sysModel
Class MBSSecurityManager

java.lang.Object
  java.lang.SecurityManager
      sysModel.MBSSecurityManager

public class MBSSecurityManager
extends java.lang.SecurityManager

Special security manager that does not permit fish to call System.exit() or System.setSecurityManager().

Author:

Mathias Ricken

Field Summary

private java.lang.String	_classPath
private java.lang.String[]	_classPathDirs
private java.lang.String	_pathSep
private boolean	_protected
private java.lang.SecurityManager	_sm

Fields inherited from class java.lang.SecurityManager

inCheck

Constructor Summary

MBSSecurityManager()
Constructor.

Method Summary

void	checkAccess(java.lang.Thread t) Throws a SecurityException if the calling thread is not allowed to modify the thread argument.
void	checkAccess(java.lang.ThreadGroup g) Throws a SecurityException if the calling thread is not allowed to modify the thread group argument.
void	checkExit(int status) Throws a SecurityException if the calling thread is not allowed to cause the Java Virtual Machine to halt with the specified status code.
void	checkPermission(java.security.Permission perm) Throws a SecurityException if the requested access, specified by the given permission, is not permitted based on the security policy currently in effect.
protected boolean	isFishCaller() Returns true if a fish is somewhere on the call stack.
protected boolean	isOnClassPath(java.lang.String filename) Returns true if the filename is on the class path.
void	setProtected(boolean _protected) Set the protection flag.

Methods inherited from class java.lang.SecurityManager

checkAccept, checkAwtEventQueueAccess, checkConnect, checkConnect, checkCreateClassLoader, checkDelete, checkExec, checkLink, checkListen, checkMemberAccess, checkMulticast, checkMulticast, checkPackageAccess, checkPackageDefinition, checkPermission, checkPrintJobAccess, checkPropertiesAccess, checkPropertyAccess, checkRead, checkRead, checkRead, checkSecurityAccess, checkSetFactory, checkSystemClipboardAccess, checkTopLevelWindow, checkWrite, checkWrite, classDepth, classLoaderDepth, currentClassLoader, currentLoadedClass, getClassContext, getInCheck, getSecurityContext, getThreadGroup, inClass, inClassLoader

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

_protected

private boolean _protected

_sm

private java.lang.SecurityManager _sm

_classPath

private java.lang.String _classPath

_pathSep

private java.lang.String _pathSep

_classPathDirs

private java.lang.String[] _classPathDirs

Constructor Detail

MBSSecurityManager

public MBSSecurityManager()

Constructor.

Method Detail

setProtected

public void setProtected(boolean _protected)

Set the protection flag.

Parameters:

_protected - true if actions are to be protected

isOnClassPath

protected boolean isOnClassPath(java.lang.String filename)

Returns true if the filename is on the class path.

Parameters:

filename - filename to test

Returns:

true if on classpath

isFishCaller

protected boolean isFishCaller()

Returns true if a fish is somewhere on the call stack.

Returns:

true if fish is a caller

checkPermission

public void checkPermission(java.security.Permission perm)

Throws a SecurityException if the requested access, specified by the given permission, is not permitted based on the security policy currently in effect.

This method calls AccessController.checkPermission with the given permission.

Overrides:

checkPermission in class java.lang.SecurityManager

Parameters:

perm - the requested permission.

Throws:

java.lang.SecurityException - if access is not permitted based on the current security policy.

java.lang.NullPointerException - if the permission argument is null.

Since:

1.2

checkAccess

public void checkAccess(java.lang.Thread t)

Throws a SecurityException if the calling thread is not allowed to modify the thread argument.

This method is invoked for the current security manager by the stop, suspend, resume, setPriority, setName, and setDaemon methods of class Thread.

If the thread argument is a system thread (belongs to the thread group with a null parent) then this method calls checkPermission with the RuntimePermission("modifyThread") permission. If the thread argument is not a system thread, this method just returns silently.

Applications that want a stricter policy should override this method. If this method is overridden, the method that overrides it should additionally check to see if the calling thread has the RuntimePermission("modifyThread") permission, and if so, return silently. This is to ensure that code granted that permission (such as the SDK itself) is allowed to manipulate any thread.

If this method is overridden, then super.checkAccess should be called by the first statement in the overridden method, or the equivalent security check should be placed in the overridden method.

Overrides:

checkAccess in class java.lang.SecurityManager

Parameters:

t - the thread to be checked.

Throws:

java.lang.SecurityException - if the calling thread does not have permission to modify the thread.

java.lang.NullPointerException - if the thread argument is null.

See Also:

resume, setDaemon, setName, setPriority, stop, suspend, checkPermission

checkAccess

public void checkAccess(java.lang.ThreadGroup g)

Throws a SecurityException if the calling thread is not allowed to modify the thread group argument.

This method is invoked for the current security manager when a new child thread or child thread group is created, and by the setDaemon, setMaxPriority, stop, suspend, resume, and destroy methods of class ThreadGroup.

If the thread group argument is the system thread group ( has a null parent) then this method calls checkPermission with the RuntimePermission("modifyThreadGroup") permission. If the thread group argument is not the system thread group, this method just returns silently.

Applications that want a stricter policy should override this method. If this method is overridden, the method that overrides it should additionally check to see if the calling thread has the RuntimePermission("modifyThreadGroup") permission, and if so, return silently. This is to ensure that code granted that permission (such as the SDK itself) is allowed to manipulate any thread.

If this method is overridden, then super.checkAccess should be called by the first statement in the overridden method, or the equivalent security check should be placed in the overridden method.

Overrides:

checkAccess in class java.lang.SecurityManager

Parameters:

g - the thread group to be checked.

Throws:

java.lang.SecurityException - if the calling thread does not have permission to modify the thread group.

java.lang.NullPointerException - if the thread group argument is null.

See Also:

destroy, resume, setDaemon, setMaxPriority, stop, suspend, checkPermission

checkExit

public void checkExit(int status)

Throws a SecurityException if the calling thread is not allowed to cause the Java Virtual Machine to halt with the specified status code.

This method is invoked for the current security manager by the exit method of class Runtime. A status of 0 indicates success; other values indicate various errors.

This method calls checkPermission with the RuntimePermission("exitVM") permission.

If you override this method, then you should make a call to super.checkExit at the point the overridden method would normally throw an exception.

Overrides:

checkExit in class java.lang.SecurityManager

Parameters:

status - the exit status.

Throws:

java.lang.SecurityException - if the calling thread does not have permission to halt the Java Virtual Machine with the specified status.

See Also:

exit, checkPermission