You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@harmony.apache.org by va...@apache.org on 2006/12/12 08:43:29 UTC
svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src:
main/java/java/lang/ main/java/org/apache/harmony/luni/util/
test/java/org/apache/harmony/luni/tests/java/lang/
Author: varlax
Date: Mon Dec 11 23:43:28 2006
New Revision: 486052
URL: http://svn.apache.org/viewvc?view=rev&rev=486052
Log:
Fixed HARMONY-2301 [luni] flawed SecurityManager.checkPackageAccess() impl
Regression tests added.
Tested on DRLVM
Modified:
harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
Modified: harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java (original)
+++ harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java Mon Dec 11 23:43:28 2006
@@ -46,7 +46,8 @@
private static final PropertyPermission READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
"*", "read,write");
- private static String[] securePackageList;
+ private static final String PKG_ACC_KEY = "package.access";
+ private static final String PKG_DEF_KEY = "package.definition";
/**
* Flag to indicate whether a security check is in progress.
@@ -299,26 +300,8 @@
if (packageName == null) {
throw new NullPointerException();
}
- synchronized (SecurityManager.class) {
- if (securePackageList == null) {
- String securePackages = getSecurityProperty("package.access");
- if (securePackages != null) {
- StringTokenizer tokenizer = new StringTokenizer(securePackages, ", ");
- int i = 0;
- securePackageList = new String[tokenizer.countTokens()];
- while (tokenizer.hasMoreTokens()) {
- securePackageList[i++] = tokenizer.nextToken();
- }
- } else {
- securePackageList = new String[0];
- }
- }
- for (int i = 0; i < securePackageList.length; i++) {
- if (packageName.startsWith(securePackageList[i])) {
- checkPermission(new RuntimePermission("accessClassInPackage." + packageName));
- return;
- }
- }
+ if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
+ checkPermission(new RuntimePermission("accessClassInPackage." + packageName));
}
}
@@ -330,26 +313,44 @@
* the name of the package to add a class to.
*/
public void checkPackageDefinition(String packageName) {
- if (packageName == null) {
- throw new NullPointerException();
+ if (packageName == null) {
+ throw new NullPointerException();
+ }
+ if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
+ checkPermission(new RuntimePermission("defineClassInPackage." + packageName));
+ }
+ }
+
+ /**
+ * Returns true if the package name is restricted by
+ * the specified security property.
+ */
+ private static boolean checkPackageProperty(
+ final String property, final String pkg)
+ {
+ String list = AccessController.doPrivileged(PriviAction
+ .getSecurityProperty(property));
+ if (list != null) {
+ int plen = pkg.length();
+ StringTokenizer tokenizer = new StringTokenizer(list, ", ");
+ while (tokenizer.hasMoreTokens()) {
+ String token = tokenizer.nextToken();
+ int tlen = token.length();
+ if (plen > tlen) {
+ if (pkg.startsWith(token)
+ && (token.charAt(tlen - 1) == '.' || pkg
+ .charAt(tlen) == '.')) {
+ return true;
+ }
+ } else if (plen + 1 >= tlen && token.startsWith(pkg)) {
+ if (plen == tlen || token.charAt(tlen - 1) == '.') {
+ return true;
+ }
+ }
+ }
}
- String securePackages = getSecurityProperty("package.definition");
- if (securePackages != null) {
- StringTokenizer tokenizer = new StringTokenizer(securePackages,
- ", ");
- while (tokenizer.hasMoreTokens()) {
- if (packageName.startsWith(tokenizer.nextToken())) {
- checkPermission(new RuntimePermission(
- "defineClassInPackage." + packageName));
- return;
- }
- }
- }
- }
-
- private String getSecurityProperty(final String property) {
- PrivilegedAction<String> pa = PriviAction.getSecurityProperty(property);
- return AccessController.doPrivileged(pa);
+
+ return false;
}
/**
Modified: harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java (original)
+++ harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java Mon Dec 11 23:43:28 2006
@@ -53,8 +53,8 @@
*
* @see Security#getProperty
*/
- public static <T> PrivilegedAction<T> getSecurityProperty(String property) {
- return new PriviAction<T>(GET_SECURITY_PROPERTY, property);
+ public static PrivilegedAction<String> getSecurityProperty(String property) {
+ return new PriviAction<String>(GET_SECURITY_PROPERTY, property);
}
private PriviAction(int action, Object arg) {
Modified: harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java (original)
+++ harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java Mon Dec 11 23:43:28 2006
@@ -17,53 +17,54 @@
package org.apache.harmony.luni.tests.java.lang;
import java.security.Permission;
-import java.util.HashSet;
-import java.util.Set;
+import java.security.PermissionCollection;
+import java.security.Permissions;
class MutableSecurityManager extends SecurityManager {
static final RuntimePermission SET_SECURITY_MANAGER = new RuntimePermission("setSecurityManager");
- private final Set<Permission> permissions;
+ private PermissionCollection enabled;
- private String deny;
+ private PermissionCollection denied;
public MutableSecurityManager() {
super();
- this.permissions = new HashSet<Permission>();
+ this.enabled = new Permissions();
}
public MutableSecurityManager(Permission... permissions) {
this();
for (int i = 0; i < permissions.length; i++) {
- this.permissions.add(permissions[i]);
+ this.enabled.add(permissions[i]);
}
}
void addPermission(Permission permission) {
- permissions.add(permission);
- }
-
- void removePermission(Permission permission) {
- permissions.remove(permission);
+ enabled.add(permission);
}
void clearPermissions() {
- permissions.clear();
+ enabled = new Permissions();
}
- void denyPermission(String name) {
- deny = name;
+ void denyPermission(Permission p) {
