java/security/PrivilegedAction.java
index 1dbbe65..d635f58 100644
--- a/luni/src/main/java/java/security/PrivilegedAction.java
+++ b/luni/src/main/java/java/security/PrivilegedAction.java
@@ -18,20 +18,11 @@
package java.security;
/**
- * {@code PrivilegedAction} represents an action that can be executed privileged
- * regarding access control. Instances of {@code PrivilegedAction} can be
- * executed on {@code AccessController.doPrivileged()}.
- *
- * @see AccessController
- * @see AccessController#doPrivileged(PrivilegedAction)
- * @see AccessController#doPrivileged(PrivilegedAction, AccessControlContext)
- * @see PrivilegedExceptionAction
+ * Legacy security code; this class exists for compatibility only.
*/
public interface PrivilegedAction<T> {
/**
* Returns the result of running the action.
- *
- * @return the result of running the action.
*/
public T run();
}
diff --git a/luni/src/main/java/java/security/PrivilegedActionException.java b/luni/src/main/java/java/security/PrivilegedActionException.java
index 7965469..e470ebf 100644
--- a/luni/src/main/java/java/security/PrivilegedActionException.java
+++ b/luni/src/main/java/java/security/PrivilegedActionException.java
@@ -18,21 +18,7 @@
package java.security;
/**
- * {@code PrivilegedActionException} wraps exceptions which are thrown from
- * within privileged operations.
- * <p>
- * Privileged actions which can throw exceptions are of type {@code
- * PrivilegedExceptionAction} and are thrown by
- * <ul>
- * {@code AccessController#doPrivileged(PrivilegedExceptionAction)}<br>
- * {@code AccessController#doPrivileged(PrivilegedExceptionAction,
- * AccessControlContext)} </br>
- * </ul>
- *
- * @see PrivilegedExceptionAction
- * @see AccessController#doPrivileged(PrivilegedExceptionAction)
- * @see AccessController#doPrivileged(PrivilegedExceptionAction,
- * AccessControlContext)
+ * Legacy security code; this class exists for compatibility only.
*/
public class PrivilegedActionException extends Exception {
diff --git a/luni/src/main/java/java/security/PrivilegedExceptionAction.java b/luni/src/main/java/java/security/PrivilegedExceptionAction.java
index bc072d5..a9496ad 100644
--- a/luni/src/main/java/java/security/PrivilegedExceptionAction.java
+++ b/luni/src/main/java/java/security/PrivilegedExceptionAction.java
@@ -18,23 +18,11 @@
package java.security;
/**
- * {@code PrivilegedAction} represents an action, that can be executed
- * privileged regarding access control. Instances of {@code PrivilegedAction}
- * can be executed invoking {@code AccessController.doPrivileged()}.
- *
- * @see AccessController
- * @see AccessController#doPrivileged(PrivilegedExceptionAction)
- * @see AccessController#doPrivileged(PrivilegedExceptionAction,
- * AccessControlContext)
- * @see PrivilegedAction
+ * Legacy security code; this class exists for compatibility only.
*/
public interface PrivilegedExceptionAction<T> {
/**
* Returns the result of running the action.
- *
- * @return the result of running the action
- * @throws Exception
- * if an exception occurred.
*/
T run() throws Exception;
}
diff --git a/luni/src/main/java/java/security/Provider.java b/luni/src/main/java/java/security/Provider.java
index 59cbbf5..60060ff 100644
--- a/luni/src/main/java/java/security/Provider.java
+++ b/luni/src/main/java/java/security/Provider.java
@@ -149,22 +149,9 @@
/**
* Clears all properties used to look up services implemented by this
* {@code Provider}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code clearProviderProperties.NAME}
- * (where NAME is the provider name) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
- *
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
@Override
public synchronized void clear() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("clearProviderProperties." + name);
- }
super.clear();
if (serviceTable != null) {
serviceTable.clear();
@@ -198,29 +185,11 @@
/**
* Copies all from the provided map to this {@code Provider}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code putProviderProperty.NAME} (where
- * NAME is the provider name) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
- *
* @param t
* the mappings to copy to this provider.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
@Override
public synchronized void putAll(Map<?,?> t) {
-
- // Implementation note:
- // checkSecurityAccess method call is NOT specified
- // Do it as in put(Object key, Object value).
-
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("putProviderProperty." + name);
- }
myPutAll(t);
}
@@ -269,11 +238,6 @@
/**
* Maps the specified {@code key} property name to the specified {@code
* value}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code putProviderProperty.NAME} (where
- * NAME is the provider name) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
*
* @param key
* the name of the property.
@@ -281,16 +245,9 @@
* the value of the property.
* @return the value that was previously mapped to the specified {@code key}
* ,or {@code null} if it did not have one.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
@Override
public synchronized Object put(Object key, Object value) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("putProviderProperty." + name);
- }
if (key instanceof String && ((String) key).startsWith("Provider.")) {
// Provider service type is reserved
return null;
@@ -312,26 +269,14 @@
/**
* Removes the specified {@code key} and its associated value from this
* {@code Provider}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code removeProviderProperty.NAME} (where
- * NAME is the provider name) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
*
* @param key
* the name of the property
* @return the value that was mapped to the specified {@code key} ,or
* {@code null} if no mapping was present
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have the permission to invoke this method.
*/
@Override
public synchronized Object remove(Object key) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("removeProviderProperty." + name);
- }
if (key instanceof String && ((String) key).startsWith("Provider.")) {
// Provider service type is reserved
return null;
@@ -527,26 +472,14 @@
/**
* Adds a {@code Service} to this {@code Provider}. If a service with the
* same name was registered via this method, it is replace.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code putProviderProperty.NAME} (where
- * NAME is the provider name) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
*
* @param s
* the {@code Service} to register
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method
*/
protected synchronized void putService(Provider.Service s) {
if (s == null) {
throw new NullPointerException();
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("putProviderProperty." + name);
- }
if ("Provider".equals(s.getType())) { // Provider service type cannot be added
return;
}
@@ -569,17 +502,9 @@
/**
* Removes a previously registered {@code Service} from this {@code
* Provider}.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code removeProviderProperty.NAME} (where
- * NAME is the provider name) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
*
* @param s
* the {@code Service} to remove
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method
* @throws NullPointerException
* if {@code s} is {@code null}
*/
@@ -587,10 +512,6 @@
if (s == null) {
throw new NullPointerException();
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("removeProviderProperty." + name);
- }
servicesChanged();
if (serviceTable != null) {
serviceTable.remove(s.type, s.algorithm.toUpperCase(Locale.US));
@@ -1067,31 +988,17 @@
* if the implementation does not support the specified
* {@code constructorParameter}.
*/
- public Object newInstance(Object constructorParameter)
- throws NoSuchAlgorithmException {
+ public Object newInstance(Object constructorParameter) throws NoSuchAlgorithmException {
if (implementation == null || !className.equals(lastClassName)) {
- NoSuchAlgorithmException result = AccessController
- .doPrivileged(new PrivilegedAction<NoSuchAlgorithmException>() {
- public NoSuchAlgorithmException run() {
- ClassLoader cl = provider.getClass()
- .getClassLoader();
- if (cl == null) {
- cl = ClassLoader.getSystemClassLoader();
- }
- try {
- implementation = Class.forName(className,
- true, cl);
- } catch (Exception e) {
- return new NoSuchAlgorithmException(
- type + " " + algorithm
- + " implementation not found: " + e);
- }
- lastClassName = className;
- return null;
- }
- });
- if (result != null) {
- throw result;
+ ClassLoader cl = provider.getClass().getClassLoader();
+ if (cl == null) {
+ cl = ClassLoader.getSystemClassLoader();
+ }
+ try {
+ implementation = Class.forName(className, true, cl);
+ lastClassName = className;
+ } catch (Exception e) {
+ throw new NoSuchAlgorithmException(type + " " + algorithm + " implementation not found: " + e);
}
}
if (constructorParameter == null) {
diff --git a/luni/src/main/java/java/security/Security.java b/luni/src/main/java/java/security/Security.java
index 17bc4f3..db28264 100644
--- a/luni/src/main/java/java/security/Security.java
+++ b/luni/src/main/java/java/security/Security.java
@@ -50,70 +50,20 @@
// - load statically registered providers
// - if no provider description file found then load default providers
static {
- AccessController.doPrivileged(new java.security.PrivilegedAction<Void>() {
- public Void run() {
- boolean loaded = false;
-
- // BEGIN android-added
- /*
- * Android only uses a local "security.properties" resource
- * for configuration. TODO: Reevaluate this decision.
- */
- try {
- InputStream configStream =
- getClass().getResourceAsStream("security.properties");
- InputStream input = new BufferedInputStream(configStream);
- secprops.load(input);
- loaded = true;
- configStream.close();
- } catch (Exception ex) {
- Logger.global.log(Level.SEVERE,
- "Could not load Security properties.", ex);
- }
- // END android-added
-
- // BEGIN android-removed
-// if (Util.equalsIgnoreCase("true", secprops.getProperty("security.allowCustomPropertiesFile", "true"))) {
-// String securityFile = System.getProperty("java.security.properties");
-// if (securityFile != null) {
-// if (securityFile.startsWith("=")) { // overwrite
-// secprops = new Properties();
-// loaded = false;
-// securityFile = securityFile.substring(1);
-// }
-// try {
-// securityFile = PolicyUtils.expand(securityFile, System.getProperties());
-// } catch (PolicyUtils.ExpansionFailedException e) {
-//// System.err.println("Could not load custom Security properties file "
-//// + securityFile +": " + e);
-// }
-// f = new File(securityFile);
-// InputStream is;
-// try {
-// if (f.exists()) {
-// FileInputStream fis = new FileInputStream(f);
-// is = new BufferedInputStream(fis);
-// } else {
-// URL url = new URL(securityFile);
-// is = new BufferedInputStream(url.openStream());
-// }
-// secprops.load(is);
-// loaded = true;
-// is.close();
-// } catch (IOException e) {
-// // System.err.println("Could not load custom Security properties file "
-// // + securityFile +": " + e);
-// }
-// }
-// }
- // END android-removed
- if (!loaded) {
- registerDefaultProviders();
- }
- Engine.door = new SecurityDoor();
- return null;
- }
- });
+ boolean loaded = false;
+ try {
+ InputStream configStream = Security.class.getResourceAsStream("security.properties");
+ InputStream input = new BufferedInputStream(configStream);
+ secprops.load(input);
+ loaded = true;
+ configStream.close();
+ } catch (Exception ex) {
+ Logger.global.log(Level.SEVERE, "Could not load Security properties.", ex);
+ }
+ if (!loaded) {
+ registerDefaultProviders();
+ }
+ Engine.door = new SecurityDoor();
}
/**
@@ -164,11 +114,6 @@
* Insert the given {@code Provider} at the specified {@code position}. The
* positions define the preference order in which providers are searched for
* requested algorithms.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code insertProvider.NAME} (where NAME is
- * the provider name) to be granted, otherwise a {@code SecurityException}
- * will be thrown.
*
* @param provider
* the provider to insert.
@@ -177,20 +122,12 @@
* @return the actual position or {@code -1} if the given {@code provider}
* was already in the list. The actual position may be different
* from the desired position.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
- public static synchronized int insertProviderAt(Provider provider,
- int position) {
- // check security access; check that provider is not already
+ public static synchronized int insertProviderAt(Provider provider, int position) {
+ // check that provider is not already
// installed, else return -1; if (position <1) or (position > max
// position) position = max position + 1; insert provider, shift up
// one position for next providers; Note: The position is 1-based
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("insertProvider." + provider.getName());
- }
if (getProvider(provider.getName()) != null) {
return -1;
}
@@ -202,19 +139,11 @@
/**
* Adds the given {@code provider} to the collection of providers at the
* next available position.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code insertProvider.NAME} (where NAME is
- * the provider name) to be granted, otherwise a {@code SecurityException}
- * will be thrown.
*
* @param provider
* the provider to be added.
* @return the actual position or {@code -1} if the given {@code provider}
* was already in the list.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public static int addProvider(Provider provider) {
return insertProviderAt(provider, 0);
@@ -225,20 +154,12 @@
* of providers. If the the {@code Provider} with the specified name is
* removed, all provider at a greater position are shifted down one
* position.
- * <p>
- * Returns silently if {@code name} is {@code null} or no provider with the
+ *
+ * <p>Returns silently if {@code name} is {@code null} or no provider with the
* specified name is installed.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code removeProvider.NAME} (where NAME is
- * the provider name) to be granted, otherwise a {@code SecurityException}
- * will be thrown.
*
* @param name
* the name of the provider to remove.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public static synchronized void removeProvider(String name) {
// It is not clear from spec.:
@@ -255,10 +176,6 @@
if (p == null) {
return;
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("removeProvider." + name);
- }
Services.removeProvider(p.getProviderNumber());
renumProviders();
p.setProviderNumber(-1);
@@ -414,27 +331,15 @@
/**
* Returns the value of the security property named by the argument.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code getProperty.KEY} (where KEY is the
- * specified {@code key}) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
*
* @param key
* the name of the requested security property.
* @return the value of the security property.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public static String getProperty(String key) {
if (key == null) {
throw new NullPointerException("key == null");
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("getProperty." + key);
- }
String property = secprops.getProperty(key);
if (property != null) {
property = property.trim();
@@ -444,26 +349,9 @@
/**
* Sets the value of the specified security property.
- * <p>
- * If a {@code SecurityManager} is installed, code calling this method needs
- * the {@code SecurityPermission} {@code setProperty.KEY} (where KEY is the
- * specified {@code key}) to be granted, otherwise a {@code
- * SecurityException} will be thrown.
- *
- * @param key
- * the name of the security property.
- * @param datnum
- * the value of the security property.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
- public static void setProperty(String key, String datnum) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("setProperty." + key);
- }
- secprops.put(key, datnum);
+ public static void setProperty(String key, String value) {
+ secprops.put(key, value);
}
/**
diff --git a/luni/src/main/java/java/security/Signer.java b/luni/src/main/java/java/security/Signer.java
index 58f8c04..f1f2383 100644
--- a/luni/src/main/java/java/security/Signer.java
+++ b/luni/src/main/java/java/security/Signer.java
@@ -73,16 +73,8 @@
* a {@code SecurityException} will be thrown.
*
* @return the private key of this {@code Signer}.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public PrivateKey getPrivateKey() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("getSignerPrivateKey");
- }
-
return privateKey;
}
@@ -98,9 +90,6 @@
* if the key pair is invalid.
* @throws KeyException
* if any other key related problem occurs.
- * @throws SecurityException
- * if a {@code SecurityManager} is installed and the caller does
- * not have permission to invoke this method.
