Save This Page
Home » openjdk-7 » java » awt » [javadoc | source]
    1   /*
    2    * Copyright (c) 1997, 2009, Oracle and/or its affiliates. All rights reserved.
    3    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
    4    *
    5    * This code is free software; you can redistribute it and/or modify it
    6    * under the terms of the GNU General Public License version 2 only, as
    7    * published by the Free Software Foundation.  Oracle designates this
    8    * particular file as subject to the "Classpath" exception as provided
    9    * by Oracle in the LICENSE file that accompanied this code.
   10    *
   11    * This code is distributed in the hope that it will be useful, but WITHOUT
   12    * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
   13    * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
   14    * version 2 for more details (a copy is included in the LICENSE file that
   15    * accompanied this code).
   16    *
   17    * You should have received a copy of the GNU General Public License version
   18    * 2 along with this work; if not, write to the Free Software Foundation,
   19    * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
   20    *
   21    * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
   22    * or visit www.oracle.com if you need additional information or have any
   23    * questions.
   24    */
   25   
   26   package java.awt;
   27   
   28   import java.security.BasicPermission;
   29   
   30   /**
   31    * This class is for AWT permissions.
   32    * An <code>AWTPermission</code> contains a target name but
   33    * no actions list; you either have the named permission
   34    * or you don't.
   35    *
   36    * <P>
   37    * The target name is the name of the AWT permission (see below). The naming
   38    * convention follows the hierarchical property naming convention.
   39    * Also, an asterisk could be used to represent all AWT permissions.
   40    *
   41    * <P>
   42    * The following table lists all the possible <code>AWTPermission</code>
   43    * target names, and for each provides a description of what the
   44    * permission allows and a discussion of the risks of granting code
   45    * the permission.
   46    * <P>
   47    *
   48    * <table border=1 cellpadding=5 summary="AWTPermission target names, descriptions, and associated risks.">
   49    * <tr>
   50    * <th>Permission Target Name</th>
   51    * <th>What the Permission Allows</th>
   52    * <th>Risks of Allowing this Permission</th>
   53    * </tr>
   54    *
   55    * <tr>
   56    *   <td>accessClipboard</td>
   57    *   <td>Posting and retrieval of information to and from the AWT clipboard</td>
   58    *   <td>This would allow malfeasant code to share
   59    * potentially sensitive or confidential information.</td>
   60    * </tr>
   61    *
   62    * <tr>
   63    *   <td>accessEventQueue</td>
   64    *   <td>Access to the AWT event queue</td>
   65    *   <td>After retrieving the AWT event queue,
   66    * malicious code may peek at and even remove existing events
   67    * from its event queue, as well as post bogus events which may purposefully
   68    * cause the application or applet to misbehave in an insecure manner.</td>
   69    * </tr>
   70    *
   71    * <tr>
   72    *   <td>accessSystemTray</td>
   73    *   <td>Access to the AWT SystemTray instance</td>
   74    *   <td>This would allow malicious code to add tray icons to the system tray.
   75    * First, such an icon may look like the icon of some known application
   76    * (such as a firewall or anti-virus) and order a user to do something unsafe
   77    * (with help of balloon messages). Second, the system tray may be glutted with
   78    * tray icons so that no one could add a tray icon anymore.</td>
   79    * </tr>
   80    *
   81    * <tr>
   82    *   <td>createRobot</td>
   83    *   <td>Create java.awt.Robot objects</td>
   84    *   <td>The java.awt.Robot object allows code to generate native-level
   85    * mouse and keyboard events as well as read the screen. It could allow
   86    * malicious code to control the system, run other programs, read the
   87    * display, and deny mouse and keyboard access to the user.</td>
   88    * </tr>
   89    *
   90    * <tr>
   91    *   <td>fullScreenExclusive</td>
   92    *   <td>Enter full-screen exclusive mode</td>
   93    *   <td>Entering full-screen exclusive mode allows direct access to
   94    * low-level graphics card memory.  This could be used to spoof the
   95    * system, since the program is in direct control of rendering. Depending on
   96    * the implementation, the security warning may not be shown for the windows
   97    * used to enter the full-screen exclusive mode (assuming that the {@code
   98    * fullScreenExclusive} permission has been granted to this application). Note
   99    * that this behavior does not mean that the {@code
  100    * showWindowWithoutWarningBanner} permission will be automatically granted to
  101    * the application which has the {@code fullScreenExclusive} permission:
  102    * non-full-screen windows will continue to be shown with the security
  103    * warning.</td>
  104    * </tr>
  105    *
  106    * <tr>
  107    *   <td>listenToAllAWTEvents</td>
  108    *   <td>Listen to all AWT events, system-wide</td>
  109    *   <td>After adding an AWT event listener,
  110    * malicious code may scan all AWT events dispatched in the system,
  111    * allowing it to read all user input (such as passwords).  Each
  112    * AWT event listener is called from within the context of that
  113    * event queue's EventDispatchThread, so if the accessEventQueue
  114    * permission is also enabled, malicious code could modify the
  115    * contents of AWT event queues system-wide, causing the application
  116    * or applet to misbehave in an insecure manner.</td>
  117    * </tr>
  118    *
  119    * <tr>
  120    *   <td>readDisplayPixels</td>
  121    *   <td>Readback of pixels from the display screen</td>
  122    *   <td>Interfaces such as the java.awt.Composite interface or the
  123    * java.awt.Robot class allow arbitrary code to examine pixels on the
  124    * display enable malicious code to snoop on the activities of the user.</td>
  125    * </tr>
  126    *
  127    * <tr>
  128    *   <td>replaceKeyboardFocusManager</td>
  129    *   <td>Sets the <code>KeyboardFocusManager</code> for
  130    *       a particular thread.
