aboutsummaryrefslogtreecommitdiffstats
path: root/src/java/com/jogamp/common/util
diff options
context:
space:
mode:
authorSven Gothel <[email protected]>2013-06-21 03:45:07 +0200
committerSven Gothel <[email protected]>2013-06-21 03:45:07 +0200
commiteb842815498f5926828b49c48fffce22fc9586a2 (patch)
treeb3aac763bb16890f7f3b3c69b5cdec3febf654f2 /src/java/com/jogamp/common/util
parent19bef683d38f4ce7b0dcb5c516244c6f87504e41 (diff)
Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access (2)
- Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed.
Diffstat (limited to 'src/java/com/jogamp/common/util')
-rw-r--r--src/java/com/jogamp/common/util/SecurityUtil.java11
1 files changed, 11 insertions, 0 deletions
diff --git a/src/java/com/jogamp/common/util/SecurityUtil.java b/src/java/com/jogamp/common/util/SecurityUtil.java
index 4d7aa5d..6b35c9c 100644
--- a/src/java/com/jogamp/common/util/SecurityUtil.java
+++ b/src/java/com/jogamp/common/util/SecurityUtil.java
@@ -142,6 +142,17 @@ public class SecurityUtil {
}
/**
+ * Throws an {@link SecurityException} if an installed {@link SecurityManager}
+ * does not permit to dynamically link to all libraries.
+ */
+ public static final void checkAllLinkPermission() throws SecurityException {
+ if( null != securityManager ) {
+ securityManager.checkPermission(allLinkPermission);
+ }
+ }
+ private static final RuntimePermission allLinkPermission = new RuntimePermission("loadLibrary.*");
+
+ /**
* @param clz
* @return
* @throws SecurityException if the caller has no permission to access the ProtectedDomain of the given class.