*/
public final void setKeyPair(KeyPair pair)
throws InvalidParameterException, KeyException {
@@ -112,20 +101,11 @@
if ((pair.getPrivate() == null) || (pair.getPublic() == null)) {
throw new InvalidParameterException();
}
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkSecurityAccess("setSignerKeyPair");
- }
final PublicKey pk = pair.getPublic();
try {
- AccessController.doPrivileged(new PrivilegedExceptionAction<Void>() {
- public Void run() throws KeyManagementException {
- setPublicKey(pk);
- return null;
- }
- });
- } catch (PrivilegedActionException e) {
- throw new KeyException(e.getException());
+ setPublicKey(pk);
+ } catch (KeyManagementException ex) {
+ throw new KeyException(ex);
}
this.privateKey = pair.getPrivate();
}
diff --git a/luni/src/main/java/java/security/cert/CertPathBuilder.java b/luni/src/main/java/java/security/cert/CertPathBuilder.java
index c2164db..aa65fe7 100644
--- a/luni/src/main/java/java/security/cert/CertPathBuilder.java
+++ b/luni/src/main/java/java/security/cert/CertPathBuilder.java
@@ -17,7 +17,6 @@
package java.security.cert;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -193,12 +192,7 @@
* determined.
*/
public static final String getDefaultType() {
- String defaultType = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return Security.getProperty(PROPERTYNAME);
- }
- });
+ String defaultType = Security.getProperty(PROPERTYNAME);
return (defaultType != null ? defaultType : DEFAULTPROPERTY);
}
}
diff --git a/luni/src/main/java/java/security/cert/CertPathValidator.java b/luni/src/main/java/java/security/cert/CertPathValidator.java
index 49d2408..69b9f99 100644
--- a/luni/src/main/java/java/security/cert/CertPathValidator.java
+++ b/luni/src/main/java/java/security/cert/CertPathValidator.java
@@ -17,7 +17,6 @@
package java.security.cert;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -200,12 +199,7 @@
* determined.
*/
public static final String getDefaultType() {
- String defaultType = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return Security.getProperty(PROPERTYNAME);
- }
- });
+ String defaultType = Security.getProperty(PROPERTYNAME);
return (defaultType != null ? defaultType : DEFAULTPROPERTY);
}
}
diff --git a/luni/src/main/java/java/security/cert/CertStore.java b/luni/src/main/java/java/security/cert/CertStore.java
index a8cbfee..6cdaea7 100644
--- a/luni/src/main/java/java/security/cert/CertStore.java
+++ b/luni/src/main/java/java/security/cert/CertStore.java
@@ -17,7 +17,6 @@
package java.security.cert;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -267,12 +266,7 @@
* determined.
*/
public static final String getDefaultType() {
- String defaultType = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return Security.getProperty(PROPERTYNAME);
- }
- });
+ String defaultType = Security.getProperty(PROPERTYNAME);
return (defaultType == null ? DEFAULTPROPERTY : defaultType);
}
}
diff --git a/luni/src/main/java/java/security/package.html b/luni/src/main/java/java/security/package.html
index 4c5e2b4..b2e7e08 100644
--- a/luni/src/main/java/java/security/package.html
+++ b/luni/src/main/java/java/security/package.html
@@ -4,32 +4,9 @@
</head>
<html>
<body>
-<p>This package provides all the classes and interfaces that
-constitute the Java security framework. The content of this package can
-be divided into two parts:
-
-<ul>
- <li>Classes implementing the access control infrastructure.
- <p>The central class is <i>java.security.AccessController</i>
- which checks if code, invoking sensitive resources, was granted the required
- permissions.
- <p>The class loader (<i>java.security.SecureClassLoader</i>) associates classes
- with a protection domain (<i>java.security.ProtectionDomain</i>) which consists of a
- code source (<i>java.security.CodeSource</i>) and the granted permissions
- (<i>java.security.Permission</i>). The policy, defined through <i>java.security.Policy</i>, defines
- which permissions are granted to classes loaded from a code source ( class
- <i>java.security.CodeSource</i>).
- <li>Classes and interfaces for the extensible cryptographic
- <i>service provider infrastructure</i> (<b>SPI</b>) such as abstractions for certificates,
- signatures, private and public keys. Also abstractions for the algorithms
- they utilize are provided in this package.
- <p>Security providers, as defined in <i>java.security.Providers</i>, can be
- registered to provide
- different implementations for a variety of security infrastructure,
- such as key stores. Therefore the corresponding
- service provider interface (i.e. <i>java.security.KeyStoreSpi</i>) must be
- implemented.
-</ul>
+<p>This package is for compatibility
+with legacy code only, and should not be used or expected to do
+anything useful.
</p>
</body>
</html>
diff --git a/luni/src/main/java/java/sql/DriverManager.java b/luni/src/main/java/java/sql/DriverManager.java
index 77fe43f..fbda008 100644
--- a/luni/src/main/java/java/sql/DriverManager.java
+++ b/luni/src/main/java/java/sql/DriverManager.java
@@ -20,14 +20,12 @@
import dalvik.system.VMStack;
import java.io.PrintStream;
import java.io.PrintWriter;
-import java.security.AccessController;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Vector;
-import org.apache.harmony.luni.util.PriviAction;
/**
* Provides facilities for managing JDBC drivers.
@@ -70,9 +68,7 @@
* it is defined.
*/
private static void loadInitialDrivers() {
- String theDriverList = AccessController
- .doPrivileged(new PriviAction<String>("jdbc.drivers", null));
-
+ String theDriverList = System.getProperty("jdbc.drivers", null);
if (theDriverList == null) {
return;
}
@@ -378,7 +374,6 @@
*/
@Deprecated
public static void setLogStream(PrintStream out) {
- checkLogSecurity();
thePrintStream = out;
}
@@ -390,22 +385,9 @@
* the {@code PrintWriter} to be used.
*/
public static void setLogWriter(PrintWriter out) {
- checkLogSecurity();
thePrintWriter = out;
}
- /*
- * Method which checks to see if setting a logging stream is allowed by the
- * Security manager
- */
- private static void checkLogSecurity() {
- SecurityManager securityManager = System.getSecurityManager();
- if (securityManager != null) {
- // Throws a SecurityException if setting the log is not permitted
- securityManager.checkPermission(logPermission);
- }
- }
-
/**
* Determines whether the supplied object was loaded by the given {@code ClassLoader}.
*
diff --git a/luni/src/main/java/java/util/Currency.java b/luni/src/main/java/java/util/Currency.java
index 8ea8a96..0275e32 100644
--- a/luni/src/main/java/java/util/Currency.java
+++ b/luni/src/main/java/java/util/Currency.java
@@ -18,8 +18,6 @@
package java.util;
import java.io.Serializable;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import libcore.icu.ICU;
import libcore.icu.LocaleData;
@@ -36,14 +34,11 @@
private final String currencyCode;
- // BEGIN android-added
// TODO: this isn't set if we're restored from serialized form,
// so getDefaultFractionDigits always returns 0!
private transient int defaultFractionDigits;
- // END android-added
private Currency(String currencyCode) {
- // BEGIN android-changed
this.currencyCode = currencyCode;
// In some places the code XXX is used as the fall back currency.
@@ -66,7 +61,6 @@
// locale's currency.
throw badCurrency(currencyCode);
}
- // END android-changed
}
private IllegalArgumentException badCurrency(String currencyCode) {
@@ -87,14 +81,12 @@
* code.
*/
public static Currency getInstance(String currencyCode) {
- // BEGIN android-changed
Currency currency = codesToCurrencies.get(currencyCode);
if (currency == null) {
currency = new Currency(currencyCode);
codesToCurrencies.put(currencyCode, currency);
}
return currency;
- // END android-changed
}
/**
@@ -108,7 +100,6 @@
* if the locale's country is not a supported ISO 3166 Country.
*/
public static Currency getInstance(Locale locale) {
- // BEGIN android-changed
Currency currency = localesToCurrencies.get(locale);
if (currency != null) {
return currency;
@@ -129,7 +120,6 @@
Currency result = getInstance(currencyCode);
localesToCurrencies.put(locale, result);
return result;
- // END android-changed
}
/**
@@ -183,16 +173,11 @@
* @return the default number of fraction digits for this currency.
*/
public int getDefaultFractionDigits() {
- // BEGIN android-changed
- // return com.ibm.icu.util.Currency.getInstance(currencyCode).getDefaultFractionDigits();
return defaultFractionDigits;
- // END android-changed
}
/**
* Returns this currency's ISO 4217 currency code.
- *
- * @return this currency's ISO 4217 currency code.
*/
@Override
public String toString() {
@@ -202,14 +187,4 @@
private Object readResolve() {
return getInstance(currencyCode);
}
-
- // TODO: remove this in favor of direct access (and no ResourceBundle cruft).
- private static ResourceBundle getCurrencyBundle(final Locale locale) {
- return AccessController.doPrivileged(new PrivilegedAction<ResourceBundle>() {
- public ResourceBundle run() {
- String bundle = "org.apache.harmony.luni.internal.locale.Currency";
- return ResourceBundle.getBundle(bundle, locale);
- }
- });
- }
}
diff --git a/luni/src/main/java/java/util/Formatter.java b/luni/src/main/java/java/util/Formatter.java
index 6825420..84b71d5 100644
--- a/luni/src/main/java/java/util/Formatter.java
+++ b/luni/src/main/java/java/util/Formatter.java
@@ -30,8 +30,6 @@
import java.math.BigInteger;
import java.math.MathContext;
import java.nio.charset.Charset;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import libcore.icu.LocaleData;
import libcore.icu.NativeDecimalFormat;
import libcore.io.IoUtils;
@@ -677,9 +675,6 @@
* if the filename does not denote a normal and writable file,
* or if a new file cannot be created, or if any error arises when
* opening or creating the file.
- * @throws SecurityException
- * if there is a {@code SecurityManager} in place which denies permission
- * to write to the file in {@code checkWrite(file.getPath())}.
*/
public Formatter(String fileName) throws FileNotFoundException {
this(new File(fileName));
@@ -703,9 +698,6 @@
* if the filename does not denote a normal and writable file,
* or if a new file cannot be created, or if any error arises when
* opening or creating the file.
- * @throws SecurityException
- * if there is a {@code SecurityManager} in place which denies permission
- * to write to the file in {@code checkWrite(file.getPath())}.
* @throws UnsupportedEncodingException
* if the charset with the specified name is not supported.
*/
@@ -732,9 +724,6 @@
* if the filename does not denote a normal and writable file,
* or if a new file cannot be created, or if any error arises when
* opening or creating the file.
- * @throws SecurityException
- * if there is a {@code SecurityManager} in place which denies permission
- * to write to the file in {@code checkWrite(file.getPath())}.
* @throws UnsupportedEncodingException
* if the charset with the specified name is not supported.
*/
@@ -761,9 +750,6 @@
* if the {@code File} is not a normal and writable {@code File}, or if a
* new {@code File} cannot be created, or if any error rises when opening or
* creating the {@code File}.
- * @throws SecurityException
- * if there is a {@code SecurityManager} in place which denies permission
- * to write to the {@code File} in {@code checkWrite(file.getPath())}.
*/
public Formatter(File file) throws FileNotFoundException {
this(new FileOutputStream(file));
@@ -787,9 +773,6 @@
* if the {@code File} is not a normal and writable {@code File}, or if a
* new {@code File} cannot be created, or if any error rises when opening or
* creating the {@code File}.
- * @throws SecurityException
- * if there is a {@code SecurityManager} in place which denies permission
- * to write to the {@code File} in {@code checkWrite(file.getPath())}.
* @throws UnsupportedEncodingException
* if the charset with the specified name is not supported.
*/
@@ -816,9 +799,6 @@
* if the {@code File} is not a normal and writable {@code File}, or if a
* new {@code File} cannot be created, or if any error rises when opening or
* creating the {@code File}.
- * @throws SecurityException
- * if there is a {@code SecurityManager} in place which denies permission
- * to write to the {@code File} in {@code checkWrite(file.getPath())}.
* @throws UnsupportedEncodingException
* if the charset with the specified name is not supported.