+ if (denied == null) {
+ denied = new Permissions();
+ }
+ denied.add(p);
}
@Override
public void checkPermission(Permission permission) {
- if (permissions.contains(permission)) {
+ if (enabled.implies(permission)) {
return;
}
- if (permission.getName().equals(deny)){
- throw new SecurityException();
+
+ if (denied != null && denied.implies(permission)){
+ throw new SecurityException("Denied " + permission);
}
+
super.checkPermission(permission);
}
}
Modified: harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
==============================================================================
--- harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java (original)
+++ harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java Mon Dec 11 23:43:28 2006
@@ -17,7 +17,7 @@
package org.apache.harmony.luni.tests.java.lang;
import java.io.File;
-
+import java.security.Security;
import tests.support.Support_Exec;
import junit.framework.TestCase;
@@ -25,12 +25,102 @@
public class SecurityManagerTest extends TestCase {
/**
+ * @tests java.lang.SecurityManager#checkPackageAccess(String)
+ */
+ public void test_checkPackageAccessLjava_lang_String() {
+ final String old = Security.getProperty("package.access");
+ Security.setProperty("package.access", "a.,bbb, c.d.");
+
+ MutableSecurityManager sm = new MutableSecurityManager();
+ sm.denyPermission(new RuntimePermission("accessClassInPackage.*"));
+
+ try {
+ sm.checkPackageAccess("z.z.z");
+ sm.checkPackageAccess("aa");
+ sm.checkPackageAccess("bb");
+ sm.checkPackageAccess("c");
+
+ try {
+ sm.checkPackageAccess("a");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ try {
+ sm.checkPackageAccess("bbb");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ try {
+ sm.checkPackageAccess("c.d.e");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ Security.setProperty("package.access", "QWERTY");
+ sm.checkPackageAccess("a");
+ sm.checkPackageAccess("qwerty");
+ try {
+ sm.checkPackageAccess("QWERTY");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ } finally {
+ Security.setProperty("package.access",
+ old == null ? "" : old);
+ }
+ }
+
+ /**
+ * @tests java.lang.SecurityManager#checkPackageDefinition(String)
+ */
+ public void test_checkPackageDefinitionLjava_lang_String() {
+ final String old = Security.getProperty("package.definition");
+ Security.setProperty("package.definition", "a.,bbb, c.d.");
+
+ MutableSecurityManager sm = new MutableSecurityManager();
+ sm.denyPermission(new RuntimePermission("defineClassInPackage.*"));
+
+ try {
+ sm.checkPackageDefinition("z.z.z");
+ sm.checkPackageDefinition("aa");
+ sm.checkPackageDefinition("bb");
+ sm.checkPackageDefinition("c");
+
+ try {
+ sm.checkPackageDefinition("a");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ try {
+ sm.checkPackageDefinition("bbb");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ try {
+ sm.checkPackageDefinition("c.d.e");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ Security.setProperty("package.definition", "QWERTY");
+ sm.checkPackageDefinition("a");
+ sm.checkPackageDefinition("qwerty");
+ try {
+ sm.checkPackageDefinition("QWERTY");
+ fail("This should throw a SecurityException.");
+ } catch (SecurityException ok) {}
+
+ } finally {
+ Security.setProperty("package.definition",
+ old == null ? "" : old);
+ }
+ }
+
+ /**
* @tests java.lang.SecurityManager#checkMemberAccess(java.lang.Class, int)
*/
public void test_checkMemberAccessLjava_lang_ClassI() {
MutableSecurityManager sm = new MutableSecurityManager();
sm.addPermission(MutableSecurityManager.SET_SECURITY_MANAGER);
- sm.denyPermission("accessDeclaredMembers");
+ sm.denyPermission(new RuntimePermission("accessDeclaredMembers"));
System.setSecurityManager(sm);
try {
try {
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Vladimir Ivanov <iv...@gmail.com>.
On 12/13/06, Alexey Varlamov <al...@gmail.com> wrote:
>
> 2006/12/13, Vladimir Ivanov <iv...@gmail.com>:
> > On 12/13/06, Alexey Varlamov <al...@gmail.com> wrote:
> > >
> >
> > Should we fix/ exclude these tests in the one commit with changes that
> > affect these tests?
>
> Sure - it was a bad luck for me missing these tests initially.
> Fixed everything at r486600.
Thanks!
[skip]
>
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Alexey Varlamov <al...@gmail.com>.
2006/12/13, Vladimir Ivanov <iv...@gmail.com>:
> On 12/13/06, Alexey Varlamov <al...@gmail.com> wrote:
> >
> > 2006/12/13, Stepan Mishura stepan.mishura@gmail.com:
> >
> > I observe 2 failures,
> > tests.api.java.security.DomainCombinerTest
> > org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest
> > Both tests are inaccurate: they install SecurityManager which blocks
> > any functionality except setting old SecurityManager back, assuming in
> > particular that no classloading request can happen during the main
> > part of test. However this is a wild gamble, VM resolution strategy
> > can vary significantly.
>
>
> Should we fix/ exclude these tests in the one commit with changes that
> affect these tests?
Sure - it was a bad luck for me missing these tests initially.
Fixed everything at r486600.
[skip]
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Vladimir Ivanov <iv...@gmail.com>.
On 12/13/06, Alexey Varlamov <al...@gmail.com> wrote:
>
> 2006/12/13, Stepan Mishura stepan.mishura@gmail.com:
>
> I observe 2 failures,
> tests.api.java.security.DomainCombinerTest
> org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest
> Both tests are inaccurate: they install SecurityManager which blocks
> any functionality except setting old SecurityManager back, assuming in
> particular that no classloading request can happen during the main
> part of test. However this is a wild gamble, VM resolution strategy
> can vary significantly.
