CheckRestrictedPackage.java revision 1643:133ea8746b37
1175281Sobrien/* 251152Sobrien * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. 317721Speter * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 417721Speter * 517721Speter * This code is free software; you can redistribute it and/or modify it 617721Speter * under the terms of the GNU General Public License version 2 only, as 717721Speter * published by the Free Software Foundation. Oracle designates this 817721Speter * particular file as subject to the "Classpath" exception as provided 917721Speter * by Oracle in the LICENSE file that accompanied this code. 1017721Speter * 1117721Speter * This code is distributed in the hope that it will be useful, but WITHOUT 1217721Speter * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 1317721Speter * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License 1417721Speter * version 2 for more details (a copy is included in the LICENSE file that 1517721Speter * accompanied this code). 1617721Speter * 1717721Speter * You should have received a copy of the GNU General Public License version 1817721Speter * 2 along with this work; if not, write to the Free Software Foundation, 1917721Speter * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. 2017721Speter * 2117721Speter * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA 2217721Speter * or visit www.oracle.com if you need additional information or have any 2317721Speter * questions. 2417721Speter */ 2517721Speter 2617721Speter/* 2717721Speter * This file is available under and governed by the GNU General Public 2825842Speter * License version 2 only, as published by the Free Software Foundation. 2925842Speter * However, the following notice accompanied the original version of this 3025842Speter * file, and Oracle licenses the original version of this file under the BSD 31102843Speter * license: 32102843Speter */ 33102843Speter/* 34102843Speter Copyright 2009-2013 Attila Szegedi 35102843Speter 36102843Speter Licensed under both the Apache License, Version 2.0 (the "Apache License") 3717721Speter and the BSD License (the "BSD License"), with licensee being free to 3817721Speter choose either of the two at their discretion. 3917721Speter 4017721Speter You may not use this file except in compliance with either the Apache 4117721Speter License or the BSD License. 4217721Speter 4317721Speter If you choose to use this file in compliance with the Apache License, the 4444856Speter following notice applies to you: 4544856Speter 4644856Speter You may obtain a copy of the Apache License at 4744856Speter 4844856Speter http://www.apache.org/licenses/LICENSE-2.0 4944856Speter 5044856Speter Unless required by applicable law or agreed to in writing, software 5144856Speter distributed under the License is distributed on an "AS IS" BASIS, 5244856Speter WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 5317721Speter implied. See the License for the specific language governing 5417721Speter permissions and limitations under the License. 5517721Speter 5617721Speter If you choose to use this file in compliance with the BSD License, the 5717721Speter following notice applies to you: 5817721Speter 5917721Speter Redistribution and use in source and binary forms, with or without 6017721Speter modification, are permitted provided that the following conditions are 6117721Speter met: 6217721Speter * Redistributions of source code must retain the above copyright 6317721Speter notice, this list of conditions and the following disclaimer. 6417721Speter * Redistributions in binary form must reproduce the above copyright 6517721Speter notice, this list of conditions and the following disclaimer in the 6617721Speter documentation and/or other materials provided with the distribution. 6717721Speter * Neither the name of the copyright holder nor the names of 6817721Speter contributors may be used to endorse or promote products derived from 6917721Speter this software without specific prior written permission. 7017721Speter 7117721Speter THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS 7217721Speter IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 7317721Speter TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 7417721Speter PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL COPYRIGHT HOLDER 7517721Speter BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 7617721Speter CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 7717721Speter SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 7817721Speter BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 7917721Speter WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 8017721Speter OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 8117721Speter ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 8217721Speter*/ 8317721Speter 8417721Speterpackage jdk.dynalink.beans; 8517721Speter 8617721Speterimport java.lang.reflect.Modifier; 8717721Speterimport java.lang.reflect.Module; 8817721Speterimport java.security.AccessControlContext; 8917721Speterimport java.security.AccessController; 9017721Speterimport java.security.PrivilegedAction; 9117721Speterimport jdk.dynalink.internal.AccessControlContextFactory; 9217721Speter 9317721Speter/** 9417721Speter * A utility class to check whether a given class is in a package with restricted access e.g. "sun.*" etc. 9517721Speter */ 9617721Speterclass CheckRestrictedPackage { 9717721Speter private static final AccessControlContext NO_PERMISSIONS_CONTEXT = 9817721Speter AccessControlContextFactory.createAccessControlContext(); 9917721Speter 10017721Speter /** 10117721Speter * Returns true if the class is either not public, or it resides in a package with restricted access. 10217721Speter * @param clazz the class to test 10317721Speter * @return true if the class is either not public, or it resides in a package with restricted access. 10417721Speter */ 10517721Speter static boolean isRestrictedClass(final Class<?> clazz) { 10617721Speter if(!Modifier.isPublic(clazz.getModifiers())) { 10717721Speter // Non-public classes are always restricted 10817721Speter return true; 10917721Speter } 11017721Speter final String name = clazz.getName(); 11117721Speter final int i = name.lastIndexOf('.'); 11217721Speter if (i == -1) { 11317721Speter // Classes in default package are never restricted 11417721Speter return false; 11517721Speter } 11617721Speter final String pkgName = name.substring(0, i); 11717721Speter final Module module = clazz.getModule(); 11817721Speter if (module != null && !module.isExported(pkgName)) { 11917721Speter return true; 12017721Speter } 12117721Speter 12217721Speter final SecurityManager sm = System.getSecurityManager(); 12317721Speter if(sm == null) { 12417721Speter // No further restrictions if we don't have a security manager 12517721Speter return false; 12617721Speter } 12717721Speter // Do a package access check from within an access control context with no permissions 12817721Speter try { 12917721Speter AccessController.doPrivileged(new PrivilegedAction<Void>() { 13017721Speter @Override 13117721Speter public Void run() { 13217721Speter sm.checkPackageAccess(pkgName); 13317721Speter return null; 13417721Speter } 13517721Speter }, NO_PERMISSIONS_CONTEXT); 13617721Speter } catch(final SecurityException e) { 13717721Speter return true; 13817721Speter } 13917721Speter return false; 14017721Speter } 14117721Speter} 14217721Speter