*/
@@ -1632,11 +1612,7 @@
private CharSequence transformFromLineSeparator() {
if (lineSeparator == null) {
- lineSeparator = AccessController.doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- return System.getProperty("line.separator");
- }
- });
+ lineSeparator = System.getProperty("line.separator");
}
return lineSeparator;
}
diff --git a/luni/src/main/java/java/util/Locale.java b/luni/src/main/java/java/util/Locale.java
index 6ddd77e..b022e1c 100644
--- a/luni/src/main/java/java/util/Locale.java
+++ b/luni/src/main/java/java/util/Locale.java
@@ -22,9 +22,7 @@
import java.io.ObjectOutputStream;
import java.io.ObjectStreamField;
import java.io.Serializable;
-import java.security.AccessController;
import libcore.icu.ICU;
-import org.apache.harmony.luni.util.PriviAction;
/**
* {@code Locale} represents a language/country/variant combination. Locales are used to
@@ -216,9 +214,9 @@
"user.language", "write");
static {
- String language = AccessController.doPrivileged(new PriviAction<String>("user.language", "en"));
- String region = AccessController.doPrivileged(new PriviAction<String>("user.region", "US"));
- String variant = AccessController.doPrivileged(new PriviAction<String>("user.variant", ""));
+ String language = System.getProperty("user.language", "en");
+ String region = System.getProperty("user.region", "US");
+ String variant = System.getProperty("user.variant", "");
defaultLocale = new Locale(language, region, variant);
}
@@ -566,12 +564,6 @@
if (locale == null) {
throw new NullPointerException();
}
-
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkPermission(setLocalePermission);
- }
-
defaultLocale = locale;
}
diff --git a/luni/src/main/java/java/util/Properties.java b/luni/src/main/java/java/util/Properties.java
index bff7ebc..9df3be6 100644
--- a/luni/src/main/java/java/util/Properties.java
+++ b/luni/src/main/java/java/util/Properties.java
@@ -31,11 +31,9 @@
import java.nio.charset.Charset;
import java.nio.charset.IllegalCharsetNameException;
import java.nio.charset.UnsupportedCharsetException;
-import java.security.AccessController;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
-import org.apache.harmony.luni.util.PriviAction;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
@@ -557,7 +555,7 @@
*/
public synchronized void store(Writer writer, String comment) throws IOException {
if (lineSeparator == null) {
- lineSeparator = AccessController.doPrivileged(new PriviAction<String>("line.separator"));
+ lineSeparator = System.getProperty("line.separator");
}
if (comment != null) {
diff --git a/luni/src/main/java/java/util/ResourceBundle.java b/luni/src/main/java/java/util/ResourceBundle.java
index 3c4442c..0da5a31 100644
--- a/luni/src/main/java/java/util/ResourceBundle.java
+++ b/luni/src/main/java/java/util/ResourceBundle.java
@@ -24,8 +24,6 @@
import java.io.InputStreamReader;
import java.net.URL;
import java.net.URLConnection;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import libcore.io.IoUtils;
/**
@@ -271,16 +269,11 @@
}
private static ClassLoader getLoader() {
- return AccessController
- .doPrivileged(new PrivilegedAction<ClassLoader>() {
- public ClassLoader run() {
- ClassLoader cl = this.getClass().getClassLoader();
- if (cl == null) {
- cl = ClassLoader.getSystemClassLoader();
- }
- return cl;
- }
- });
+ ClassLoader cl = ResourceBundle.class.getClassLoader();
+ if (cl == null) {
+ cl = ClassLoader.getSystemClassLoader();
+ }
+ return cl;
}
/**
@@ -885,24 +878,16 @@
if (format == null || loader == null) {
throw new NullPointerException();
}
- InputStream streams = null;
final String bundleName = toBundleName(baseName, locale);
final ClassLoader clsloader = loader;
ResourceBundle ret;
- Class<?> cls = null;
if (JAVACLASS == format) {
- cls = AccessController
- .doPrivileged(new PrivilegedAction<Class<?>>() {
- public Class<?> run() {
- try {
- return clsloader.loadClass(bundleName);
- } catch (Exception e) {
- return null;
- } catch (NoClassDefFoundError e) {
- return null;
- }
- }
- });
+ Class<?> cls = null;
+ try {
+ cls = clsloader.loadClass(bundleName);
+ } catch (Exception e) {
+ } catch (NoClassDefFoundError e) {
+ }
if (cls == null) {
return null;
}
@@ -915,8 +900,8 @@
}
}
if (JAVAPROPERTIES == format) {
- final String resourceName = toResourceName(bundleName,
- "properties");
+ InputStream streams = null;
+ final String resourceName = toResourceName(bundleName, "properties");
if (reload) {
URL url = null;
try {
@@ -931,13 +916,7 @@
}
} else {
try {
- streams = AccessController
- .doPrivileged(new PrivilegedAction<InputStream>() {
- public InputStream run() {
- return clsloader
- .getResourceAsStream(resourceName);
- }
- });
+ streams = clsloader.getResourceAsStream(resourceName);
} catch (NullPointerException e) {
// do nothing
}
diff --git a/luni/src/main/java/java/util/ServiceLoader.java b/luni/src/main/java/java/util/ServiceLoader.java
index 8fc232f..beacaab 100644
--- a/luni/src/main/java/java/util/ServiceLoader.java
+++ b/luni/src/main/java/java/util/ServiceLoader.java
@@ -20,8 +20,6 @@
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import libcore.io.IoUtils;
/**
@@ -167,20 +165,16 @@
* @hide
*/
public static <S> S loadFromSystemProperty(final Class<S> service) {
- return AccessController.doPrivileged(new PrivilegedAction<S>() {
- public S run() {
- try {
- final String className = System.getProperty(service.getName());
- if (className != null) {
- Class<?> c = ClassLoader.getSystemClassLoader().loadClass(className);
- return (S) c.newInstance();
- }
- return null;
- } catch (Exception e) {
- throw new Error(e);
- }
+ try {
+ final String className = System.getProperty(service.getName());
+ if (className != null) {
+ Class<?> c = ClassLoader.getSystemClassLoader().loadClass(className);
+ return (S) c.newInstance();
}
- });
+ return null;
+ } catch (Exception e) {
+ throw new Error(e);
+ }
}
@Override
diff --git a/luni/src/main/java/java/util/concurrent/ExecutorService.java b/luni/src/main/java/java/util/concurrent/ExecutorService.java
index ddd77bf..89688e4 100644
--- a/luni/src/main/java/java/util/concurrent/ExecutorService.java
+++ b/luni/src/main/java/java/util/concurrent/ExecutorService.java
@@ -119,14 +119,6 @@
* <p>This method does not wait for previously submitted tasks to
* complete execution. Use {@link #awaitTermination awaitTermination}
* to do that.
- *
- * @throws SecurityException if a security manager exists and
- * shutting down this ExecutorService may manipulate
- * threads that the caller is not permitted to modify
- * because it does not hold {@link
- * java.lang.RuntimePermission}<tt>("modifyThread")</tt>,
- * or the security manager's <tt>checkAccess</tt> method
- * denies access.
*/
void shutdown();
@@ -145,13 +137,6 @@
* task that fails to respond to interrupts may never terminate.
*
* @return list of tasks that never commenced execution
- * @throws SecurityException if a security manager exists and
- * shutting down this ExecutorService may manipulate
- * threads that the caller is not permitted to modify
- * because it does not hold {@link
- * java.lang.RuntimePermission}<tt>("modifyThread")</tt>,
- * or the security manager's <tt>checkAccess</tt> method
- * denies access.
*/
List<Runnable> shutdownNow();
diff --git a/luni/src/main/java/java/util/concurrent/ThreadPoolExecutor.java b/luni/src/main/java/java/util/concurrent/ThreadPoolExecutor.java
index da2c4c5..6622af8 100644
--- a/luni/src/main/java/java/util/concurrent/ThreadPoolExecutor.java
+++ b/luni/src/main/java/java/util/concurrent/ThreadPoolExecutor.java
@@ -75,12 +75,7 @@
* alter the thread's name, thread group, priority, daemon status,
* etc. If a {@code ThreadFactory} fails to create a thread when asked
* by returning null from {@code newThread}, the executor will
- * continue, but might not be able to execute any tasks. Threads
- * should possess the "modifyThread" {@code RuntimePermission}. If
- * worker threads or other threads using the pool do not possess this
- * permission, service may be degraded: configuration changes may not
- * take effect in a timely manner, and a shutdown pool may remain in a
- * state in which termination is possible but not completed.</dd>
+ * continue, but might not be able to execute any tasks.</dd>
*
* <dt>Keep-alive times</dt>
*
diff --git a/luni/src/main/java/java/util/jar/Pack200.java b/luni/src/main/java/java/util/jar/Pack200.java
index 881f53c..0acf241 100644
--- a/luni/src/main/java/java/util/jar/Pack200.java
+++ b/luni/src/main/java/java/util/jar/Pack200.java
@@ -21,8 +21,6 @@
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.SortedMap;
/**
@@ -52,23 +50,14 @@
* @return an instance of {@code Packer}
*/
public static Pack200.Packer newPacker() {
- return (Packer) AccessController
- .doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- String className = System
- .getProperty(SYSTEM_PROPERTY_PACKER,
- "org.apache.harmony.pack200.Pack200PackerAdapter");
- try {
- // TODO Not sure if this will cause problems with
- // loading the packer
- return ClassLoader.getSystemClassLoader()
- .loadClass(className).newInstance();
- } catch (Exception e) {
- throw new Error("Can't load class " + className, e);
- }
- }
- });
-
+ String className = System.getProperty(SYSTEM_PROPERTY_PACKER, "org.apache.harmony.pack200.Pack200PackerAdapter");
+ try {
+ // TODO Not sure if this will cause problems with
+ // loading the packer
+ return (Packer) ClassLoader.getSystemClassLoader().loadClass(className).newInstance();
+ } catch (Exception e) {
+ throw new Error("Can't load class " + className, e);
+ }
}
/**
@@ -82,20 +71,12 @@
* @return a instance of {@code Unpacker}.
*/
public static Pack200.Unpacker newUnpacker() {
- return (Unpacker) AccessController
- .doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- String className = System
- .getProperty(SYSTEM_PROPERTY_UNPACKER,
- "org.apache.harmony.unpack200.Pack200UnpackerAdapter");
- try {
- return ClassLoader.getSystemClassLoader()
- .loadClass(className).newInstance();
- } catch (Exception e) {
- throw new Error("Can't load class " + className, e);
- }
- }
- });
+ String className = System.getProperty(SYSTEM_PROPERTY_UNPACKER, "org.apache.harmony.unpack200.Pack200UnpackerAdapter");
+ try {
+ return (Unpacker) ClassLoader.getSystemClassLoader().loadClass(className).newInstance();
+ } catch (Exception e) {
+ throw new Error("Can't load class " + className, e);
+ }
}
/**
diff --git a/luni/src/main/java/java/util/logging/FileHandler.java b/luni/src/main/java/java/util/logging/FileHandler.java
index 0735911..085c289 100644
--- a/luni/src/main/java/java/util/logging/FileHandler.java
+++ b/luni/src/main/java/java/util/logging/FileHandler.java
@@ -25,8 +25,6 @@
import java.io.OutputStream;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Hashtable;
import libcore.io.IoUtils;
@@ -146,12 +144,6 @@
*
* @throws IOException
* if any I/O error occurs.
- * @throws SecurityException
- * if a security manager exists and it determines that the
- * caller does not have the required permissions to control this
- * handler; required permissions include
- * {@code LogPermission("control")},
- * {@code FilePermission("write")} etc.
*/
public FileHandler() throws IOException {
init(null, null, null, null);
@@ -381,12 +373,6 @@
* the name pattern for the output file.
* @throws IOException
* if any I/O error occurs.
- * @throws SecurityException
- * if a security manager exists and it determines that the
- * caller does not have the required permissions to control this
- * handler; required permissions include
- * {@code LogPermission("control")},
- * {@code FilePermission("write")} etc.
* @throws IllegalArgumentException
* if the pattern is empty.
* @throws NullPointerException
@@ -413,12 +399,6 @@
* the append mode.
* @throws IOException
* if any I/O error occurs.
- * @throws SecurityException
- * if a security manager exists and it determines that the
- * caller does not have the required permissions to control this
- * handler; required permissions include
- * {@code LogPermission("control")},
- * {@code FilePermission("write")} etc.
* @throws IllegalArgumentException
* if {@code pattern} is empty.
* @throws NullPointerException
@@ -449,12 +429,6 @@
* the maximum number of files to use, can not be less than one.
* @throws IOException
* if any I/O error occurs.
- * @throws SecurityException
- * if a security manager exists and it determines that the
- * caller does not have the required permissions to control this
- * handler; required permissions include
- * {@code LogPermission("control")},
- * {@code FilePermission("write")} etc.
* @throws IllegalArgumentException
* if {@code pattern} is empty, {@code limit < 0} or
* {@code count < 1}.
@@ -491,12 +465,6 @@
* the append mode.
* @throws IOException
* if any I/O error occurs.
- * @throws SecurityException
- * if a security manager exists and it determines that the
- * caller does not have the required permissions to control this
- * handler; required permissions include
- * {@code LogPermission("control")},
- * {@code FilePermission("write")} etc.
* @throws IllegalArgumentException
* if {@code pattern} is empty, {@code limit < 0} or
* {@code count < 1}.
@@ -515,13 +483,6 @@
/**
* Flushes and closes all opened files.
- *
- * @throws SecurityException
- * if a security manager exists and it determines that the
- * caller does not have the required permissions to control this
- * handler; required permissions include
- * {@code LogPermission("control")},
- * {@code FilePermission("write")} etc.
*/
@Override
public void close() {
@@ -550,12 +511,7 @@
super.publish(record);
flush();
if (limit > 0 && output.getLength() >= limit) {
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- findNextGeneration();
- return null;
- }
- });
+ findNextGeneration();
}
}
diff --git a/luni/src/main/java/java/util/logging/Handler.java b/luni/src/main/java/java/util/logging/Handler.java
index 21e77d7..a6cff8e 100644
--- a/luni/src/main/java/java/util/logging/Handler.java
+++ b/luni/src/main/java/java/util/logging/Handler.java
@@ -19,8 +19,6 @@
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
-import java.security.AccessController;
-import java.security.PrivilegedExceptionAction;
/**
* A {@code Handler} object accepts a logging request and exports the desired
@@ -78,18 +76,12 @@
}
// get a instance from given class name, using context classloader
- private Object getCustomizeInstance(final String className)
- throws Exception {
- Class<?> c = AccessController
- .doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
- public Class<?> run() throws Exception {
- ClassLoader loader = Thread.currentThread().getContextClassLoader();
- if (loader == null) {
- loader = ClassLoader.getSystemClassLoader();
- }
- return loader.loadClass(className);
- }
- });
+ private Object getCustomizeInstance(final String className) throws Exception {
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ if (loader == null) {
+ loader = ClassLoader.getSystemClassLoader();
+ }
+ Class<?> c = loader.loadClass(className);
return c.newInstance();
}
@@ -159,10 +151,6 @@
* Closes this handler. A flush operation will be performed and all the
* associated resources will be freed. Client applications should not use
* this handler after closing it.
- *
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public abstract void close();
@@ -194,9 +182,6 @@
* logging.
*
* @return the error manager used by this handler.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public ErrorManager getErrorManager() {
LogManager.getLogManager().checkAccess();
@@ -298,9 +283,6 @@
*
* @param encoding
* the character encoding to set.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
* @throws UnsupportedEncodingException
* if the specified encoding is not supported by the runtime.
*/
@@ -317,9 +299,6 @@
* the error manager to set.
* @throws NullPointerException
* if {@code em} is {@code null}.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setErrorManager(ErrorManager em) {
LogManager.getLogManager().checkAccess();
@@ -334,9 +313,6 @@
*
* @param newFilter
* the filter to set, may be {@code null}.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setFilter(Filter newFilter) {
LogManager.getLogManager().checkAccess();
@@ -364,9 +340,6 @@
* the formatter to set.
* @throws NullPointerException
* if {@code newFormatter} is {@code null}.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setFormatter(Formatter newFormatter) {
LogManager.getLogManager().checkAccess();
@@ -381,9 +354,6 @@
* the logging level to set.
* @throws NullPointerException
* if {@code newLevel} is {@code null}.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setLevel(Level newLevel) {
if (newLevel == null) {
diff --git a/luni/src/main/java/java/util/logging/LogManager.java b/luni/src/main/java/java/util/logging/LogManager.java
index fac3602..375d865 100644
--- a/luni/src/main/java/java/util/logging/LogManager.java
+++ b/luni/src/main/java/java/util/logging/LogManager.java
@@ -30,8 +30,6 @@
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Hashtable;
@@ -125,7 +123,7 @@
public class LogManager {
/** The line separator of the underlying OS. */
- private static final String lineSeparator = getPrivilegedSystemProperty("line.separator");
+ private static final String lineSeparator = System.getProperty("line.separator");
/** The shared logging permission. */
private static final LoggingPermission perm = new LoggingPermission("control", null);
@@ -159,34 +157,28 @@
static {
// init LogManager singleton instance
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- String className = System.getProperty("java.util.logging.manager");
+ String className = System.getProperty("java.util.logging.manager");
+ if (className != null) {
+ manager = (LogManager) getInstanceByClass(className);
+ }
+ if (manager == null) {
+ manager = new LogManager();
+ }
- if (className != null) {
- manager = (LogManager) getInstanceByClass(className);
- }
- if (manager == null) {
- manager = new LogManager();
- }
+ // read configuration
+ try {
+ manager.readConfiguration();
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
- // read configuration
- try {
- manager.readConfiguration();
- } catch (Exception e) {
- e.printStackTrace();
- }
+ // if global logger has been initialized, set root as its parent
+ Logger root = new Logger("", null);
+ root.setLevel(Level.INFO);
+ Logger.global.setParent(root);
- // if global logger has been initialized, set root as its parent
- Logger root = new Logger("", null);
- root.setLevel(Level.INFO);
- Logger.global.setParent(root);
-
- manager.addLogger(root);
- manager.addLogger(Logger.global);
- return null;
- }
- });
+ manager.addLogger(root);
+ manager.addLogger(Logger.global);
}
/**
@@ -201,15 +193,9 @@
listeners = new PropertyChangeSupport(this);
// add shutdown hook to ensure that the associated resource will be
// freed when JVM exits
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- public Void run() {
- Runtime.getRuntime().addShutdownHook(new Thread() {
- @Override
- public void run() {
- reset();
- }
- });
- return null;
+ Runtime.getRuntime().addShutdownHook(new Thread() {
+ @Override public void run() {
+ reset();
}
});
}
@@ -223,20 +209,9 @@
}
/**
- * Check that the caller has {@code LoggingPermission("control")} so
- * that it is trusted to modify the configuration for logging framework. If
- * the check passes, just return, otherwise {@code SecurityException}
- * will be thrown.