Should we fix/ exclude these tests in the one commit with changes that
affect these tests?
Thanks, Vladimir
> Also your commit introduced crash of
> > org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest.
> >
> > full-report:
> > [junitreport] [Fatal Error] :-1:-1: Premature end of file.
> > [junitreport] The file
> > /nfs/ins/proj/drl/security/smishura/classlib/build/test_report/TEST-
> > org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest.xmlis
> > not a valid XML document. It is possibly corrupted.
> > [junitreport] Transform time: 25106ms
> > [echo] The test report is in
> >
> /nfs/ins/proj/drl/security/smishura/classlib/build/test_report/html/index.html
> >
> > Can you reproduce it?
> Yes. The "crash" is due to unsuccesfull reverting of installed
> SecurityManager:
> try {
> //do test
> } finally {
> System.setSecurityManager(old);
> }
> This is really weird because test stops "crashing" after adding catch
> before the finally clause.
>
>
> >
> > Thanks,
> > Stepan.
> >
> >
> >
> > > I wonder which test did add it - I'm aware of one ill-behaved drlvm
> > > kernel test(SystemExtensionTest.test_setSecurityManager_Sec), but it
> > > is disabled now. Probably the policy file remained from some earlier
> > > testing...
> > > Sorry for confusion!
> > >
> > > 2006/12/13, Stepan Mishura <st...@gmail.com>:
> > > > On 12/13/06, Alexey Varlamov wrote:
> > > > >
> > > > > That's really strange. I've just re-checked with j9 on SUSe9 and
> > > > > Win2003 Server - 100% passed with my changes.
> > > > > Are you sure this commit was really guilty??
> > > > > Stepan did the rollback actually - seems he also investigated the
> > > build
> > > > > alert.
> > > > > Guys, could you please provide some more details on this?
> > > >
> > > >
> > > > I got the same log as CC sent with notification:
> > > >
> > > > error:
> > > >
> > >
> test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> > > > tests.api.java.security.DomainCombinerTest
> > > > Unit Test Error Details: (1)
> > > >
> > > > Test:
> > > >
> > >
> test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomainClass:
> > > >
> > >
> tests.api.java.security.DomainCombinerTestjava.security.AccessControlException
> > > :
> > > > Access denied (java.security.SecurityPermission
> > > getProperty.package.access)
> > > > at java.security.AccessController.checkPermission(
> AccessController.java
> > > :94)
> > > > at java.lang.SecurityManager.checkPermission(SecurityManager.java
> :734)
> > > > at tests.api.java.security.DomainCombinerTest$1.checkPermission(
> > > > DomainCombinerTest.java:82)
> > > > at java.lang.SecurityManager.checkSecurityAccess(
> SecurityManager.java
> > > :421)
> > > > at java.security.Security.getProperty(Security.java:360)
> > > > at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java
> :131)
> > > > at java.security.AccessController.doPrivileged(
> AccessController.java
> > > :179)
> > > > at java.lang.SecurityManager.checkPackageProperty(
> SecurityManager.java
> > > :331)
> > > > at java.lang.SecurityManager.checkPackageAccess(
> SecurityManager.java
> > > :33)
> > > > at com.ibm.oti.vm.URLSystemClassLoader.loadClass(
> > > URLSystemClassLoader.java
> > > > :54)
> > > > at java.lang.ClassLoader.loadClass(ClassLoader.java:594)
> > > > at
> > > >
> > >
> tests.api.java.security.DomainCombinerTest.test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> > > > (DomainCombinerTest.java:89)
> > > > at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java
> :25)
> > > >
> > > >
> > > > Thanks,
> > > > Stepan.
> > > >
> > > > --
> > > > > Alexey
> > > > >
> > > > >
> > > > > 2006/12/12, Alexey Petrenko <al...@gmail.com>:
> > > > > > Alexey,
> > > > > >
> > > > > > looks like your commit is the cause of unit test failure in nio
> > > module.
> > > > > > I'll revert it.
> > > > > >
> > > > > > SY, Alexey
> > > > > >
> > > > > > 2006/12/12, varlax@apache.org <va...@apache.org>:
> > > > > > > Author: varlax
> > > > > > > Date: Mon Dec 11 23:43:28 2006
> > > > > > > New Revision: 486052
> > > > > > >
> > > > > > > URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> > > > > > > Log:
> > > > > > > Fixed HARMONY-2301 [luni] flawed
> > > SecurityManager.checkPackageAccess()
> > > > > impl
> > > > > > > Regression tests added.
> > > > > > > Tested on DRLVM
> > > > > > >
> > > > > > > Modified:
> > > > > >
> > > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > > >
> > > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > > >
> > > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > > >
> > > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > > >
> > > > > > > Modified:
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > > > > URL:
> > > > >
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > > >
> > > > >
> > >
> ==============================================================================
> > > > > > > ---
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > > (original)
> > > > > > > +++
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > > Mon Dec 11 23:43:28 2006
> > > > > > > @@ -46,7 +46,8 @@
> > > > > > > private static final PropertyPermission
> > > > > READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> > > > > > > "*", "read,write");
> > > > > > >
> > > > > > > - private static String[] securePackageList;
> > > > > > > + private static final String PKG_ACC_KEY = "package.access
> ";
> > > > > > > + private static final String PKG_DEF_KEY = "
> package.definition
> > > ";
> > > > > > >
> > > > > > > /**
> > > > > > > * Flag to indicate whether a security check is in
> > > progress.