  131    *   <td>When <code>SecurityManager</code> is installed, the invoking
  132    *       thread must be granted this permission in order to replace
  133    *       the current <code>KeyboardFocusManager</code>.  If permission
  134    *       is not granted, a <code>SecurityException</code> will be thrown.
  135    * </tr>
  136    *
  137    * <tr>
  138    *   <td>setAppletStub</td>
  139    *   <td>Setting the stub which implements Applet container services</td>
  140    *   <td>Malicious code could set an applet's stub and result in unexpected
  141    * behavior or denial of service to an applet.</td>
  142    * </tr>
  143    *
  144    * <tr>
  145    *   <td>setWindowAlwaysOnTop</td>
  146    *   <td>Setting always-on-top property of the window: {@link Window#setAlwaysOnTop}</td>
  147    *   <td>The malicious window might make itself look and behave like a real full desktop, so that
  148    * information entered by the unsuspecting user is captured and subsequently misused </td>
  149    * </tr>
  150    *
  151    * <tr>
  152    *   <td>showWindowWithoutWarningBanner</td>
  153    *   <td>Display of a window without also displaying a banner warning
  154    * that the window was created by an applet</td>
  155    *   <td>Without this warning,
  156    * an applet may pop up windows without the user knowing that they
  157    * belong to an applet.  Since users may make security-sensitive
  158    * decisions based on whether or not the window belongs to an applet
  159    * (entering a username and password into a dialog box, for example),
  160    * disabling this warning banner may allow applets to trick the user
  161    * into entering such information.</td>
  162    * </tr>
  163    *
  164    * <tr>
  165    *   <td>toolkitModality</td>
  166    *   <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
  167    *       and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
  168    *       TOOLKIT_EXCLUDE} window property.</td>
  169    *   <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
  170    * applets in the browser. When launching applications from Java Web Start,
  171    * its windows (such as the security dialog) may also be blocked by toolkit-modal
  172    * dialogs, shown from these applications.</td>
  173    * </tr>
  174    *
  175    * <tr>
  176    *   <td>watchMousePointer</td>
  177    *   <td>Getting the information about the mouse pointer position at any
  178    * time</td>
  179    *   <td>Constantly watching the mouse pointer,
  180    * an applet can make guesses about what the user is doing, i.e. moving
  181    * the mouse to the lower left corner of the screen most likely means that
  182    * the user is about to launch an application. If a virtual keypad is used
  183    * so that keyboard is emulated using the mouse, an applet may guess what
  184    * is being typed.</td>
  185    * </tr>
  186    * </table>
  187    *
  188    * @see java.security.BasicPermission
  189    * @see java.security.Permission
  190    * @see java.security.Permissions
  191    * @see java.security.PermissionCollection
  192    * @see java.lang.SecurityManager
  193    *
  194    *
  195    * @author Marianne Mueller
  196    * @author Roland Schemers
  197    */
  198   
  199   public final class AWTPermission extends BasicPermission {
  200   
  201       /** use serialVersionUID from the Java 2 platform for interoperability */
  202       private static final long serialVersionUID = 8890392402588814465L;
  203   
  204       /**
  205        * Creates a new <code>AWTPermission</code> with the specified name.
  206        * The name is the symbolic name of the <code>AWTPermission</code>,
  207        * such as "topLevelWindow", "systemClipboard", etc. An asterisk
  208        * may be used to indicate all AWT permissions.
  209        *
  210        * @param name the name of the AWTPermission
  211        *
  212        * @throws NullPointerException if <code>name</code> is <code>null</code>.
  213        * @throws IllegalArgumentException if <code>name</code> is empty.
  214        */
  215   
  216       public AWTPermission(String name)
  217       {
  218           super(name);
  219       }
  220   
  221       /**
  222        * Creates a new <code>AWTPermission</code> object with the specified name.
  223        * The name is the symbolic name of the <code>AWTPermission</code>, and the
  224        * actions string is currently unused and should be <code>null</code>.
  225        *
  226        * @param name the name of the <code>AWTPermission</code>
  227        * @param actions should be <code>null</code>
  228        *
  229        * @throws NullPointerException if <code>name</code> is <code>null</code>.
  230        * @throws IllegalArgumentException if <code>name</code> is empty.
  231        */
  232   
  233       public AWTPermission(String name, String actions)
  234       {
  235           super(name, actions);
  236       }
  237   }

Save This Page
Home » openjdk-7 » java » awt » [javadoc | source]