- *
- * @throws SecurityException
- * if there is a security manager in operation and the invoker
- * of this method does not have the required security permission
- * {@code LoggingPermission("control")}
+ * Does nothing.
*/
public void checkAccess() {
- if (System.getSecurityManager() != null) {
- System.getSecurityManager().checkPermission(perm);
- }
}
/**
@@ -295,16 +270,9 @@
Collection<Logger> allLoggers = loggers.values();
for (final Logger child : allLoggers) {
Logger oldParent = child.getParent();
- if (parent == oldParent
- && (name.length() == 0 || child.getName().startsWith(
- nameDot))) {
+ if (parent == oldParent && (name.length() == 0 || child.getName().startsWith(nameDot))) {
final Logger thisLogger = logger;
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- child.setParent(thisLogger);
- return null;
- }
- });
+ child.setParent(thisLogger);
if (oldParent != null) {
// -- remove from old parent as the parent has been changed
oldParent.children.remove(child);
@@ -362,9 +330,6 @@
*
* @throws IOException
* if any IO related problems happened.
- * @throws SecurityException
- * if security manager exists and it determines that caller does
- * not have the required permissions to perform this action.
*/
public void readConfiguration() throws IOException {
// check config class
@@ -397,15 +362,6 @@
}
}
- // use privilege code to get system property
- static String getPrivilegedSystemProperty(final String key) {
- return AccessController.doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- return System.getProperty(key);
- }
- });
- }
-
// use SystemClassLoader to load class from system classpath
static Object getInstanceByClass(final String className) {
try {
@@ -421,7 +377,6 @@
return null;
}
}
-
}
// actual initialization process from a given input stream
@@ -469,9 +424,6 @@
* the input stream
* @throws IOException
* if any IO related problems happened.
- * @throws SecurityException
- * if security manager exists and it determines that caller does
- * not have the required permissions to perform this action.
*/
public void readConfiguration(InputStream ins) throws IOException {
checkAccess();
@@ -480,15 +432,10 @@
/**
* Reset configuration.
- * <p>
- * All handlers are closed and removed from any named loggers. All loggers'
+ *
+ * <p>All handlers are closed and removed from any named loggers. All loggers'
* level is set to null, except the root logger's level is set to
* {@code Level.INFO}.
- * </p>
- *
- * @throws SecurityException
- * if security manager exists and it determines that caller does
- * not have the required permissions to perform this action.
*/
public synchronized void reset() {
checkAccess();
@@ -513,9 +460,6 @@
*
* @param l
* the {@code PropertyChangeListener} to be added.
- * @throws SecurityException
- * if security manager exists and it determines that caller does
- * not have the required permissions to perform this action.
*/
public void addPropertyChangeListener(PropertyChangeListener l) {
if (l == null) {
@@ -531,9 +475,6 @@
*
* @param l
* the {@code PropertyChangeListener} to be removed.
- * @throws SecurityException
- * if security manager exists and it determines that caller does
- * not have the required permissions to perform this action.
*/
public void removePropertyChangeListener(PropertyChangeListener l) {
checkAccess();
diff --git a/luni/src/main/java/java/util/logging/Logger.java b/luni/src/main/java/java/util/logging/Logger.java
index 6c7dabb..7f5dc3b 100644
--- a/luni/src/main/java/java/util/logging/Logger.java
+++ b/luni/src/main/java/java/util/logging/Logger.java
@@ -26,8 +26,6 @@
import dalvik.system.DalvikLogHandler;
import dalvik.system.DalvikLogging;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
@@ -282,12 +280,7 @@
*/
static ResourceBundle loadResourceBundle(String resourceBundleName) {
// try context class loader to load the resource
- ClassLoader cl = AccessController
- .doPrivileged(new PrivilegedAction<ClassLoader>() {
- public ClassLoader run() {
- return Thread.currentThread().getContextClassLoader();
- }
- });
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
if (cl != null) {
try {
return ResourceBundle.getBundle(resourceBundleName, Locale
@@ -297,42 +290,25 @@
}
}
// try system class loader to load the resource
- cl = AccessController.doPrivileged(new PrivilegedAction<ClassLoader>() {
- public ClassLoader run() {
- return ClassLoader.getSystemClassLoader();
- }
- });
+ cl = ClassLoader.getSystemClassLoader();
if (cl != null) {
try {
- return ResourceBundle.getBundle(resourceBundleName, Locale
- .getDefault(), cl);
+ return ResourceBundle.getBundle(resourceBundleName, Locale.getDefault(), cl);
} catch (MissingResourceException e) {
// Failed to load using system classloader, ignore
}
}
// try all class loaders up the class stack
- final Class<?>[] classes = AccessController
- .doPrivileged(new PrivilegedAction<Class<?>[]>() {
- public Class<?>[] run() {
- return (new PrivateSecurityManager())
- .privateGetClassContext();
- }
- });
+ final Class<?>[] classes = new PrivateSecurityManager().privateGetClassContext();
// the first class, which is PrivateSecurityManager, is skipped
for (int i = 1; i < classes.length; i++) {
final int index = i;
try {
- cl = AccessController
- .doPrivileged(new PrivilegedAction<ClassLoader>() {
- public ClassLoader run() {
- return classes[index].getClassLoader();
- }
- });
+ cl = classes[index].getClassLoader();
if (cl == null) {
continue;
}
- return ResourceBundle.getBundle(resourceBundleName, Locale
- .getDefault(), cl);
+ return ResourceBundle.getBundle(resourceBundleName, Locale.getDefault(), cl);
} catch (MissingResourceException e) {
// Failed to load using the current class's classloader, ignore
}
@@ -444,9 +420,6 @@
*
* @param handler
* the handler object to add, cannot be {@code null}.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void addHandler(Handler handler) {
if (handler == null) {
@@ -522,9 +495,6 @@
*
* @param handler
* the handler to be removed.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void removeHandler(Handler handler) {
// Anonymous loggers can always remove handlers
@@ -552,9 +522,6 @@
*
* @param newFilter
* the filter to set, may be {@code null}.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setFilter(Filter newFilter) {
// Anonymous loggers can always set the filter
@@ -580,9 +547,6 @@
*
* @param newLevel
* the logging level to set.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setLevel(Level newLevel) {
// Anonymous loggers can always set the level
@@ -611,9 +575,6 @@
*
* @param notifyParentHandlers
* the new flag indicating whether to use the parent's handlers.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setUseParentHandlers(boolean notifyParentHandlers) {
// Anonymous loggers can always set the useParentHandlers flag
@@ -640,9 +601,6 @@
*
* @param parent
* the parent logger to set.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
public void setParent(Logger parent) {
if (parent == null) {
diff --git a/luni/src/main/java/java/util/logging/LoggingMXBean.java b/luni/src/main/java/java/util/logging/LoggingMXBean.java
index f2e9554..a36a9d4 100644
--- a/luni/src/main/java/java/util/logging/LoggingMXBean.java
+++ b/luni/src/main/java/java/util/logging/LoggingMXBean.java
@@ -73,9 +73,6 @@
* @throws IllegalArgumentException
* if {@code loggerName} is not a registered logger or if
* {@code levelName} is not null and not valid.
- * @throws SecurityException
- * if a security manager exists and the caller doesn't have
- * LoggingPermission("control").
* @see Level#parse(String)
*/
void setLoggerLevel(String loggerName, String levelName);
diff --git a/luni/src/main/java/java/util/logging/LoggingPermission.java b/luni/src/main/java/java/util/logging/LoggingPermission.java
index ec53956..0f06154 100644
--- a/luni/src/main/java/java/util/logging/LoggingPermission.java
+++ b/luni/src/main/java/java/util/logging/LoggingPermission.java
@@ -22,30 +22,15 @@
import java.security.Guard;
/**
- * The permission required to control the logging when run with a
- * {@code SecurityManager}.
+ * Legacy security code; this class exists for compatibility only.
*/
-public final class LoggingPermission extends BasicPermission implements Guard,
- Serializable {
+public final class LoggingPermission extends BasicPermission implements Guard, Serializable {
// for serialization compatibility with J2SE 1.4.2
private static final long serialVersionUID = 63564341580231582L;
/**
- * Constructs a {@code LoggingPermission} object required to control the
- * logging. The {@code SecurityManager} checks the permissions.
- * <p>
- * {@code LoggingPermission} objects are created by the security policy code
- * and depends on the security policy file, therefore programmers shouldn't
- * normally use them directly.
- * </p>
- *
- * @param name
- * currently must be "control".
- * @param actions
- * currently must be either {@code null} or the empty string.
- * @throws IllegalArgumentException
- * if name null or different from {@code string} control.
+ * Legacy security code; this class exists for compatibility only.
*/
public LoggingPermission(String name, String actions) {
super(name, actions);
diff --git a/luni/src/main/java/java/util/logging/MemoryHandler.java b/luni/src/main/java/java/util/logging/MemoryHandler.java
index 4e7be49..607fcc4 100644
--- a/luni/src/main/java/java/util/logging/MemoryHandler.java
+++ b/luni/src/main/java/java/util/logging/MemoryHandler.java
@@ -17,9 +17,6 @@
package java.util.logging;
-import java.security.AccessController;
-import java.security.PrivilegedExceptionAction;
-
/**
* A {@code Handler} put the description of log events into a cycled memory
* buffer.
@@ -92,17 +89,11 @@
// init target
final String targetName = manager.getProperty(className + ".target");
try {
- Class<?> targetClass = AccessController
- .doPrivileged(new PrivilegedExceptionAction<Class<?>>() {
- public Class<?> run() throws Exception {
- ClassLoader loader = Thread.currentThread()
- .getContextClassLoader();
- if (loader == null) {
- loader = ClassLoader.getSystemClassLoader();
- }
- return loader.loadClass(targetName);
- }
- });
+ ClassLoader loader = Thread.currentThread().getContextClassLoader();
+ if (loader == null) {
+ loader = ClassLoader.getSystemClassLoader();
+ }
+ Class<?> targetClass = loader.loadClass(targetName);
target = (Handler) targetClass.newInstance();
} catch (Exception e) {
throw new RuntimeException("Cannot load target handler '" + targetName + "'");
@@ -166,10 +157,6 @@
/**
* Close this handler and target handler, free all associated resources.
- *
- * @throws SecurityException
- * if security manager exists and it determines that caller does
- * not have the required permissions to control this handler.
*/
@Override
public void close() {
@@ -268,9 +255,6 @@
*
* @param newLevel
* the new level to set.
- * @throws SecurityException
- * if security manager exists and it determines that caller
- * does not have the required permissions to control this handler.
*/
public void setPushLevel(Level newLevel) {
manager.checkAccess();
diff --git a/luni/src/main/java/java/util/logging/SocketHandler.java b/luni/src/main/java/java/util/logging/SocketHandler.java
index bcaee09..85a9e6c 100644
--- a/luni/src/main/java/java/util/logging/SocketHandler.java
+++ b/luni/src/main/java/java/util/logging/SocketHandler.java
@@ -71,9 +71,6 @@
* if failed to connect to the specified host and port.
* @throws IllegalArgumentException
* if the host name or port number is illegal.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission to control this handler.
*/
public SocketHandler() throws IOException {
super(DEFAULT_LEVEL, null, DEFAULT_FORMATTER, null);
@@ -96,9 +93,6 @@
* if failed to connect to the specified host and port.
* @throws IllegalArgumentException
* if the host name or port number is illegal.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission to control this handler.
*/
public SocketHandler(String host, int port) throws IOException {
super(DEFAULT_LEVEL, null, DEFAULT_FORMATTER, null);
@@ -134,10 +128,6 @@
/**
* Closes this handler. The network connection to the host is also closed.
- *
- * @throws SecurityException
- * If a security manager determines that the caller does not
- * have the required permission to control this handler.
*/
@Override
public void close() {
diff --git a/luni/src/main/java/java/util/logging/StreamHandler.java b/luni/src/main/java/java/util/logging/StreamHandler.java
index 42a02a3..d4e73e4 100644
--- a/luni/src/main/java/java/util/logging/StreamHandler.java
+++ b/luni/src/main/java/java/util/logging/StreamHandler.java
@@ -162,9 +162,6 @@
*
* @param os
* the new output stream.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
* @throws NullPointerException
* if {@code os} is {@code null}.
*/
@@ -185,9 +182,6 @@
*
* @param encoding
* the character encoding to set.
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
* @throws UnsupportedEncodingException
* if the specified encoding is not supported by the runtime.
*/
@@ -247,10 +241,6 @@
* this handler is written out. A flush operation and a subsequent close
* operation is then performed upon the output stream. Client applications
* should not use a handler after closing it.
- *
- * @throws SecurityException
- * if a security manager determines that the caller does not
- * have the required permission.
