1 /*
2 * Copyright 2003 Sun Microsystems, Inc. All Rights Reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation. Sun designates this
8 * particular file as subject to the "Classpath" exception as provided
9 * by Sun in the LICENSE file that accompanied this code.
10 *
11 * This code is distributed in the hope that it will be useful, but WITHOUT
12 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
14 * version 2 for more details (a copy is included in the LICENSE file that
15 * accompanied this code).
16 *
17 * You should have received a copy of the GNU General Public License version
18 * 2 along with this work; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20 *
21 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
22 * CA 95054 USA or visit www.sun.com if you need additional information or
23 * have any questions.
24 */
25
26 package java.lang.management;
27
28 /**
29 * The permission which the SecurityManager will check when code
30 * that is running with a SecurityManager calls methods defined
31 * in the management interface for the Java platform.
32 * <P>
33 * The following table
34 * provides a summary description of what the permission allows,
35 * and discusses the risks of granting code the permission.
36 * <P>
37 *
38 * <table border=1 cellpadding=5 summary="Table shows permission target name, wh
39 at the permission allows, and associated risks">
40 * <tr>
41 * <th>Permission Target Name</th>
42 * <th>What the Permission Allows</th>
43 * <th>Risks of Allowing this Permission</th>
44 * </tr>
45 *
46 * <tr>
47 * <td>control</td>
48 * <td>Ability to control the runtime characteristics of the Java virtual
49 * machine, for example, setting the -verbose:gc and -verbose:class flag,
50 * setting the threshold of a memory pool, and enabling and disabling
51 * the thread contention monitoring support.
52 * </td>
53 * <td>This allows an attacker to control the runtime characteristics
54 * of the Java virtual machine and cause the system to misbehave.
55 * </td>
56 * </tr>
57 * <tr>
58 * <td>monitor</td>
59 * <td>Ability to retrieve runtime information about
60 * the Java virtual machine such as thread
61 * stack trace, a list of all loaded class names, and input arguments
62 * to the Java virtual machine.</td>
63 * <td>This allows malicious code to monitor runtime information and
64 * uncover vulnerabilities.</td>
65 * </tr>
66 *
67 * </table>
68 *
69 * <p>
70 * Programmers do not normally create ManagementPermission objects directly.
71 * Instead they are created by the security policy code based on reading
72 * the security policy file.
73 *
74 * @author Mandy Chung
75 * @since 1.5
76 *
77 * @see java.security.BasicPermission
78 * @see java.security.Permission
79 * @see java.security.Permissions
80 * @see java.security.PermissionCollection
81 * @see java.lang.SecurityManager
82 *
83 */
84
85 public final class ManagementPermission extends java.security.BasicPermission {
86
87 /**
88 * Constructs a ManagementPermission with the specified name.
89 *
90 * @param name Permission name. Must be either "monitor" or "control".
91 *
92 * @throws NullPointerException if <code>name</code> is <code>null</code>.
93 * @throws IllegalArgumentException if <code>name</code> is empty or invalid.
94 */
95 public ManagementPermission(String name) {
96 super(name);
97 if (!name.equals("control") && !name.equals("monitor")) {
98 throw new IllegalArgumentException("name: " + name);
99 }
100 }
101
102 /**
103 * Constructs a new ManagementPermission object.
104 *
105 * @param name Permission name. Must be either "monitor" or "control".
106 * @param actions Must be either null or the empty string.
107 *
108 * @throws NullPointerException if <code>name</code> is <code>null</code>.
109 * @throws IllegalArgumentException if <code>name</code> is empty or
110 * if arguments are invalid.
111 */
112 public ManagementPermission(String name, String actions)
113 throws IllegalArgumentException {
114 super(name);
115 if (!name.equals("control") && !name.equals("monitor")) {
116 throw new IllegalArgumentException("name: " + name);
117 }
118 if (actions != null && actions.length() > 0) {
119 throw new IllegalArgumentException("actions: " + actions);
120 }
121 }
122 }
Save This Page