> > > > > > > @@ -299,26 +300,8 @@
> > > > > > > if (packageName == null) {
> > > > > > > throw new NullPointerException();
> > > > > > > }
> > > > > > > - synchronized (SecurityManager.class) {
> > > > > > > - if (securePackageList == null) {
> > > > > > > - String securePackages = getSecurityProperty("
> > > > > package.access");
> > > > > > > - if (securePackages != null) {
> > > > > > > - StringTokenizer tokenizer = new
> > > > > StringTokenizer(securePackages, ", ");
> > > > > > > - int i = 0;
> > > > > > > - securePackageList = new String[
> > > > > tokenizer.countTokens()];
> > > > > > > - while (tokenizer.hasMoreTokens()) {
> > > > > > > - securePackageList[i++] =
> > > tokenizer.nextToken
> > > > > ();
> > > > > > > - }
> > > > > > > - } else {
> > > > > > > - securePackageList = new String[0];
> > > > > > > - }
> > > > > > > - }
> > > > > > > - for (int i = 0; i < securePackageList.length;
> i++) {
> > > > > > > - if (packageName.startsWith
> (securePackageList[i]))
> > > {
> > > > > > > - checkPermission(new
> > > > > RuntimePermission("accessClassInPackage." + packageName));
> > > > > > > - return;
> > > > > > > - }
> > > > > > > - }
> > > > > > > + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> > > > > > > + checkPermission(new
> > > > > RuntimePermission("accessClassInPackage." + packageName));
> > > > > > > }
> > > > > > > }
> > > > > > >
> > > > > > > @@ -330,26 +313,44 @@
> > > > > > > * the name of the package to add a class
> to.
> > > > > > > */
> > > > > > > public void checkPackageDefinition(String packageName)
> {
> > > > > > > - if (packageName == null) {
> > > > > > > - throw new NullPointerException();
> > > > > > > + if (packageName == null) {
> > > > > > > + throw new NullPointerException();
> > > > > > > + }
> > > > > > > + if (checkPackageProperty(PKG_DEF_KEY,
> packageName)) {
> > > > > > > + checkPermission(new
> > > > > RuntimePermission("defineClassInPackage." + packageName));
> > > > > > > + }
> > > > > > > + }
> > > > > > > +
> > > > > > > + /**
> > > > > > > + * Returns true if the package name is restricted by
> > > > > > > + * the specified security property.
> > > > > > > + */
> > > > > > > + private static boolean checkPackageProperty(
> > > > > > > + final String property, final String pkg)
> > > > > > > + {
> > > > > > > + String list = AccessController.doPrivileged
> > > (PriviAction
> > > > > > > + .getSecurityProperty(property));
> > > > > > > + if (list != null) {
> > > > > > > + int plen = pkg.length();
> > > > > > > + StringTokenizer tokenizer = new
> StringTokenizer(list,
> > > ",
> > > > > ");
> > > > > > > + while (tokenizer.hasMoreTokens()) {
> > > > > > > + String token = tokenizer.nextToken();
> > > > > > > + int tlen = token.length();
> > > > > > > + if (plen > tlen) {
> > > > > > > + if (pkg.startsWith(token)
> > > > > > > + && (token.charAt(tlen - 1) == '.'
> ||
> > > pkg
> > > > > > > + .charAt(tlen) == '.')) {
> > > > > > > + return true;
> > > > > > > + }
> > > > > > > + } else if (plen + 1 >= tlen &&
> token.startsWith
> > > (pkg))
> > > > > {
> > > > > > > + if (plen == tlen || token.charAt(tlen -
> 1) ==
> > > > > '.') {
> > > > > > > + return true;
> > > > > > > + }
> > > > > > > + }
> > > > > > > + }
> > > > > > > }
> > > > > > > - String securePackages = getSecurityProperty("
> > > > > package.definition");
> > > > > > > - if (securePackages != null) {
> > > > > > > - StringTokenizer tokenizer = new
> > > > > StringTokenizer(securePackages,
> > > > > > > - ", ");
> > > > > > > - while (tokenizer.hasMoreTokens()) {
> > > > > > > - if (packageName.startsWith(
> > > > > tokenizer.nextToken())) {
> > > > > > > - checkPermission(new
> > > > > RuntimePermission(
> > > > > > > -
> > > > > "defineClassInPackage." + packageName));
> > > > > > > - return;
> > > > > > > - }
> > > > > > > - }
> > > > > > > - }
> > > > > > > - }
> > > > > > > -
> > > > > > > - private String getSecurityProperty(final String
> property)
> > > {
> > > > > > > - PrivilegedAction<String> pa =
> > > PriviAction.getSecurityProperty
> > > > > (property);
> > > > > > > - return AccessController.doPrivileged(pa);
> > > > > > > +
> > > > > > > + return false;
> > > > > > > }
> > > > > > >
> > > > > > > /**
> > > > > > >
> > > > > > > Modified:
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > > > > URL:
> > > > >
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > > >
> > > > >
> > >
> ==============================================================================
> > > > > > > ---
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > > (original)
> > > > > > > +++
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > > Mon Dec 11 23:43:28 2006
> > > > > > > @@ -53,8 +53,8 @@
> > > > > > > *
> > > > > > > * @see Security#getProperty
> > > > > > > */
> > > > > > > - public static <T> PrivilegedAction<T>
> > > > > getSecurityProperty(String property) {
> > > > > > > - return new
> PriviAction<T>(GET_SECURITY_PROPERTY,
> > > > > property);
> > > > > > > + public static PrivilegedAction<String>
> > > > > getSecurityProperty(String property) {
> > > > > > > + return new
> > > PriviAction<String>(GET_SECURITY_PROPERTY,
> > > > > property);
> > > > > > > }
> > > > > > >
> > > > > > > private PriviAction(int action, Object arg) {
> > > > > > >
> > > > > > > Modified:
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > > > > URL:
> > > > >
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > > >
> > > > >
> > >
> ==============================================================================
> > > > > > > ---
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > > (original)
> > > > > > > +++
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > > Mon Dec 11 23:43:28 2006
> > > > > > > @@ -17,53 +17,54 @@
> > > > > > > package org.apache.harmony.luni.tests.java.lang;
> > > > > > >
> > > > > > > import java.security.Permission;