*/
@Override
public void close() {
diff --git a/luni/src/main/java/java/util/logging/XMLFormatter.java b/luni/src/main/java/java/util/logging/XMLFormatter.java
index 5e461c4..c689178 100644
--- a/luni/src/main/java/java/util/logging/XMLFormatter.java
+++ b/luni/src/main/java/java/util/logging/XMLFormatter.java
@@ -17,8 +17,6 @@
package java.util.logging;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.text.MessageFormat;
import java.util.Date;
import java.util.ResourceBundle;
@@ -32,8 +30,7 @@
*/
public class XMLFormatter extends Formatter {
- private static final String lineSeperator = LogManager
- .getSystemLineSeparator();
+ private static final String lineSeperator = LogManager.getSystemLineSeparator();
private static final String indent = " ";
@@ -179,7 +176,7 @@
encoding = h.getEncoding();
}
if (encoding == null) {
- encoding = getSystemProperty("file.encoding");
+ encoding = System.getProperty("file.encoding");
}
StringBuilder sb = new StringBuilder();
sb.append("<?xml version=\"1.0\" encoding=\"").append(encoding).append(
@@ -201,13 +198,4 @@
public String getTail(Handler h) {
return "</log>";
}
-
- // use privilege code to get system property
- private static String getSystemProperty(final String key) {
- return AccessController.doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- return System.getProperty(key);
- }
- });
- }
}
diff --git a/luni/src/main/java/java/util/prefs/FilePreferencesImpl.java b/luni/src/main/java/java/util/prefs/FilePreferencesImpl.java
index 0fd8466..5f546d6 100644
--- a/luni/src/main/java/java/util/prefs/FilePreferencesImpl.java
+++ b/luni/src/main/java/java/util/prefs/FilePreferencesImpl.java
@@ -18,8 +18,6 @@
import java.io.File;
import java.io.FilenameFilter;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Properties;
@@ -35,41 +33,14 @@
*/
class FilePreferencesImpl extends AbstractPreferences {
- /*
- * --------------------------------------------------------------
- * Class fields
- * --------------------------------------------------------------
- */
-
//prefs file name
private static final String PREFS_FILE_NAME = "prefs.xml";
//home directory for user prefs
- private static String USER_HOME;
+ private static String USER_HOME = System.getProperty("user.home") + "/.java/.userPrefs";
//home directory for system prefs
- private static String SYSTEM_HOME;
-
- /*
- * --------------------------------------------------------------
- * Class initializer
- * --------------------------------------------------------------
- */
- static {
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- public Void run() {
- USER_HOME = System.getProperty("user.home") + "/.java/.userPrefs";
- SYSTEM_HOME = System.getProperty("java.home") + "/.systemPrefs";
- return null;
- }
- });
- }
-
- /*
- * --------------------------------------------------------------
- * Instance fields
- * --------------------------------------------------------------
- */
+ private static String SYSTEM_HOME = System.getProperty("java.home") + "/.systemPrefs";
//file path for this preferences node
private String path;
@@ -117,26 +88,16 @@
private void initPrefs() {
dir = new File(path);
- newNode = (AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
- public Boolean run() {
- return Boolean.valueOf(!dir.exists());
- }
- })).booleanValue();
+ newNode = !dir.exists();
prefsFile = new File(path + File.separator + PREFS_FILE_NAME);
prefs = XMLParser.loadFilePrefs(prefsFile);
}
@Override
protected String[] childrenNamesSpi() throws BackingStoreException {
- String[] names = AccessController
- .doPrivileged(new PrivilegedAction<String[]>() {
- public String[] run() {
- return dir.list(new FilenameFilter() {
- public boolean accept(File parent, String name) {
- return new File(path + File.separator + name).isDirectory();
- }
- });
-
+ String[] names = dir.list(new FilenameFilter() {
+ public boolean accept(File parent, String name) {
+ return new File(path + File.separator + name).isDirectory();
}
});
if (names == null) {// file is not a directory, exception case
@@ -208,12 +169,8 @@
@Override
protected void removeNodeSpi() throws BackingStoreException {
- boolean removeSucceed = (AccessController.doPrivileged(new PrivilegedAction<Boolean>() {
- public Boolean run() {
- prefsFile.delete();
- return Boolean.valueOf(dir.delete());
- }
- })).booleanValue();
+ prefsFile.delete();
+ boolean removeSucceed = dir.delete();
if (!removeSucceed) {
throw new BackingStoreException("Cannot remove " + toString());
}
diff --git a/luni/src/main/java/java/util/prefs/Preferences.java b/luni/src/main/java/java/util/prefs/Preferences.java
index 94eb2ab..df9c0bc 100644
--- a/luni/src/main/java/java/util/prefs/Preferences.java
+++ b/luni/src/main/java/java/util/prefs/Preferences.java
@@ -98,9 +98,6 @@
*/
public static final int MAX_VALUE_LENGTH = 8192;
- //permission
- private static final RuntimePermission PREFS_PERM = new RuntimePermission("preferences");
-
//factory used to get user/system prefs root
private static final PreferencesFactory factory = findPreferencesFactory();
@@ -440,12 +437,8 @@
* valid XML document.
* @throws IOException
* if an error occurs while importing.
- * @throws SecurityException
- * if {@code RuntimePermission("preferences")} is denied by a
- * SecurityManager.
*/
public static void importPreferences (InputStream istream) throws InvalidPreferencesFormatException, IOException {
- checkSecurity();
if (istream == null){
throw new MalformedURLException("Inputstream cannot be null");
}
@@ -803,12 +796,8 @@
* @return the system preference node for the package of the given class.
* @throws NullPointerException
* if the given class is {@code null}.
- * @throws SecurityException
- * if the {@code RuntimePermission("preferences")} is denied by
- * a SecurityManager.
*/
public static Preferences systemNodeForPackage (Class<?> c) {
- checkSecurity();
return factory.systemRoot().node(getNodeName(c));
}
@@ -816,23 +805,11 @@
* Returns the root node of the system preference hierarchy.
*
* @return the system preference hierarchy root node.
- * @throws SecurityException
- * if the {@code RuntimePermission("preferences")} is denied by
- * a SecurityManager.
*/
public static Preferences systemRoot() {
- checkSecurity();
return factory.systemRoot();
}
- //check the RuntimePermission("preferences")
- private static void checkSecurity() {
- SecurityManager manager = System.getSecurityManager();
- if (manager != null){
- manager.checkPermission(PREFS_PERM);
- }
- }
-
/**
* Returns the user preference node for the package of the given class.
* The absolute path of the returned node is one slash followed by the given
@@ -849,12 +826,8 @@
* @return the user preference node for the package of the given class.
* @throws NullPointerException
* if the given class is {@code null}.
- * @throws SecurityException
- * if the {@code RuntimePermission("preferences")} is denied by
- * a SecurityManager.
*/
public static Preferences userNodeForPackage (Class<?> c) {
- checkSecurity();
return factory.userRoot().node(getNodeName(c));
}
@@ -871,12 +844,8 @@
* Returns the root node of the user preference hierarchy.
*
* @return the user preference hierarchy root node.
- * @throws SecurityException
- * if the {@code RuntimePermission("preferences")} is denied by
- * a SecurityManager.
*/
public static Preferences userRoot() {
- checkSecurity();
return factory.userRoot();
}
diff --git a/luni/src/main/java/java/util/prefs/XMLParser.java b/luni/src/main/java/java/util/prefs/XMLParser.java
index 4934212..625a004 100644
--- a/luni/src/main/java/java/util/prefs/XMLParser.java
+++ b/luni/src/main/java/java/util/prefs/XMLParser.java
@@ -31,10 +31,6 @@
import java.io.StringReader;
import java.nio.channels.FileChannel;
import java.nio.channels.FileLock;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Properties;
import java.util.StringTokenizer;
@@ -475,14 +471,6 @@
* @return Properties instance which indicates the preferences key-value pairs
*/
static Properties loadFilePrefs(final File file) {
- return AccessController.doPrivileged(new PrivilegedAction<Properties>() {
- public Properties run() {
- return loadFilePrefsImpl(file);
- }
- });
- }
-
- static Properties loadFilePrefsImpl(final File file) {
Properties result = new Properties();
if (!file.exists()) {
file.getParentFile().mkdirs();
@@ -516,22 +504,7 @@
return result;
}
- /**
- *
- * @param file
- * @param prefs
- * @throws PrivilegedActionException
- */
- static void flushFilePrefs(final File file, final Properties prefs) throws PrivilegedActionException {
- AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
- public Object run() throws IOException {
- flushFilePrefsImpl(file, prefs);
- return null;
- }
- });
- }
-
- static void flushFilePrefsImpl(File file, Properties prefs) throws IOException {
+ static void flushFilePrefs(final File file, final Properties prefs) throws IOException {
BufferedWriter out = null;
FileLock lock = null;
try {
diff --git a/luni/src/main/java/java/util/zip/ZipFile.java b/luni/src/main/java/java/util/zip/ZipFile.java
index 06be579..7abd6eb 100644
--- a/luni/src/main/java/java/util/zip/ZipFile.java
+++ b/luni/src/main/java/java/util/zip/ZipFile.java
@@ -26,8 +26,6 @@
import java.io.InputStream;
import java.io.RandomAccessFile;
import java.nio.ByteOrder;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
@@ -122,14 +120,7 @@
throw new IllegalArgumentException();
}
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- security.checkRead(fileName);
- }
if ((mode & OPEN_DELETE) != 0) {
- if (security != null) {
- security.checkDelete(fileName);
- }
fileToDeleteOnClose = file; // file.deleteOnExit();
} else {
fileToDeleteOnClose = null;
@@ -183,13 +174,7 @@
raf.close();
}
if (fileToDeleteOnClose != null) {
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- new File(fileName).delete();
- return null;
- }
- });
- // fileToDeleteOnClose.delete();
+ fileToDeleteOnClose.delete();
fileToDeleteOnClose = null;
}
}
diff --git a/luni/src/main/java/javax/net/ssl/KeyManagerFactory.java b/luni/src/main/java/javax/net/ssl/KeyManagerFactory.java
index c5c9196..82ce8a1 100644
--- a/luni/src/main/java/javax/net/ssl/KeyManagerFactory.java
+++ b/luni/src/main/java/javax/net/ssl/KeyManagerFactory.java
@@ -17,13 +17,11 @@
package javax.net.ssl;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
-import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
@@ -51,11 +49,7 @@
* @return the default algorithm name.
*/
public static final String getDefaultAlgorithm() {
- return AccessController.doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- return Security.getProperty(PROPERTY_NAME);
- }
- });
+ return Security.getProperty(PROPERTY_NAME);
}
/**
diff --git a/luni/src/main/java/javax/net/ssl/SSLServerSocketFactory.java b/luni/src/main/java/javax/net/ssl/SSLServerSocketFactory.java
index e8a7071..5cb3163 100644
--- a/luni/src/main/java/javax/net/ssl/SSLServerSocketFactory.java
+++ b/luni/src/main/java/javax/net/ssl/SSLServerSocketFactory.java
@@ -17,9 +17,7 @@
package javax.net.ssl;
-import java.security.AccessController;
import java.security.NoSuchAlgorithmException;
-import java.security.PrivilegedAction;
import java.security.Security;
import javax.net.ServerSocketFactory;
@@ -46,23 +44,18 @@
return defaultServerSocketFactory;
}
if (defaultName == null) {
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- public Void run() {
- defaultName = Security.getProperty("ssl.ServerSocketFactory.provider");
- if (defaultName != null) {
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
- if (cl == null) {
- cl = ClassLoader.getSystemClassLoader();
- }
- try {
- final Class<?> ssfc = Class.forName(defaultName, true, cl);
- defaultServerSocketFactory = (ServerSocketFactory) ssfc.newInstance();
- } catch (Exception e) {
- }
- }
- return null;
+ defaultName = Security.getProperty("ssl.ServerSocketFactory.provider");
+ if (defaultName != null) {
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ if (cl == null) {
+ cl = ClassLoader.getSystemClassLoader();
}
- });
+ try {
+ final Class<?> ssfc = Class.forName(defaultName, true, cl);
+ defaultServerSocketFactory = (ServerSocketFactory) ssfc.newInstance();
+ } catch (Exception e) {
+ }
+ }
}
if (defaultServerSocketFactory == null) {
SSLContext context;
diff --git a/luni/src/main/java/javax/net/ssl/SSLSocketFactory.java b/luni/src/main/java/javax/net/ssl/SSLSocketFactory.java
index b31d4e2..75f918e 100644
--- a/luni/src/main/java/javax/net/ssl/SSLSocketFactory.java
+++ b/luni/src/main/java/javax/net/ssl/SSLSocketFactory.java
@@ -19,9 +19,7 @@
import java.io.IOException;
import java.net.Socket;
-import java.security.AccessController;
import java.security.NoSuchAlgorithmException;
-import java.security.PrivilegedAction;
import java.security.Security;
import java.util.logging.Level;
import java.util.logging.Logger;
@@ -52,26 +50,19 @@
return defaultSocketFactory;
}
if (defaultName == null) {
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- public Void run() {
- defaultName = Security.getProperty("ssl.SocketFactory.provider");
- if (defaultName != null) {
- ClassLoader cl = Thread.currentThread().getContextClassLoader();
- if (cl == null) {
- cl = ClassLoader.getSystemClassLoader();
- }
- try {
- final Class<?> sfc = Class.forName(defaultName, true, cl);
- defaultSocketFactory = (SocketFactory) sfc.newInstance();
- } catch (Exception e) {
- // BEGIN android-added
- log("SSLSocketFactory", "Problem creating " + defaultName, e);
- // END android-added
- }
- }
- return null;
+ defaultName = Security.getProperty("ssl.SocketFactory.provider");
+ if (defaultName != null) {
+ ClassLoader cl = Thread.currentThread().getContextClassLoader();
+ if (cl == null) {
+ cl = ClassLoader.getSystemClassLoader();
}
- });
+ try {
+ final Class<?> sfc = Class.forName(defaultName, true, cl);
+ defaultSocketFactory = (SocketFactory) sfc.newInstance();
+ } catch (Exception e) {
+ log("SSLSocketFactory", "Problem creating " + defaultName, e);
+ }
+ }
}
if (defaultSocketFactory == null) {
diff --git a/luni/src/main/java/javax/net/ssl/TrustManagerFactory.java b/luni/src/main/java/javax/net/ssl/TrustManagerFactory.java
index 04633a4..fc692ca 100644
--- a/luni/src/main/java/javax/net/ssl/TrustManagerFactory.java
+++ b/luni/src/main/java/javax/net/ssl/TrustManagerFactory.java
@@ -17,13 +17,11 @@
package javax.net.ssl;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
-import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import org.apache.harmony.security.fortress.Engine;
@@ -50,11 +48,7 @@
* @return the default algorithm name.
*/
public static final String getDefaultAlgorithm() {
- return AccessController.doPrivileged(new PrivilegedAction<String>() {
- public String run() {
- return Security.getProperty(PROPERTYNAME);
- }
- });
+ return Security.getProperty(PROPERTYNAME);
}
/**
diff --git a/luni/src/main/java/javax/security/auth/Subject.java b/luni/src/main/java/javax/security/auth/Subject.java
index ac0fab4..adb0e44 100644
--- a/luni/src/main/java/javax/security/auth/Subject.java
+++ b/luni/src/main/java/javax/security/auth/Subject.java
@@ -140,9 +140,6 @@
*/
@SuppressWarnings("unchecked")
public static <T> T doAs(Subject subject, PrivilegedAction<T> action) {
-
- checkPermission(_AS);
-
return doAs_PrivilegedAction(subject, action, AccessController.getContext());
}
@@ -164,9 +161,6 @@
@SuppressWarnings("unchecked")
public static <T> T doAsPrivileged(Subject subject, PrivilegedAction<T> action,
AccessControlContext context) {
-
- checkPermission(_AS_PRIVILEGED);
-
if (context == null) {
return doAs_PrivilegedAction(subject, action, new AccessControlContext(
new ProtectionDomain[0]));
@@ -192,7 +186,6 @@
PrivilegedAction dccAction = new PrivilegedAction() {
public Object run() {
-
return new AccessControlContext(context, combiner);
}
};
@@ -217,9 +210,6 @@
@SuppressWarnings("unchecked")
public static <T> T doAs(Subject subject, PrivilegedExceptionAction<T> action)
throws PrivilegedActionException {
-
- checkPermission(_AS);
-
return doAs_PrivilegedExceptionAction(subject, action, AccessController.getContext());
}
@@ -244,9 +234,6 @@
public static <T> T doAsPrivileged(Subject subject,
PrivilegedExceptionAction<T> action, AccessControlContext context)
throws PrivilegedActionException {
-
- checkPermission(_AS_PRIVILEGED);
-
if (context == null) {
return doAs_PrivilegedExceptionAction(subject, action,
new AccessControlContext(new ProtectionDomain[0]));
@@ -406,8 +393,6 @@
* works though.
