com.dynamide.security
Class DynamideSecurityManager

java.lang.Object
  extended by java.lang.SecurityManager
      extended by com.dynamide.security.DynamideSecurityManager

public class DynamideSecurityManager
extends java.lang.SecurityManager

Code like this will fail if called anywhere in a Dynamide worker thread:

        //This code raises an exception, as it should:
        System.out.println("Installing new HackerSecurityManager...");
        System.setSecurityManager(new com.dynamide.security.HackerSecurityManager());
 


Nested Class Summary
static class DynamideSecurityManager.StackTraceElementDM
           
 
Field Summary
 
Fields inherited from class java.lang.SecurityManager
inCheck
 
Constructor Summary
DynamideSecurityManager()
          Dynamide specifically disallows anyone setting any SecurityManager other than com.dynamide.security.SecurityManager and disallows other class loaders.
 
Method Summary
 void checkAccept(java.lang.String host, int port)
           
 void checkAccess(java.lang.Thread g)
           
 void checkAccess(java.lang.ThreadGroup g)
           
 void checkAwtEventQueueAccess()
           
static void checkCallStack(java.lang.String className, java.lang.String methodName, int distance, boolean verbose)
          Inspect the current call stack, to see if a named class and method are down the call stack by the distance specified from the point of the call.
 void checkConnect(java.lang.String host, int port)
           
 void checkConnect(java.lang.String host, int port, java.lang.Object context)
           
 void checkCreateClassLoader()
           
 void checkDelete(java.lang.String file)
           
 void checkExec(java.lang.String cmd)
           
 void checkExit(int status)
           
 void checkLink(java.lang.String lib)
           
 void checkListen(int port)
           
 void checkMemberAccess(java.lang.Class clazz, int which)
           
 void checkMulticast(java.net.InetAddress maddr)
           
 void checkMulticast(java.net.InetAddress maddr, byte ttl)
           
 void checkPackageAccess(java.lang.String pkg)
           
 void checkPackageDefinition(java.lang.String pkg)
           
 void checkPermission(java.security.Permission perm)
           
 void checkPermission(java.security.Permission perm, java.lang.Object context)
          We avoid code like this: t = new Thread(); t.setContextClassLoader(new com.dynamide.security.DynamideClassLoader()); We dissallow any and all context class loaders.
 void checkPrintJobAccess()
           
 void checkPropertiesAccess()
           
 void checkPropertyAccess(java.lang.String key)
           
 void checkPropertyAccess(java.lang.String key, java.lang.String def)
           
 void checkRead(java.io.FileDescriptor fd)
           
 void checkRead(java.lang.String file)
           
 void checkRead(java.lang.String file, java.lang.Object context)
           
 void checkSecurityAccess(java.lang.String provider)
           
static void checkSecurityManagerInit()
           
 void checkSetFactory()
           
 void checkSystemClipboardAccess()
           
 boolean checkTopLevelWindow(java.lang.Object window)
           
 void checkWrite(java.io.FileDescriptor fd)
           
 void checkWrite(java.lang.String file)
           
static boolean isCurrentThreadWorker()
           
 boolean isThreadEnabledFor(java.lang.String action)
           
static boolean isThreadWorker(java.lang.Thread g)
           
static java.util.List java13_StackTraceElementDM(java.lang.Throwable t)
           
static java.util.List java14_StackTraceElementDM(java.lang.Throwable t)
           
 
Methods inherited from class java.lang.SecurityManager
classDepth, classLoaderDepth, currentClassLoader, currentLoadedClass, getClassContext, getInCheck, getSecurityContext, getThreadGroup, inClass, inClassLoader
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

DynamideSecurityManager

public DynamideSecurityManager()
Dynamide specifically disallows anyone setting any SecurityManager other than com.dynamide.security.SecurityManager and disallows other class loaders.

Method Detail

checkSecurityManagerInit

public static void checkSecurityManagerInit()
                                     throws java.lang.Exception
Throws:
java.lang.Exception

isThreadEnabledFor

public boolean isThreadEnabledFor(java.lang.String action)

isCurrentThreadWorker

public static boolean isCurrentThreadWorker()

isThreadWorker

public static boolean isThreadWorker(java.lang.Thread g)

java14_StackTraceElementDM

public static java.util.List java14_StackTraceElementDM(java.lang.Throwable t)

java13_StackTraceElementDM

public static java.util.List java13_StackTraceElementDM(java.lang.Throwable t)
                                                 throws java.lang.Exception
Throws:
java.lang.Exception

checkCallStack

public static void checkCallStack(java.lang.String className,
                                  java.lang.String methodName,
                                  int distance,
                                  boolean verbose)
                           throws java.lang.SecurityException
Inspect the current call stack, to see if a named class and method are down the call stack by the distance specified from the point of the call. You do not need to include the call to checkCallStack in the distance. Also, constructors consume one slot on the call stack, with a method name of "<init>".