> > > > > > > -import java.util.HashSet;
> > > > > > > -import java.util.Set;
> > > > > > > +import java.security.PermissionCollection;
> > > > > > > +import java.security.Permissions;
> > > > > > >
> > > > > > > class MutableSecurityManager extends SecurityManager {
> > > > > > >
> > > > > > > static final RuntimePermission SET_SECURITY_MANAGER = new
> > > > > RuntimePermission("setSecurityManager");
> > > > > > >
> > > > > > > - private final Set<Permission> permissions;
> > > > > > > + private PermissionCollection enabled;
> > > > > > >
> > > > > > > - private String deny;
> > > > > > > + private PermissionCollection denied;
> > > > > > >
> > > > > > > public MutableSecurityManager() {
> > > > > > > super();
> > > > > > > - this.permissions = new HashSet<Permission>();
> > > > > > > + this.enabled = new Permissions();
> > > > > > > }
> > > > > > >
> > > > > > > public MutableSecurityManager(Permission... permissions) {
> > > > > > > this();
> > > > > > > for (int i = 0; i < permissions.length; i++) {
> > > > > > > - this.permissions.add(permissions[i]);
> > > > > > > + this.enabled.add(permissions[i]);
> > > > > > > }
> > > > > > > }
> > > > > > >
> > > > > > > void addPermission(Permission permission) {
> > > > > > > - permissions.add(permission);
> > > > > > > - }
> > > > > > > -
> > > > > > > - void removePermission(Permission permission) {
> > > > > > > - permissions.remove(permission);
> > > > > > > + enabled.add(permission);
> > > > > > > }
> > > > > > >
> > > > > > > void clearPermissions() {
> > > > > > > - permissions.clear();
> > > > > > > + enabled = new Permissions();
> > > > > > > }
> > > > > > >
> > > > > > > - void denyPermission(String name) {
> > > > > > > - deny = name;
> > > > > > > + void denyPermission(Permission p) {
> > > > > > > + if (denied == null) {
> > > > > > > + denied = new Permissions();
> > > > > > > + }
> > > > > > > + denied.add(p);
> > > > > > > }
> > > > > > >
> > > > > > > @Override
> > > > > > > public void checkPermission(Permission permission) {
> > > > > > > - if (permissions.contains(permission)) {
> > > > > > > + if (enabled.implies(permission)) {
> > > > > > > return;
> > > > > > > }
> > > > > > > - if (permission.getName().equals(deny)){
> > > > > > > - throw new SecurityException();
> > > > > > > +
> > > > > > > + if (denied != null && denied.implies(permission)){
> > > > > > > + throw new SecurityException("Denied " +
> permission);
> > > > > > > }
> > > > > > > +
> > > > > > > super.checkPermission(permission);
> > > > > > > }
> > > > > > > }
> > > > > > >
> > > > > > > Modified:
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > > > URL:
> > > > >
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > > >
> > > > >
> > >
> ==============================================================================
> > > > > > > ---
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > (original)
> > > > > > > +++
> > > > >
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > Mon Dec 11 23:43:28 2006
> > > > > > > @@ -17,7 +17,7 @@
> > > > > > > package org.apache.harmony.luni.tests.java.lang;
> > > > > > >
> > > > > > > import java.io.File;
> > > > > > > -
> > > > > > > +import java.security.Security;
> > > > > > > import tests.support.Support_Exec;
> > > > > > >
> > > > > > > import junit.framework.TestCase;
> > > > > > > @@ -25,12 +25,102 @@
> > > > > > > public class SecurityManagerTest extends TestCase {
> > > > > > >
> > > > > > > /**
> > > > > > > + * @tests java.lang.SecurityManager#checkPackageAccess
> > > (String)
> > > > > > > + */
> > > > > > > + public void test_checkPackageAccessLjava_lang_String() {
> > > > > > > + final String old = Security.getProperty("
> package.access
> > > ");
> > > > > > > + Security.setProperty("package.access", "a.,bbb, c.d
> .");
> > > > > > > +
> > > > > > > + MutableSecurityManager sm = new
> MutableSecurityManager();
> > > > > > > + sm.denyPermission(new
> > > > > RuntimePermission("accessClassInPackage.*"));
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageAccess("z.z.z");
> > > > > > > + sm.checkPackageAccess("aa");
> > > > > > > + sm.checkPackageAccess("bb");
> > > > > > > + sm.checkPackageAccess("c");
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageAccess("a");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageAccess("bbb");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageAccess("c.d.e");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + Security.setProperty("package.access", "QWERTY");
> > > > > > > + sm.checkPackageAccess("a");
> > > > > > > + sm.checkPackageAccess("qwerty");
> > > > > > > + try {
> > > > > > > + sm.checkPackageAccess("QWERTY");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + } finally {
> > > > > > > + Security.setProperty("package.access",
> > > > > > > + old == null ? "" : old);
> > > > > > > + }
> > > > > > > + }
> > > > > > > +
> > > > > > > + /**
> > > > > > > + * @tests
> java.lang.SecurityManager#checkPackageDefinition
> > > > > (String)
> > > > > > > + */
> > > > > > > + public void
> test_checkPackageDefinitionLjava_lang_String() {
> > > > > > > + final String old = Security.getProperty("
> > > package.definition
> > > > > ");
> > > > > > > + Security.setProperty("package.definition", "a.,bbb,
> c.d
> > > .");
> > > > > > > +
> > > > > > > + MutableSecurityManager sm = new
> MutableSecurityManager();
> > > > > > > + sm.denyPermission(new
> > > > > RuntimePermission("defineClassInPackage.*"));
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageDefinition("z.z.z");
> > > > > > > + sm.checkPackageDefinition("aa");
> > > > > > > + sm.checkPackageDefinition("bb");
> > > > > > > + sm.checkPackageDefinition("c");
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageDefinition("a");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageDefinition("bbb");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + try {