*/
public void setReadOnly() {
- checkPermission(_READ_ONLY);
-
readOnly = true;
}
@@ -482,7 +467,6 @@
* context} provided as argument.
*/
public static Subject getSubject(final AccessControlContext context) {
- checkPermission(_SUBJECT);
if (context == null) {
throw new NullPointerException("AccessControlContext cannot be null");
}
@@ -499,14 +483,6 @@
return ((SubjectDomainCombiner) combiner).getSubject();
}
- // checks passed permission
- private static void checkPermission(Permission p) {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(p);
- }
- }
-
private void checkState() {
if (readOnly) {
throw new IllegalStateException("Set is read-only");
@@ -596,7 +572,6 @@
verifyElement(o);
checkState();
- checkPermission(permission);
if (!elements.contains(o)) {
elements.add(o);
@@ -622,8 +597,6 @@
@Override
public SST next() {
SST obj = iterator.next();
- checkPermission(new PrivateCredentialPermission(obj
- .getClass().getName(), principals));
return obj;
}
};
@@ -727,8 +700,6 @@
private void writeObject(ObjectOutputStream out) throws IOException {
if (permission == _PRIVATE_CREDENTIALS) {
- // iteration causes checkPermission to be called for each element
- for (SST unused : this) {}
setType = SET_PrivCred;
} else if (permission == _PRINCIPALS) {
setType = SET_Principal;
@@ -763,7 +734,6 @@
*/
public void remove() {
checkState();
- checkPermission(permission);
iterator.remove();
}
}
diff --git a/luni/src/main/java/javax/security/auth/SubjectDomainCombiner.java b/luni/src/main/java/javax/security/auth/SubjectDomainCombiner.java
index 7d990a1..e7cc971 100644
--- a/luni/src/main/java/javax/security/auth/SubjectDomainCombiner.java
+++ b/luni/src/main/java/javax/security/auth/SubjectDomainCombiner.java
@@ -55,11 +55,6 @@
* @return the entity to which this domain combiner is associated.
*/
public Subject getSubject() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(_GET);
- }
-
return subject;
}
diff --git a/luni/src/main/java/javax/security/cert/X509Certificate.java b/luni/src/main/java/javax/security/cert/X509Certificate.java
index fe5b9f7..1854692 100644
--- a/luni/src/main/java/javax/security/cert/X509Certificate.java
+++ b/luni/src/main/java/javax/security/cert/X509Certificate.java
@@ -21,7 +21,6 @@
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.math.BigInteger;
-import java.security.AccessController;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
@@ -47,19 +46,11 @@
public abstract class X509Certificate extends Certificate {
private static Constructor constructor;
-
static {
try {
- String classname = (String) AccessController.doPrivileged(
- new java.security.PrivilegedAction() {
- public Object run() {
- return Security.getProperty("cert.provider.x509v1");
- }
- }
- );
+ String classname = Security.getProperty("cert.provider.x509v1");
Class cl = Class.forName(classname);
- constructor =
- cl.getConstructor(new Class[] {InputStream.class});
+ constructor = cl.getConstructor(new Class[] {InputStream.class});
} catch (Throwable e) {
}
}
diff --git a/luni/src/main/java/libcore/net/MimeUtils.java b/luni/src/main/java/libcore/net/MimeUtils.java
index 28d9c7c..67dfdf9 100644
--- a/luni/src/main/java/libcore/net/MimeUtils.java
+++ b/luni/src/main/java/libcore/net/MimeUtils.java
@@ -20,7 +20,6 @@
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
-import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Map;
@@ -369,6 +368,31 @@
extensionToMimeTypeMap.put(extension, mimeType);
}
+ private static InputStream getContentTypesPropertiesStream() {
+ // User override?
+ String userTable = System.getProperty("content.types.user.table");
+ if (userTable != null) {
+ File f = new File(userTable);
+ if (f.exists()) {
+ try {
+ return new FileInputStream(f);
+ } catch (IOException ignored) {
+ }
+ }
+ }
+
+ // Standard location?
+ File f = new File(System.getProperty("java.home"), "lib" + File.separator + "content-types.properties");
+ if (f.exists()) {
+ try {
+ return new FileInputStream(f);
+ } catch (IOException ignored) {
+ }
+ }
+
+ return null;
+ }
+
/**
* This isn't what the RI does. The RI doesn't have hard-coded defaults, so supplying your
* own "content.types.user.table" means you don't get any of the built-ins, and the built-ins
@@ -376,34 +400,7 @@
*/
private static void applyOverrides() {
// Get the appropriate InputStream to read overrides from, if any.
- InputStream stream = AccessController.doPrivileged(new PrivilegedAction<InputStream>() {
- public InputStream run() {
- // User override?
- String userTable = System.getProperty("content.types.user.table");
- if (userTable != null) {
- File f = new File(userTable);
- if (f.exists()) {
- try {
- return new FileInputStream(f);
- } catch (IOException ignored) {
- }
- }
- }
-
- // Standard location?
- File f = new File(System.getProperty("java.home"),
- "lib" + File.separator + "content-types.properties");
- if (f.exists()) {
- try {
- return new FileInputStream(f);
- } catch (IOException ignored) {
- }
- }
-
- return null;
- }
- });
-
+ InputStream stream = getContentTypesPropertiesStream();
if (stream == null) {
return;
}
diff --git a/luni/src/main/java/org/apache/harmony/lang/annotation/AnnotationFactory.java b/luni/src/main/java/org/apache/harmony/lang/annotation/AnnotationFactory.java
index 45a6c75..69237c0 100644
--- a/luni/src/main/java/org/apache/harmony/lang/annotation/AnnotationFactory.java
+++ b/luni/src/main/java/org/apache/harmony/lang/annotation/AnnotationFactory.java
@@ -25,8 +25,6 @@
import java.lang.reflect.InvocationHandler;
import java.lang.reflect.Method;
import java.lang.reflect.Proxy;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
@@ -215,14 +213,7 @@
}
try {
if (!el.definingMethod.isAccessible()) {
- AccessController.doPrivileged(new PrivilegedAction<Object>(){
- public Object run() {
- try {
- el.definingMethod.setAccessible(true);
- } catch (Exception ignore) {}
- return null;
- }
- });
+ el.definingMethod.setAccessible(true);
}
Object otherValue = el.definingMethod.invoke(obj);
if (otherValue != null ) {
diff --git a/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnectionPool.java b/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnectionPool.java
index bb5e6e1..3429599 100644
--- a/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnectionPool.java
+++ b/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpConnectionPool.java
@@ -48,12 +48,6 @@
= new HashMap<HttpConnection.Address, List<HttpConnection>>();
private HttpConnectionPool() {
- SecurityManager security = System.getSecurityManager();
- if (security != null) {
- maxConnections = 0;
- return;
- }
-
String keepAlive = System.getProperty("http.keepAlive");
if (keepAlive != null && !Boolean.parseBoolean(keepAlive)) {
maxConnections = 0;
diff --git a/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpURLConnectionImpl.java b/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpURLConnectionImpl.java
index b31f11d..c6870dc 100644
--- a/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpURLConnectionImpl.java
+++ b/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/http/HttpURLConnectionImpl.java
@@ -40,9 +40,7 @@
import java.net.URISyntaxException;
import java.net.URL;
import java.nio.charset.Charsets;
-import java.security.AccessController;
import java.security.Permission;
-import java.security.PrivilegedAction;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
@@ -52,7 +50,6 @@
import java.util.zip.GZIPInputStream;
import libcore.base.Streams;
import org.apache.harmony.luni.util.Base64;
-import org.apache.harmony.luni.util.PriviAction;
/**
* This subclass extends <code>HttpURLConnection</code> which in turns extends
@@ -187,12 +184,7 @@
super(url);
defaultPort = port;
requestHeader = new HttpHeaders(defaultRequestHeader);
-
- responseCache = AccessController.doPrivileged(new PrivilegedAction<ResponseCache>() {
- public ResponseCache run() {
- return ResponseCache.getDefault();
- }
- });
+ responseCache = ResponseCache.getDefault();
}
/**
@@ -906,8 +898,8 @@
}
private String getDefaultUserAgent() {
- String agent = getSystemProperty("http.agent");
- return agent != null ? agent : ("Java" + getSystemProperty("java.version"));
+ String agent = System.getProperty("http.agent");
+ return agent != null ? agent : ("Java" + System.getProperty("java.version"));
}
private boolean hasConnectionCloseHeader() {
@@ -1002,10 +994,6 @@
: url.getHost();
}
- private String getSystemProperty(final String property) {
- return AccessController.doPrivileged(new PriviAction<String>(property));
- }
-
@Override public final boolean usingProxy() {
return (proxy != null && proxy.type() != Proxy.Type.DIRECT);
}
diff --git a/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/jar/JarURLConnectionImpl.java b/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/jar/JarURLConnectionImpl.java
index 9864350..568b71e 100644
--- a/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/jar/JarURLConnectionImpl.java
+++ b/luni/src/main/java/org/apache/harmony/luni/internal/net/www/protocol/jar/JarURLConnectionImpl.java
@@ -28,9 +28,7 @@
import java.net.JarURLConnection;
import java.net.MalformedURLException;
import java.net.URL;
-import java.security.AccessController;
import java.security.Permission;
-import java.security.PrivilegedAction;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
@@ -138,52 +136,42 @@
@SuppressWarnings("nls")
JarFile openJarFile() throws IOException {
- JarFile jar = null;
if (jarFileURL.getProtocol().equals("file")) {
- jar = new JarFile(new File(Util.decode(jarFileURL.getFile(), false,
+ return new JarFile(new File(Util.decode(jarFileURL.getFile(), false,
"UTF-8")), true, ZipFile.OPEN_READ);
} else {
final InputStream is = jarFileURL.openConnection().getInputStream();
try {
- jar = AccessController
- .doPrivileged(new PrivilegedAction<JarFile>() {
- public JarFile run() {
- FileOutputStream fos = null;
- JarFile result = null;
- try {
- File tempJar = File.createTempFile("hyjar_", ".tmp", null);
- tempJar.deleteOnExit();
- fos = new FileOutputStream(tempJar);
- byte[] buf = new byte[4096];
- int nbytes = 0;
- while ((nbytes = is.read(buf)) > -1) {
- fos.write(buf, 0, nbytes);
- }
- fos.close();
- result = new JarFile(tempJar, true,
- ZipFile.OPEN_READ | ZipFile.OPEN_DELETE);
- } catch (IOException e) {
- return null;
- } finally {
- if (fos != null) {
- try {
- fos.close();
- } catch (IOException ex) {
- result = null;
- }
- }
- }
- return result;
- }
- });
+ FileOutputStream fos = null;
+ JarFile result = null;
+ try {
+ File tempJar = File.createTempFile("hyjar_", ".tmp", null);
+ tempJar.deleteOnExit();
+ fos = new FileOutputStream(tempJar);
+ byte[] buf = new byte[4096];
+ int nbytes = 0;
+ while ((nbytes = is.read(buf)) > -1) {
+ fos.write(buf, 0, nbytes);
+ }
+ fos.close();
+ return new JarFile(tempJar, true, ZipFile.OPEN_READ | ZipFile.OPEN_DELETE);
+ } catch (IOException e) {
+ return null;
+ } finally {
+ if (fos != null) {
+ try {
+ fos.close();
+ } catch (IOException ex) {
+ return null;
+ }
+ }
+ }
} finally {
if (is != null) {
is.close();
}
}
}
-
- return jar;
}
/**
diff --git a/luni/src/main/java/org/apache/harmony/luni/net/PlainSocketImpl.java b/luni/src/main/java/org/apache/harmony/luni/net/PlainSocketImpl.java
index 4952cf6..75dd4cd 100644
--- a/luni/src/main/java/org/apache/harmony/luni/net/PlainSocketImpl.java
+++ b/luni/src/main/java/org/apache/harmony/luni/net/PlainSocketImpl.java
@@ -33,8 +33,6 @@
import java.net.SocketTimeoutException;
import java.net.UnknownHostException;
import java.nio.ByteOrder;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import org.apache.harmony.luni.platform.OSMemory;
import org.apache.harmony.luni.platform.Platform;
@@ -120,18 +118,14 @@
* gets SocketImpl field by reflection.
*/
private Field getSocketImplField(final String fieldName) {
- return AccessController.doPrivileged(new PrivilegedAction<Field>() {
- public Field run() {
- Field field = null;
- try {
- field = SocketImpl.class.getDeclaredField(fieldName);
- field.setAccessible(true);
- } catch (NoSuchFieldException e) {
- throw new Error(e);
- }
- return field;
- }
- });
+ Field field = null;
+ try {
+ field = SocketImpl.class.getDeclaredField(fieldName);
+ field.setAccessible(true);
+ } catch (NoSuchFieldException e) {
+ throw new AssertionError(e);
+ }
+ return field;
}
public void initLocalPort(int localPort) {
diff --git a/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java b/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
deleted file mode 100644
index 9a12825..0000000
--- a/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements. See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.harmony.luni.util;
-
-
-import java.lang.reflect.AccessibleObject;
-import java.security.Policy;
-import java.security.PrivilegedAction;
-import java.security.Security;
-
-/**
- * Helper class to avoid multiple anonymous inner class for
- * <code>{@link java.security.AccessController#doPrivileged(PrivilegedAction)}</code>
- * calls.
- */
-public class PriviAction<T> implements PrivilegedAction<T> {
-
- private Object arg1;
-
- private Object arg2;
-
- private int action;
-
- private static final int GET_SYSTEM_PROPERTY = 1;
-
- private static final int GET_SECURITY_POLICY = 2;
-
- private static final int SET_ACCESSIBLE = 3;
-
- private static final int GET_SECURITY_PROPERTY = 4;
-
- /**
- * Creates a PrivilegedAction to get the security property with the given
- * name.
- *
- * @param property
- * the name of the property
- *
- * @see Security#getProperty
- */
- public static PrivilegedAction<String> getSecurityProperty(String property) {
- return new PriviAction<String>(GET_SECURITY_PROPERTY, property);
- }
-
- private PriviAction(int action, Object arg) {
- this.action = action;
- this.arg1 = arg;
- }
-
- /**
- * Creates a PrivilegedAction to get the current security policy object.
- *
- * @see Policy#getPolicy
- */
- public PriviAction() {
- action = GET_SECURITY_POLICY;
- }
-
- /**
- * Creates a PrivilegedAction to disable the access checks to the given
- * object.
