001 /*
002 * Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
003 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004 *
005 * This code is free software; you can redistribute it and/or modify it
006 * under the terms of the GNU General Public License version 2 only, as
007 * published by the Free Software Foundation. Sun designates this
008 * particular file as subject to the "Classpath" exception as provided
009 * by Sun in the LICENSE file that accompanied this code.
010 *
011 * This code is distributed in the hope that it will be useful, but WITHOUT
012 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
014 * version 2 for more details (a copy is included in the LICENSE file that
015 * accompanied this code).
016 *
017 * You should have received a copy of the GNU General Public License version
018 * 2 along with this work; if not, write to the Free Software Foundation,
019 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020 *
021 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022 * CA 95054 USA or visit www.sun.com if you need additional information or
023 * have any questions.
024 */
025
026 package java.lang.management;
027
028 /**
029 * The permission which the SecurityManager will check when code
030 * that is running with a SecurityManager calls methods defined
031 * in the management interface for the Java platform.
032 * <P>
033 * The following table
034 * provides a summary description of what the permission allows,
035 * and discusses the risks of granting code the permission.
036 * <P>
037 *
038 * <table border=1 cellpadding=5 summary="Table shows permission target name, wh
039 at the permission allows, and associated risks">
040 * <tr>
041 * <th>Permission Target Name</th>
042 * <th>What the Permission Allows</th>
043 * <th>Risks of Allowing this Permission</th>
044 * </tr>
045 *
046 * <tr>
047 * <td>control</td>
048 * <td>Ability to control the runtime characteristics of the Java virtual
049 * machine, for example, setting the -verbose:gc and -verbose:class flag,
050 * setting the threshold of a memory pool, and enabling and disabling
051 * the thread contention monitoring support.
052 * </td>
053 * <td>This allows an attacker to control the runtime characteristics
054 * of the Java virtual machine and cause the system to misbehave.
055 * </td>
056 * </tr>
057 * <tr>
058 * <td>monitor</td>
059 * <td>Ability to retrieve runtime information about
060 * the Java virtual machine such as thread
061 * stack trace, a list of all loaded class names, and input arguments
062 * to the Java virtual machine.</td>
063 * <td>This allows malicious code to monitor runtime information and
064 * uncover vulnerabilities.</td>
065 * </tr>
066 *
067 * </table>
068 *
069 * <p>
070 * Programmers do not normally create ManagementPermission objects directly.
071 * Instead they are created by the security policy code based on reading
072 * the security policy file.
073 *
074 * @author Mandy Chung
075 * @version 1.11, 05/05/07
076 * @since 1.5
077 *
078 * @see java.security.BasicPermission
079 * @see java.security.Permission
080 * @see java.security.Permissions
081 * @see java.security.PermissionCollection
082 * @see java.lang.SecurityManager
083 *
084 */
085
086 public final class ManagementPermission extends
087 java.security.BasicPermission {
088
089 /**
090 * Constructs a ManagementPermission with the specified name.
091 *
092 * @param name Permission name. Must be either "monitor" or "control".
093 *
094 * @throws NullPointerException if <code>name</code> is <code>null</code>.
095 * @throws IllegalArgumentException if <code>name</code> is empty or invalid.
096 */
097 public ManagementPermission(String name) {
098 super (name);
099 if (!name.equals("control") && !name.equals("monitor")) {
100 throw new IllegalArgumentException("name: " + name);
101 }
102 }
103
104 /**
105 * Constructs a new ManagementPermission object.
106 *
107 * @param name Permission name. Must be either "monitor" or "control".
108 * @param actions Must be either null or the empty string.
109 *
110 * @throws NullPointerException if <code>name</code> is <code>null</code>.
111 * @throws IllegalArgumentException if <code>name</code> is empty or
112 * if arguments are invalid.
113 */
114 public ManagementPermission(String name, String actions)
115 throws IllegalArgumentException {
116 super (name);
117 if (!name.equals("control") && !name.equals("monitor")) {
118 throw new IllegalArgumentException("name: " + name);
119 }
120 if (actions != null && actions.length() > 0) {
121 throw new IllegalArgumentException("actions: " + actions);
122 }
123 }
124 }
|