> > > > > > > + sm.checkPackageDefinition("c.d.e");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + Security.setProperty("package.definition",
> "QWERTY");
> > > > > > > + sm.checkPackageDefinition("a");
> > > > > > > + sm.checkPackageDefinition("qwerty");
> > > > > > > + try {
> > > > > > > + sm.checkPackageDefinition("QWERTY");
> > > > > > > + fail("This should throw a
> SecurityException.");
> > > > > > > + } catch (SecurityException ok) {}
> > > > > > > +
> > > > > > > + } finally {
> > > > > > > + Security.setProperty("package.definition",
> > > > > > > + old == null ? "" : old);
> > > > > > > + }
> > > > > > > + }
> > > > > > > +
> > > > > > > + /**
> > > > > > > * @tests java.lang.SecurityManager#checkMemberAccess(
> > > > > java.lang.Class, int)
> > > > > > > */
> > > > > > > public void test_checkMemberAccessLjava_lang_ClassI() {
> > > > > > > MutableSecurityManager sm = new
> MutableSecurityManager();
> > > > > > > sm.addPermission(
> > > MutableSecurityManager.SET_SECURITY_MANAGER);
> > > > > > > - sm.denyPermission("accessDeclaredMembers");
> > > > > > > + sm.denyPermission(new
> > > > > RuntimePermission("accessDeclaredMembers"));
> > > > > > > System.setSecurityManager(sm);
> > > > > > > try {
> > > > > > > try {
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Stepan Mishura
> > > > Intel Enterprise Solutions Software Division
> > > >
> > > >
> > >
> >
> >
> >
> > --
> > Stepan Mishura
> > Intel Enterprise Solutions Software Division
> >
> >
>
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Alexey Varlamov <al...@gmail.com>.
2006/12/13, Stepan Mishura <st...@gmail.com>:
> On 12/13/06, Alexey Varlamov wrote:
>
> > I found the reason why my results are different: presence of
> > all-enabling ~/.java.policy again :-/
>
>
> Alexey, to make a test independent from ~/.java.policy file I would suggest
> forking new VM with system property -Duser.home=${java.io.tmpdir}/tmpTestDir.
> We have a couple of such tests in 'auth', for example,
> modules/auth/src/test/java/common/org/apache/harmony/auth/tests/javax/security/auth/login/ConfigurationTest.java
I absolutely agree, we stepped into this issue not for the first time
and should fix it for good.
I observe 2 failures,
tests.api.java.security.DomainCombinerTest
org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest
Both tests are inaccurate: they install SecurityManager which blocks
any functionality except setting old SecurityManager back, assuming in
particular that no classloading request can happen during the main
part of test. However this is a wild gamble, VM resolution strategy
can vary significantly.
> Also your commit introduced crash of
> org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest.
>
> full-report:
> [junitreport] [Fatal Error] :-1:-1: Premature end of file.
> [junitreport] The file
> /nfs/ins/proj/drl/security/smishura/classlib/build/test_report/TEST-
> org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest.xml is
> not a valid XML document. It is possibly corrupted.
> [junitreport] Transform time: 25106ms
> [echo] The test report is in
> /nfs/ins/proj/drl/security/smishura/classlib/build/test_report/html/index.html
>
> Can you reproduce it?
Yes. The "crash" is due to unsuccesfull reverting of installed SecurityManager:
try {
//do test
} finally {
System.setSecurityManager(old);
}
This is really weird because test stops "crashing" after adding catch
before the finally clause.
>
> Thanks,
> Stepan.
>
>
>
> > I wonder which test did add it - I'm aware of one ill-behaved drlvm
> > kernel test(SystemExtensionTest.test_setSecurityManager_Sec), but it
> > is disabled now. Probably the policy file remained from some earlier
> > testing...
> > Sorry for confusion!
> >
> > 2006/12/13, Stepan Mishura <st...@gmail.com>:
> > > On 12/13/06, Alexey Varlamov wrote:
> > > >
> > > > That's really strange. I've just re-checked with j9 on SUSe9 and
> > > > Win2003 Server - 100% passed with my changes.
> > > > Are you sure this commit was really guilty??
> > > > Stepan did the rollback actually - seems he also investigated the
> > build
> > > > alert.
> > > > Guys, could you please provide some more details on this?
> > >
> > >
> > > I got the same log as CC sent with notification:
> > >
> > > error:
> > >
> > test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> > > tests.api.java.security.DomainCombinerTest
> > > Unit Test Error Details: (1)
> > >
> > > Test:
> > >
> > test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomainClass:
> > >
> > tests.api.java.security.DomainCombinerTestjava.security.AccessControlException
> > :
> > > Access denied (java.security.SecurityPermission
> > getProperty.package.access)
> > > at java.security.AccessController.checkPermission(AccessController.java
> > :94)
> > > at java.lang.SecurityManager.checkPermission(SecurityManager.java:734)
> > > at tests.api.java.security.DomainCombinerTest$1.checkPermission(
> > > DomainCombinerTest.java:82)
> > > at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java
> > :421)
> > > at java.security.Security.getProperty(Security.java:360)
> > > at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java:131)
> > > at java.security.AccessController.doPrivileged(AccessController.java
> > :179)
> > > at java.lang.SecurityManager.checkPackageProperty(SecurityManager.java
> > :331)
> > > at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java
> > :33)
> > > at com.ibm.oti.vm.URLSystemClassLoader.loadClass(
> > URLSystemClassLoader.java
> > > :54)
> > > at java.lang.ClassLoader.loadClass(ClassLoader.java:594)
> > > at
> > >
> > tests.api.java.security.DomainCombinerTest.test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> > > (DomainCombinerTest.java:89)
> > > at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:25)
> > >
> > >
> > > Thanks,
> > > Stepan.