- *
- * @param object
- * the object whose accessible flag will be set to
- * <code>true</code>
- *
- * @see AccessibleObject#setAccessible(boolean)
- */
- public PriviAction(AccessibleObject object) {
- action = SET_ACCESSIBLE;
- arg1 = object;
- }
-
- /**
- * Creates a PrivilegedAction to return the value of the system property
- * with the given key.
- *
- * @param property
- * the key of the system property
- *
- * @see System#getProperty(String)
- */
- public PriviAction(String property) {
- action = GET_SYSTEM_PROPERTY;
- arg1 = property;
- }
-
- /**
- * Creates a PrivilegedAction to return the value of the system property
- * with the given key.
- *
- * @param property
- * the key of the system property
- * @param defaultAnswer
- * the return value if the system property does not exist
- *
- * @see System#getProperty(String, String)
- */
- public PriviAction(String property, String defaultAnswer) {
- action = GET_SYSTEM_PROPERTY;
- arg1 = property;
- arg2 = defaultAnswer;
- }
-
- /**
- * Performs the actual privileged computation as defined by the constructor.
- *
- * @see java.security.PrivilegedAction#run()
- */
- @SuppressWarnings("unchecked")
- public T run() {
- switch (action) {
- case GET_SYSTEM_PROPERTY:
- return (T)System.getProperty((String) arg1, (String) arg2);
- case GET_SECURITY_PROPERTY:
- return (T)Security.getProperty((String) arg1);
- case GET_SECURITY_POLICY:
- return (T)Policy.getPolicy();
- case SET_ACCESSIBLE:
- ((AccessibleObject) arg1).setAccessible(true);
- }
- return null;
- }
-}
diff --git a/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicy.java b/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicy.java
index ebdce53..8d07013 100644
--- a/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicy.java
+++ b/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicy.java
@@ -24,7 +24,6 @@
import java.io.File;
import java.net.URL;
-import java.security.AccessController;
import java.security.CodeSource;
import java.security.Permission;
import java.security.PermissionCollection;
@@ -270,8 +269,7 @@
*/
public synchronized void refresh() {
Set<PolicyEntry> fresh = new HashSet<PolicyEntry>();
- Properties system = new Properties(AccessController
- .doPrivileged(new PolicyUtils.SystemKit()));
+ Properties system = System.getProperties();
system.setProperty("/", File.separator);
URL[] policyLocations = PolicyUtils.getPolicyURLs(system,
JAVA_SECURITY_POLICY,
diff --git a/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicyParser.java b/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicyParser.java
index 9857680..2c232b3 100644
--- a/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicyParser.java
+++ b/luni/src/main/java/org/apache/harmony/security/fortress/DefaultPolicyParser.java
@@ -27,7 +27,6 @@
import java.io.InputStreamReader;
import java.io.Reader;
import java.net.URL;
-import java.security.AccessController;
import java.security.CodeSource;
import java.security.KeyStore;
import java.security.KeyStoreException;
@@ -108,15 +107,9 @@
* @return a collection of PolicyEntry objects, may be empty
* @throws Exception IO error while reading location or file syntax error
*/
- public Collection<PolicyEntry>parse(URL location, Properties system)
- throws Exception {
-
+ public Collection<PolicyEntry>parse(URL location, Properties system) throws Exception {
boolean resolve = PolicyUtils.canExpandProperties();
- Reader r =
- new BufferedReader(
- new InputStreamReader(
- AccessController.doPrivileged(
- new PolicyUtils.URLLoader(location))));
+ Reader r = new BufferedReader(new InputStreamReader(location.openStream()));
Collection<GrantEntry> grantEntries = new HashSet<GrantEntry>();
List<KeystoreEntry> keystores = new ArrayList<KeystoreEntry>();
@@ -456,8 +449,7 @@
}
KeyStore ks = KeyStore.getInstance(ke.type);
URL location = new URL(base, ke.url);
- InputStream is = AccessController
- .doPrivileged(new PolicyUtils.URLLoader(location));
+ InputStream is = location.openStream();
try {
ks.load(is, null);
}
diff --git a/luni/src/main/java/org/apache/harmony/security/fortress/PolicyUtils.java b/luni/src/main/java/org/apache/harmony/security/fortress/PolicyUtils.java
index 73e841d..c22314b 100644
--- a/luni/src/main/java/org/apache/harmony/security/fortress/PolicyUtils.java
+++ b/luni/src/main/java/org/apache/harmony/security/fortress/PolicyUtils.java
@@ -28,12 +28,9 @@
import java.net.URI;
import java.net.URISyntaxException;
import java.net.URL;
-import java.security.AccessController;
import java.security.Permission;
import java.security.PermissionCollection;
import java.security.Permissions;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedExceptionAction;
import java.security.Security;
import java.util.ArrayList;
import java.util.Collection;
@@ -52,166 +49,6 @@
private PolicyUtils() {}
/**
- * Auxiliary action for opening InputStream from specified location.
- */
- public static class URLLoader implements PrivilegedExceptionAction<InputStream> {
-
- /**
- * URL of target location.
- */
- public URL location;
-
- /**
- * Constructor with target URL parameter.
- */
- public URLLoader(URL location) {
- this.location = location;
- }
-
- /**
- * Returns InputStream from the target URL.
- */
- public InputStream run() throws Exception {
- return location.openStream();
- }
- }
-
- /**
- * Auxiliary action for accessing system properties in a bundle.
- */
- public static class SystemKit implements PrivilegedAction<Properties> {
-
- /**
- * Returns system properties.
- */
- public Properties run() {
- return System.getProperties();
- }
- }
-
- /**
- * Auxiliary action for accessing specific system property.
- */
- public static class SystemPropertyAccessor implements PrivilegedAction<String> {
-
- /**
- * A key of a required system property.
- */
- public String key;
-
- /**
- * Constructor with a property key parameter.
- */
- public SystemPropertyAccessor(String key) {
- this.key = key;
- }
-
- /**
- * Handy one-line replacement of
- * "provide key and supply action" code block,
- * for reusing existing action instance.
- */
- public PrivilegedAction<String> key(String key) {
- this.key = key;
- return this;
- }
-
- /**
- * Returns specified system property.
- */
- public String run() {
- return System.getProperty(key);
- }
- }
-
- /**
- * Auxiliary action for accessing specific security property.
- */
- public static class SecurityPropertyAccessor implements PrivilegedAction<String> {
-
- private String key;
-
- /**
- * Constructor with a property key parameter.
- */
- public SecurityPropertyAccessor(String key) {
- super();
- this.key = key;
- }
-
- public PrivilegedAction<String> key(String key) {
- this.key = key;
- return this;
- }
-
- /**
- * Returns specified security property.
- */
- public String run() {
- return Security.getProperty(key);
- }
- }
-
- /**
- * Auxiliary action for loading a provider by specific security property.
- */
- public static class ProviderLoader<T> implements PrivilegedAction<T> {
-
- private String key;
-
- /**
- * Acceptable provider superclass.
- */
- private Class<T> expectedType;
-
- /**
- * Constructor taking property key and acceptable provider
- * superclass parameters.
- */
- public ProviderLoader(String key, Class<T> expected) {
- super();
- this.key = key;
- this.expectedType = expected;
- }
-
- /**
- * Returns provider instance by specified security property.
- * The <code>key</code> should map to a fully qualified classname.
- *
- * @throws SecurityException if no value specified for the key
- * in security properties or if an Exception has occurred
- * during classloading and instantiating.
- */
- public T run() {
- String klassName = Security.getProperty(key);
- if (klassName == null || klassName.length() == 0) {
- throw new SecurityException("Provider implementation should be specified via '" +
- key + "' security property");
- }
- // TODO accurate classloading
- try {
- Class<?> klass = Class.forName(klassName, true,
- Thread.currentThread().getContextClassLoader());
- if (expectedType != null && klass.isAssignableFrom(expectedType)){
- throw new SecurityException("Provided class " + klassName +
- " does not implement " + expectedType.getName());
- }
- //FIXME expectedType.cast(klass.newInstance());
- return (T)klass.newInstance();
- }
- catch (SecurityException se){
- throw se;
- }
- catch (Exception e) {
- // TODO log error ??
- SecurityException se = new SecurityException("Unable to instantiate provider: " + klassName);
- se.initCause(e);
- throw se;
- }
- }
- }
-
- /**
* Specific exception to signal that property expansion failed
* due to unknown key.
*/
@@ -420,8 +257,7 @@
* @see #expand(String, Properties)
*/
public static boolean canExpandProperties() {
- return !AccessController.doPrivileged(new SecurityPropertyAccessor(POLICY_EXPAND))
- .equalsIgnoreCase(FALSE);
+ return !Security.getProperty(POLICY_EXPAND).equalsIgnoreCase(FALSE);
}
/**
@@ -459,15 +295,12 @@
public static URL[] getPolicyURLs(final Properties system,
final String systemUrlKey, final String securityUrlPrefix) {
- final SecurityPropertyAccessor security = new SecurityPropertyAccessor(
- null);
final List<URL> urls = new ArrayList<URL>();
boolean dynamicOnly = false;
URL dynamicURL = null;
//first check if policy is set via system properties
- if (!AccessController.doPrivileged(security.key(POLICY_ALLOW_DYNAMIC))
- .equalsIgnoreCase(FALSE)) {
+ if (!Security.getProperty(POLICY_ALLOW_DYNAMIC).equalsIgnoreCase(FALSE)) {
String location = system.getProperty(systemUrlKey);
if (location != null) {
if (location.startsWith("=")) {
@@ -479,17 +312,10 @@
location = expandURL(location, system);
// location can be a file, but we need an url...
final File f = new File(location);
- dynamicURL = AccessController
- .doPrivileged(new PrivilegedExceptionAction<URL>() {
-
- public URL run() throws Exception {
- if (f.exists()) {
- return f.toURI().toURL();
- } else {
- return null;
- }
- }
- });
+ dynamicURL = null;
+ if (f.exists()) {
+ dynamicURL = f.toURI().toURL();
+ }
if (dynamicURL == null) {
dynamicURL = new URL(location);
}
@@ -504,9 +330,7 @@
if (!dynamicOnly) {
int i = 1;
while (true) {
- String location = AccessController
- .doPrivileged(security.key(new StringBuilder(
- securityUrlPrefix).append(i++).toString()));
+ String location = Security.getProperty(securityUrlPrefix + (i++));
if (location == null) {
break;
}
diff --git a/luni/src/main/java/org/apache/harmony/security/fortress/SecurityUtils.java b/luni/src/main/java/org/apache/harmony/security/fortress/SecurityUtils.java
index 933bf83..c63a57d 100644
--- a/luni/src/main/java/org/apache/harmony/security/fortress/SecurityUtils.java
+++ b/luni/src/main/java/org/apache/harmony/security/fortress/SecurityUtils.java
@@ -25,18 +25,10 @@
import java.security.AccessControlContext;
import java.util.WeakHashMap;
-//FIXME: move this class under umbrella of protected packages -
-// see lib/java.security: property 'package.access',
-// so only trusted classes like Thread and AccessController will
-// have an access to this class.
-// This is to remove dependency on VMStack, to reduce number
-// of VM2API-dependent classes.
-
/**
* The class is used to perform an exchange of information between
* java.lang.Thread and java.security.AccessController.<br>
- * The data to exchange is inherited contexts for the Thread-s.
- *
+ * The data to exchange is inherited contexts for the Threads.
*/
public final class SecurityUtils {
@@ -94,17 +86,7 @@
* It may also return null if no Thread found in the map - that seems
* possible during VM startup process.
*/
- public static AccessControlContext getContext(Thread thread)
- throws SecurityException {
-
- // ~fixme: see 'fixme' at the top of the file
- /*
- Class cl = VMStack.getCallerClass(0);
- if (cl != AccessController.class) {
- throw new SecurityException("You ["+cl+"] do not have access to this resource.");
- }
- */
-
+ public static AccessControlContext getContext(Thread thread) throws SecurityException {
synchronized (ACC_CACHE) {
return ACC_CACHE.get(thread);
}
diff --git a/luni/src/main/java/org/apache/harmony/security/fortress/Services.java b/luni/src/main/java/org/apache/harmony/security/fortress/Services.java
index 7c65a2d..8a2a7dd 100644
--- a/luni/src/main/java/org/apache/harmony/security/fortress/Services.java
+++ b/luni/src/main/java/org/apache/harmony/security/fortress/Services.java
@@ -22,8 +22,6 @@
package org.apache.harmony.security.fortress;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import java.util.ArrayList;
@@ -66,14 +64,8 @@
// Hash for quick provider access by name
private static final Map<String, Provider> providersNames = new HashMap<String, Provider>(20);
-
static {
- AccessController.doPrivileged(new PrivilegedAction<Object>() {
- public Object run() {
- loadProviders();
- return null;
- }
- });
+ loadProviders();
}
// Load statically registered providers and init Services Info
diff --git a/luni/src/main/java/org/apache/harmony/security/provider/cert/DRLCertFactory.java b/luni/src/main/java/org/apache/harmony/security/provider/cert/DRLCertFactory.java
index a4537e8..790be67 100644
--- a/luni/src/main/java/org/apache/harmony/security/provider/cert/DRLCertFactory.java
+++ b/luni/src/main/java/org/apache/harmony/security/provider/cert/DRLCertFactory.java
@@ -22,16 +22,9 @@
package org.apache.harmony.security.provider.cert;
-import java.security.AccessController;
import java.security.Provider;
-
-/**
- * Master class (provider) for X509 Certificate Factory
- * Implementation.
- */
public final class DRLCertFactory extends Provider {
-
/**
* @serial
*/
@@ -42,22 +35,10 @@
*/
public DRLCertFactory() {
// specification of the provider name, version, and description.