For example, suppose you wish to check that Bar.baz() was called by MyClass.foo(). Given the following definitions, the call to checkCallStack succeeds:

   package com.acme;
   public class MyClass{
      public void foo(){
         Bar.baz();
      }
   }

   public class Bar {
         public static void baz(){
             checkCallStack("com.acme.MyClass", "foo", 1);
         }
   }
  

To check a constructor, remember to index accordingly, since the constructor takes one slot. Given the following definitions, the call to checkCallStack succeeds:

   package com.acme;
   public class MyClass{
      public void foo(){
         new Bar();
      }
   }

   public class Bar {
         public Bar(){
             checkCallStack("com.acme.MyClass", "foo", 2);
         }
   }
  

On a 850 MHz intel box, this method costs 0.1 milliseconds. So it is safe to call routinely.

Parameters:
verbose - If this is on, then debug messages will go to log4j with category com.dynamide.security.DynamideSecurityManager and level INFO.
Throws:
java.lang.SecurityException - if the className and methodName are not the specified distance down the call stack.

checkCreateClassLoader

public void checkCreateClassLoader()
Overrides:
checkCreateClassLoader in class java.lang.SecurityManager

checkAccess

public void checkAccess(java.lang.Thread g)
Overrides:
checkAccess in class java.lang.SecurityManager

checkAccess

public void checkAccess(java.lang.ThreadGroup g)
Overrides:
checkAccess in class java.lang.SecurityManager

checkExit

public void checkExit(int status)
Overrides:
checkExit in class java.lang.SecurityManager

checkExec

public void checkExec(java.lang.String cmd)
Overrides:
checkExec in class java.lang.SecurityManager

checkLink

public void checkLink(java.lang.String lib)
Overrides:
checkLink in class java.lang.SecurityManager

checkRead

public void checkRead(java.io.FileDescriptor fd)
Overrides:
checkRead in class java.lang.SecurityManager

checkRead

public void checkRead(java.lang.String file)
Overrides:
checkRead in class java.lang.SecurityManager

checkRead

public void checkRead(java.lang.String file,
                      java.lang.Object context)
Overrides:
checkRead in class java.lang.SecurityManager

checkWrite

public void checkWrite(java.io.FileDescriptor fd)
Overrides:
checkWrite in class java.lang.SecurityManager

checkWrite

public void checkWrite(java.lang.String file)
Overrides:
checkWrite in class java.lang.SecurityManager

checkDelete

public void checkDelete(java.lang.String file)
Overrides:
checkDelete in class java.lang.SecurityManager

checkConnect

public void checkConnect(java.lang.String host,
                         int port)
Overrides:
checkConnect in class java.lang.SecurityManager

checkConnect

public void checkConnect(java.lang.String host,
                         int port,
                         java.lang.Object context)
Overrides:
checkConnect in class java.lang.SecurityManager

checkListen

public void checkListen(int port)
Overrides:
checkListen in class java.lang.SecurityManager

checkAccept

public void checkAccept(java.lang.String host,
                        int port)
Overrides:
checkAccept in class java.lang.SecurityManager

checkMulticast

public void checkMulticast(java.net.InetAddress maddr)
Overrides:
checkMulticast in class java.lang.SecurityManager

checkMulticast

public void checkMulticast(java.net.InetAddress maddr,
                           byte ttl)
Overrides:
checkMulticast in class java.lang.SecurityManager

checkPermission

public void checkPermission(java.security.Permission perm)
Overrides:
checkPermission in class java.lang.SecurityManager

checkPermission

public void checkPermission(java.security.Permission perm,
                            java.lang.Object context)
We avoid code like this:
     t = new Thread();
     t.setContextClassLoader(new com.dynamide.security.DynamideClassLoader());
We dissallow any and all context class loaders.

Overrides:
checkPermission in class java.lang.SecurityManager

checkPropertiesAccess

public void checkPropertiesAccess()
Overrides:
checkPropertiesAccess in class java.lang.SecurityManager

checkPropertyAccess

public void checkPropertyAccess(java.lang.String key)
Overrides:
checkPropertyAccess in class java.lang.SecurityManager

checkPropertyAccess

public void checkPropertyAccess(java.lang.String key,
                                java.lang.String def)

checkTopLevelWindow

public boolean checkTopLevelWindow(java.lang.Object window)
Overrides:
checkTopLevelWindow in class java.lang.SecurityManager

checkPrintJobAccess

public void checkPrintJobAccess()
Overrides:
checkPrintJobAccess in class java.lang.SecurityManager

checkSystemClipboardAccess

public void checkSystemClipboardAccess()
Overrides:
checkSystemClipboardAccess in class java.lang.SecurityManager

checkAwtEventQueueAccess

public void checkAwtEventQueueAccess()
Overrides:
checkAwtEventQueueAccess in class java.lang.SecurityManager

checkPackageAccess

public void checkPackageAccess(java.lang.String pkg)
Overrides:
checkPackageAccess in class java.lang.SecurityManager

checkPackageDefinition

public void checkPackageDefinition(java.lang.String pkg)
Overrides:
checkPackageDefinition in class java.lang.SecurityManager

checkSetFactory

public void checkSetFactory()
Overrides:
checkSetFactory in class java.lang.SecurityManager

checkMemberAccess

public void checkMemberAccess(java.lang.Class clazz,
                              int which)
Overrides:
checkMemberAccess in class java.lang.SecurityManager

checkSecurityAccess

public void checkSecurityAccess(java.lang.String provider)
Overrides:
checkSecurityAccess in class java.lang.SecurityManager


Copyright 2001-2013 DYNAMIDE.COM. All Rights Reserved.