> > >
> > > --
> > > > Alexey
> > > >
> > > >
> > > > 2006/12/12, Alexey Petrenko <al...@gmail.com>:
> > > > > Alexey,
> > > > >
> > > > > looks like your commit is the cause of unit test failure in nio
> > module.
> > > > > I'll revert it.
> > > > >
> > > > > SY, Alexey
> > > > >
> > > > > 2006/12/12, varlax@apache.org <va...@apache.org>:
> > > > > > Author: varlax
> > > > > > Date: Mon Dec 11 23:43:28 2006
> > > > > > New Revision: 486052
> > > > > >
> > > > > > URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> > > > > > Log:
> > > > > > Fixed HARMONY-2301 [luni] flawed
> > SecurityManager.checkPackageAccess()
> > > > impl
> > > > > > Regression tests added.
> > > > > > Tested on DRLVM
> > > > > >
> > > > > > Modified:
> > > > >
> > > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > >
> > > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > >
> > > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > >
> > > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > >
> > > > > > Modified:
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > > > URL:
> > > >
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > >
> > > >
> > ==============================================================================
> > > > > > ---
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > (original)
> > > > > > +++
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > Mon Dec 11 23:43:28 2006
> > > > > > @@ -46,7 +46,8 @@
> > > > > > private static final PropertyPermission
> > > > READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> > > > > > "*", "read,write");
> > > > > >
> > > > > > - private static String[] securePackageList;
> > > > > > + private static final String PKG_ACC_KEY = "package.access";
> > > > > > + private static final String PKG_DEF_KEY = "package.definition
> > ";
> > > > > >
> > > > > > /**
> > > > > > * Flag to indicate whether a security check is in
> > progress.
> > > > > > @@ -299,26 +300,8 @@
> > > > > > if (packageName == null) {
> > > > > > throw new NullPointerException();
> > > > > > }
> > > > > > - synchronized (SecurityManager.class) {
> > > > > > - if (securePackageList == null) {
> > > > > > - String securePackages = getSecurityProperty("
> > > > package.access");
> > > > > > - if (securePackages != null) {
> > > > > > - StringTokenizer tokenizer = new
> > > > StringTokenizer(securePackages, ", ");
> > > > > > - int i = 0;
> > > > > > - securePackageList = new String[
> > > > tokenizer.countTokens()];
> > > > > > - while (tokenizer.hasMoreTokens()) {
> > > > > > - securePackageList[i++] =
> > tokenizer.nextToken
> > > > ();
> > > > > > - }
> > > > > > - } else {
> > > > > > - securePackageList = new String[0];
> > > > > > - }
> > > > > > - }
> > > > > > - for (int i = 0; i < securePackageList.length; i++) {
> > > > > > - if (packageName.startsWith(securePackageList[i]))
> > {
> > > > > > - checkPermission(new
> > > > RuntimePermission("accessClassInPackage." + packageName));
> > > > > > - return;
> > > > > > - }
> > > > > > - }
> > > > > > + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> > > > > > + checkPermission(new
> > > > RuntimePermission("accessClassInPackage." + packageName));
> > > > > > }
> > > > > > }
> > > > > >
> > > > > > @@ -330,26 +313,44 @@
> > > > > > * the name of the package to add a class to.
> > > > > > */
> > > > > > public void checkPackageDefinition(String packageName) {
> > > > > > - if (packageName == null) {
> > > > > > - throw new NullPointerException();
> > > > > > + if (packageName == null) {
> > > > > > + throw new NullPointerException();
> > > > > > + }
> > > > > > + if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
> > > > > > + checkPermission(new
> > > > RuntimePermission("defineClassInPackage." + packageName));
> > > > > > + }
> > > > > > + }
> > > > > > +
> > > > > > + /**
> > > > > > + * Returns true if the package name is restricted by
> > > > > > + * the specified security property.