-
- // BEGIN android-changed
- // Avoid using a message resource string here, since it forces loading
- // all the messages in a non-error context.
super("DRLCertFactory", 1.0, "ASN.1, DER, PkiPath, PKCS7");
- // END android-changed
-
- AccessController.doPrivileged(new java.security.PrivilegedAction<Void>() {
- public Void run() {
- // register the service
- put("CertificateFactory.X509",
- "org.apache.harmony.security.provider.cert.X509CertFactoryImpl");
- // mapping the alias
- put("Alg.Alias.CertificateFactory.X.509", "X509");
- return null;
- }
- });
+ // register the service
+ put("CertificateFactory.X509", "org.apache.harmony.security.provider.cert.X509CertFactoryImpl");
+ // mapping the alias
+ put("Alg.Alias.CertificateFactory.X.509", "X509");
}
}
diff --git a/luni/src/main/java/org/apache/harmony/security/provider/crypto/CryptoProvider.java b/luni/src/main/java/org/apache/harmony/security/provider/crypto/CryptoProvider.java
index 8e3774b..70a2449 100644
--- a/luni/src/main/java/org/apache/harmony/security/provider/crypto/CryptoProvider.java
+++ b/luni/src/main/java/org/apache/harmony/security/provider/crypto/CryptoProvider.java
@@ -17,7 +17,6 @@
package org.apache.harmony.security.provider.crypto;
-import java.security.AccessController;
import java.security.Provider;
/**
@@ -38,8 +37,7 @@
*/
public CryptoProvider() {
- super("Crypto", 1.0,
- "HARMONY (SHA1 digest; SecureRandom; SHA1withDSA signature)");
+ super("Crypto", 1.0, "HARMONY (SHA1 digest; SecureRandom; SHA1withDSA signature)");
// names of classes implementing services
final String MD_NAME = "org.apache.harmony.security.provider.crypto.SHA1_MessageDigestImpl";
@@ -50,45 +48,36 @@
final String SIGN_ALIAS = "SHA1withDSA";
- final String KEYF_NAME =
- "org.apache.harmony.security.provider.crypto.DSAKeyFactoryImpl";
+ final String KEYF_NAME = "org.apache.harmony.security.provider.crypto.DSAKeyFactoryImpl";
- AccessController.doPrivileged(new java.security.PrivilegedAction<Void>() {
+ put("MessageDigest.SHA-1", MD_NAME);
+ put("MessageDigest.SHA-1 ImplementedIn", "Software");
+ put("Alg.Alias.MessageDigest.SHA1", "SHA-1");
+ put("Alg.Alias.MessageDigest.SHA", "SHA-1");
- public Void run() {
+ if (RandomBitsSupplier.isServiceAvailable()) {
+ put("SecureRandom.SHA1PRNG", SR_NAME);
+ put("SecureRandom.SHA1PRNG ImplementedIn", "Software");
+ }
- put("MessageDigest.SHA-1", MD_NAME);
- put("MessageDigest.SHA-1 ImplementedIn", "Software");
- put("Alg.Alias.MessageDigest.SHA1", "SHA-1");
- put("Alg.Alias.MessageDigest.SHA", "SHA-1");
+ put("Signature.SHA1withDSA", SIGN_NAME);
+ put("Signature.SHA1withDSA ImplementedIn", "Software");
+ put("Alg.Alias.Signature.SHAwithDSA", SIGN_ALIAS);
+ put("Alg.Alias.Signature.DSAwithSHA1", SIGN_ALIAS);
+ put("Alg.Alias.Signature.SHA1/DSA", SIGN_ALIAS);
+ put("Alg.Alias.Signature.SHA/DSA", SIGN_ALIAS);
+ put("Alg.Alias.Signature.SHA-1/DSA", SIGN_ALIAS);
+ put("Alg.Alias.Signature.DSA", SIGN_ALIAS);
+ put("Alg.Alias.Signature.DSS", SIGN_ALIAS);
- if (RandomBitsSupplier.isServiceAvailable()) {
- put("SecureRandom.SHA1PRNG", SR_NAME);
- put("SecureRandom.SHA1PRNG ImplementedIn", "Software");
- }
+ put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", SIGN_ALIAS);
+ put("Alg.Alias.Signature.1.2.840.10040.4.3", SIGN_ALIAS);
+ put("Alg.Alias.Signature.1.3.14.3.2.13", SIGN_ALIAS);
+ put("Alg.Alias.Signature.1.3.14.3.2.27", SIGN_ALIAS);
- put("Signature.SHA1withDSA", SIGN_NAME);
- put("Signature.SHA1withDSA ImplementedIn", "Software");
- put("Alg.Alias.Signature.SHAwithDSA", SIGN_ALIAS);
- put("Alg.Alias.Signature.DSAwithSHA1", SIGN_ALIAS);
- put("Alg.Alias.Signature.SHA1/DSA", SIGN_ALIAS);
- put("Alg.Alias.Signature.SHA/DSA", SIGN_ALIAS);
- put("Alg.Alias.Signature.SHA-1/DSA", SIGN_ALIAS);
- put("Alg.Alias.Signature.DSA", SIGN_ALIAS);
- put("Alg.Alias.Signature.DSS", SIGN_ALIAS);
-
- put("Alg.Alias.Signature.OID.1.2.840.10040.4.3", SIGN_ALIAS);
- put("Alg.Alias.Signature.1.2.840.10040.4.3", SIGN_ALIAS);
- put("Alg.Alias.Signature.1.3.14.3.2.13", SIGN_ALIAS);
- put("Alg.Alias.Signature.1.3.14.3.2.27", SIGN_ALIAS);
-
- put("KeyFactory.DSA", KEYF_NAME);
- put("KeyFactory.DSA ImplementedIn", "Software");
- put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSA");
- put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA");
-
- return null;
- }
- });
+ put("KeyFactory.DSA", KEYF_NAME);
+ put("KeyFactory.DSA ImplementedIn", "Software");
+ put("Alg.Alias.KeyFactory.1.3.14.3.2.12", "DSA");
+ put("Alg.Alias.KeyFactory.1.2.840.10040.4.1", "DSA");
}
}
diff --git a/luni/src/main/java/org/apache/harmony/security/provider/crypto/RandomBitsSupplier.java b/luni/src/main/java/org/apache/harmony/security/provider/crypto/RandomBitsSupplier.java
index 993914a..002a513 100644
--- a/luni/src/main/java/org/apache/harmony/security/provider/crypto/RandomBitsSupplier.java
+++ b/luni/src/main/java/org/apache/harmony/security/provider/crypto/RandomBitsSupplier.java
@@ -23,10 +23,8 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
-import java.security.AccessController;
import java.security.ProviderException;
-
/**
* The static class providing access on Linux platform
* to system means for generating true random bits. <BR>
@@ -37,8 +35,6 @@
* If no device available the service is not available,
* that is, provider shouldn't register the algorithm. <BR>
*/
-
-
public class RandomBitsSupplier implements SHA1_Data {
@@ -67,41 +63,25 @@
*/
private static boolean serviceAvailable = false;
+ /**
+ * names of random devices on Linux platform
+ */
+ private static final String DEVICE_NAMES[] = { "/dev/urandom" /*, "/dev/random" */ };
static {
- AccessController.doPrivileged(
- new java.security.PrivilegedAction() {
- public Object run() {
-
- for ( int i = 0 ; i < DEVICE_NAMES.length ; i++ ) {
- File file = new File(DEVICE_NAMES[i]);
-
- try {
- if ( file.canRead() ) {
- // BEGIN android-modified
- bis = new FileInputStream(file);
- // END android-modified
- randomFile = file;
- serviceAvailable = true;
- return null;
- }
- } catch (FileNotFoundException e) {
- }
- }
-
- // BEGIN android-removed
-// // If we have come out of the above loop, then we have been unable to
-// // access /dev/*random, so try to fall back to using the system random() API
-// try {
-// System.loadLibrary(LIBRARY_NAME);
-// serviceAvailable = true;
-// } catch (UnsatisfiedLinkError e) {
-// serviceAvailable = false;
-// }
- return null;
+ for (String deviceName : DEVICE_NAMES) {
+ try {
+ File file = new File(deviceName);
+ if (file.canRead()) {
+ // BEGIN android-modified
+ bis = new FileInputStream(file);
+ // END android-modified
+ randomFile = file;
+ serviceAvailable = true;
}
+ } catch (FileNotFoundException e) {
}
- );
+ }
}
@@ -155,18 +135,6 @@
return bytes;
}
-
- // BEGIN android-removed
-// /**
-// * On platforms with no "random" devices available, this native
-// * method uses system API calls to generate random numbers<BR>
-// *
-// * In case of any runtime failure ProviderException gets thrown.
-// */
-// private static native synchronized boolean getUnixSystemRandom(byte[] randomBits, int numBytes);
- // END android-removed
-
-
/**
* The method returns byte array of requested length provided service is available.
* ProviderException gets thrown otherwise.
diff --git a/luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1_Data.java b/luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1_Data.java
index 0e30e03..b559576 100644
--- a/luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1_Data.java
+++ b/luni/src/main/java/org/apache/harmony/security/provider/crypto/SHA1_Data.java
@@ -80,20 +80,4 @@
* in this implementation # is set to 20 (in general # varies from 1 to 20)
*/
static final int DIGEST_LENGTH = 20;
-
-
- // BEGIN android-removed
-// /**
-// * name of native library to use on Windows platform
-// */
-// static final String LIBRARY_NAME = "hysecurity";
- // END android-removed
-
-
- /**
- * names of random devices on Linux platform
- */
- // BEGIN android-changed: /dev/random seems to be empty on Android
- static final String DEVICE_NAMES[] = { "/dev/urandom" /*, "/dev/random" */ };
- // END android-changed
}
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DelegatedTask.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DelegatedTask.java
index 9859be7..c110275 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DelegatedTask.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/DelegatedTask.java
@@ -58,6 +58,5 @@
handshaker.delegatedTaskErr = e;
}
}
-
}
}
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java
index 62b6560..84507bd 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/JSSEProvider.java
@@ -17,8 +17,6 @@
package org.apache.harmony.xnet.provider.jsse;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import java.security.Provider;
/**
@@ -108,17 +106,13 @@
public JSSEProvider() {
super("HarmonyJSSE", 1.0, "Harmony JSSE Provider");
- AccessController.doPrivileged(new PrivilegedAction<Void>() {
- public Void run() {
- put("SSLContext.SSL", SSLContextImpl.class.getName());
- put("SSLContext.SSLv3", SSLContextImpl.class.getName());
- put("SSLContext.TLS", SSLContextImpl.class.getName());
- put("SSLContext.TLSv1", SSLContextImpl.class.getName());
- put("KeyManagerFactory.X509", KeyManagerFactoryImpl.class.getName());
- put("TrustManagerFactory.X509", TrustManagerFactoryImpl.class.getName());
- return null;
- }
- });
+ put("SSLContext.SSL", SSLContextImpl.class.getName());
+ put("SSLContext.SSLv3", SSLContextImpl.class.getName());
+ put("SSLContext.TLS", SSLContextImpl.class.getName());
+ put("SSLContext.TLSv1", SSLContextImpl.class.getName());
+
+ put("KeyManagerFactory.X509", KeyManagerFactoryImpl.class.getName());
+ put("TrustManagerFactory.X509", TrustManagerFactoryImpl.class.getName());
}
}
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerFactoryImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerFactoryImpl.java
index b5ffa06..502f504 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerFactoryImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/KeyManagerFactoryImpl.java
@@ -20,7 +20,6 @@
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
@@ -61,15 +60,9 @@
}
} else {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
- String keyStoreName = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return System.getProperty("javax.net.ssl.keyStore");
- }
- });
+ String keyStoreName = System.getProperty("javax.net.ssl.keyStore");
String keyStorePwd = null;
- if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE")
- || keyStoreName.length() == 0) {
+ if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE") || keyStoreName.isEmpty()) {
try {
keyStore.load(null, null);
} catch (IOException e) {
@@ -78,22 +71,14 @@
throw new KeyStoreException(e);
}
} else {
- keyStorePwd = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return System
- .getProperty("javax.net.ssl.keyStorePassword");
- }
- });
+ keyStorePwd = System.getProperty("javax.net.ssl.keyStorePassword");
if (keyStorePwd == null) {
pwd = EmptyArray.CHAR;
} else {
pwd = keyStorePwd.toCharArray();
}
try {
- keyStore.load(new FileInputStream(new File(keyStoreName)),
- pwd);
-
+ keyStore.load(new FileInputStream(new File(keyStoreName)), pwd);
} catch (FileNotFoundException e) {
throw new KeyStoreException(e);
} catch (IOException e) {
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/Logger.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/Logger.java
index da974f9..009608e 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/Logger.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/Logger.java
@@ -18,8 +18,6 @@
package org.apache.harmony.xnet.provider.jsse;
import java.io.PrintStream;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
import libcore.base.EmptyArray;
/**
@@ -100,12 +98,7 @@
static {
try {
- names = AccessController
- .doPrivileged(new PrivilegedAction<String[]>() {
- public String[] run() {
- return System.getProperty("jsse", "").split(",");
- }
- });
+ names = System.getProperty("jsse", "").split(",");
} catch (Exception e) {
names = EmptyArray.STRING;
}
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java
index 75e4cdd..ac0ff23 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/OpenSSLSessionImpl.java
@@ -363,18 +363,11 @@
/**
* Returns the context to which the actual SSL session is bound. A SSL
* context consists of (1) a possible delegate, (2) a provider and (3) a
- * protocol. If the security manager is activated and one tries to access
- * the SSL context an exception may be thrown if a
- * <code>SSLPermission("getSSLSessionContext")</code>
- * permission is not set.
+ * protocol.
* @return the SSL context used for this session, or null if it is
* unavailable.
*/
public SSLSessionContext getSessionContext() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new SSLPermission("getSSLSessionContext"));
- }
return sessionContext;
}
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
index f54101f..4999ea4 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLServerSocketImpl.java
@@ -249,16 +249,6 @@
SSLSocketImpl s = new SSLSocketImpl(
(SSLParametersImpl) sslParameters.clone());
implAccept(s);
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- try {
- sm.checkAccept(s.getInetAddress().getHostAddress(),
- s.getPort());
- } catch(SecurityException e) {
- s.close();
- throw e;
- }
- }
s.init();
if (logger != null) {
logger.println("SSLServerSocketImpl: accepted, initialized");
@@ -276,4 +266,3 @@
// -----------------------------------------------------------------
}
-
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
index 0bf4007..f00ce4e 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/SSLSessionImpl.java
@@ -281,10 +281,6 @@
}
public SSLSessionContext getSessionContext() {
- SecurityManager sm = System.getSecurityManager();
- if (sm != null) {
- sm.checkPermission(new SSLPermission("getSSLSessionContext"));
- }
return context;
}
diff --git a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java
index f894331..e4aae6f 100644
--- a/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java
+++ b/luni/src/main/java/org/apache/harmony/xnet/provider/jsse/TrustManagerFactoryImpl.java
@@ -23,7 +23,6 @@
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.io.IOException;
-import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
@@ -63,16 +62,9 @@
}
// END android-added
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
- String keyStoreName = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return System
- .getProperty("javax.net.ssl.trustStore");
- }
- });
+ String keyStoreName = System.getProperty("javax.net.ssl.trustStore");
String keyStorePwd = null;
- if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE")
- || keyStoreName.length() == 0) {
+ if (keyStoreName == null || keyStoreName.equalsIgnoreCase("NONE") || keyStoreName.isEmpty()) {
try {
keyStore.load(null, null);
} catch (IOException e) {
@@ -83,13 +75,7 @@
throw new KeyStoreException(e);
}
} else {
- keyStorePwd = AccessController
- .doPrivileged(new java.security.PrivilegedAction<String>() {
- public String run() {
- return System
- .getProperty("javax.net.ssl.trustStorePassword");
- }
- });
+ keyStorePwd = System.getProperty("javax.net.ssl.trustStorePassword");
char[] pwd;
if (keyStorePwd == null) {
pwd = EmptyArray.CHAR;