> > > > > > + */
> > > > > > + private static boolean checkPackageProperty(
> > > > > > + final String property, final String pkg)
> > > > > > + {
> > > > > > + String list = AccessController.doPrivileged
> > (PriviAction
> > > > > > + .getSecurityProperty(property));
> > > > > > + if (list != null) {
> > > > > > + int plen = pkg.length();
> > > > > > + StringTokenizer tokenizer = new StringTokenizer(list,
> > ",
> > > > ");
> > > > > > + while (tokenizer.hasMoreTokens()) {
> > > > > > + String token = tokenizer.nextToken();
> > > > > > + int tlen = token.length();
> > > > > > + if (plen > tlen) {
> > > > > > + if (pkg.startsWith(token)
> > > > > > + && (token.charAt(tlen - 1) == '.' ||
> > pkg
> > > > > > + .charAt(tlen) == '.')) {
> > > > > > + return true;
> > > > > > + }
> > > > > > + } else if (plen + 1 >= tlen && token.startsWith
> > (pkg))
> > > > {
> > > > > > + if (plen == tlen || token.charAt(tlen - 1) ==
> > > > '.') {
> > > > > > + return true;
> > > > > > + }
> > > > > > + }
> > > > > > + }
> > > > > > }
> > > > > > - String securePackages = getSecurityProperty("
> > > > package.definition");
> > > > > > - if (securePackages != null) {
> > > > > > - StringTokenizer tokenizer = new
> > > > StringTokenizer(securePackages,
> > > > > > - ", ");
> > > > > > - while (tokenizer.hasMoreTokens()) {
> > > > > > - if (packageName.startsWith(
> > > > tokenizer.nextToken())) {
> > > > > > - checkPermission(new
> > > > RuntimePermission(
> > > > > > -
> > > > "defineClassInPackage." + packageName));
> > > > > > - return;
> > > > > > - }
> > > > > > - }
> > > > > > - }
> > > > > > - }
> > > > > > -
> > > > > > - private String getSecurityProperty(final String property)
> > {
> > > > > > - PrivilegedAction<String> pa =
> > PriviAction.getSecurityProperty
> > > > (property);
> > > > > > - return AccessController.doPrivileged(pa);
> > > > > > +
> > > > > > + return false;
> > > > > > }
> > > > > >
> > > > > > /**
> > > > > >
> > > > > > Modified:
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > > > URL:
> > > >
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > >
> > > >
> > ==============================================================================
> > > > > > ---
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > (original)
> > > > > > +++
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > Mon Dec 11 23:43:28 2006
> > > > > > @@ -53,8 +53,8 @@
> > > > > > *
> > > > > > * @see Security#getProperty
> > > > > > */
> > > > > > - public static <T> PrivilegedAction<T>
> > > > getSecurityProperty(String property) {
> > > > > > - return new PriviAction<T>(GET_SECURITY_PROPERTY,
> > > > property);
> > > > > > + public static PrivilegedAction<String>
> > > > getSecurityProperty(String property) {
> > > > > > + return new
> > PriviAction<String>(GET_SECURITY_PROPERTY,
> > > > property);
> > > > > > }
> > > > > >
> > > > > > private PriviAction(int action, Object arg) {
> > > > > >
> > > > > > Modified:
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > > > URL:
> > > >
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > >
> > > >
> > ==============================================================================
> > > > > > ---
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > (original)
> > > > > > +++
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > Mon Dec 11 23:43:28 2006
> > > > > > @@ -17,53 +17,54 @@
> > > > > > package org.apache.harmony.luni.tests.java.lang;
> > > > > >
> > > > > > import java.security.Permission;
> > > > > > -import java.util.HashSet;
> > > > > > -import java.util.Set;
> > > > > > +import java.security.PermissionCollection;
> > > > > > +import java.security.Permissions;
> > > > > >
> > > > > > class MutableSecurityManager extends SecurityManager {
> > > > > >
> > > > > > static final RuntimePermission SET_SECURITY_MANAGER = new
> > > > RuntimePermission("setSecurityManager");
> > > > > >
> > > > > > - private final Set<Permission> permissions;
> > > > > > + private PermissionCollection enabled;
> > > > > >
> > > > > > - private String deny;
> > > > > > + private PermissionCollection denied;
> > > > > >
> > > > > > public MutableSecurityManager() {
> > > > > > super();
> > > > > > - this.permissions = new HashSet<Permission>();
> > > > > > + this.enabled = new Permissions();
> > > > > > }
> > > > > >
> > > > > > public MutableSecurityManager(Permission... permissions) {
> > > > > > this();
> > > > > > for (int i = 0; i < permissions.length; i++) {
> > > > > > - this.permissions.add(permissions[i]);
> > > > > > + this.enabled.add(permissions[i]);
> > > > > > }
> > > > > > }
> > > > > >
> > > > > > void addPermission(Permission permission) {
> > > > > > - permissions.add(permission);
> > > > > > - }
> > > > > > -
> > > > > > - void removePermission(Permission permission) {
> > > > > > - permissions.remove(permission);
> > > > > > + enabled.add(permission);
> > > > > > }
> > > > > >
> > > > > > void clearPermissions() {
> > > > > > - permissions.clear();
> > > > > > + enabled = new Permissions();
> > > > > > }
> > > > > >
> > > > > > - void denyPermission(String name) {
> > > > > > - deny = name;
> > > > > > + void denyPermission(Permission p) {
> > > > > > + if (denied == null) {
> > > > > > + denied = new Permissions();
> > > > > > + }
> > > > > > + denied.add(p);
> > > > > > }
> > > > > >
> > > > > > @Override
> > > > > > public void checkPermission(Permission permission) {
> > > > > > - if (permissions.contains(permission)) {
> > > > > > + if (enabled.implies(permission)) {
> > > > > > return;
> > > > > > }
> > > > > > - if (permission.getName().equals(deny)){
> > > > > > - throw new SecurityException();
> > > > > > +
> > > > > > + if (denied != null && denied.implies(permission)){
> > > > > > + throw new SecurityException("Denied " + permission);
> > > > > > }
> > > > > > +
> > > > > > super.checkPermission(permission);
> > > > > > }
> > > > > > }
> > > > > >
> > > > > > Modified:
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > > URL:
> > > >
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > > >
> > > >
> > ==============================================================================
> > > > > > ---
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > (original)
> > > > > > +++
> > > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > Mon Dec 11 23:43:28 2006
> > > > > > @@ -17,7 +17,7 @@
> > > > > > package org.apache.harmony.luni.tests.java.lang;
> > > > > >
> > > > > > import java.io.File;
> > > > > > -
> > > > > > +import java.security.Security;
> > > > > > import tests.support.Support_Exec;
> > > > > >
> > > > > > import junit.framework.TestCase;
> > > > > > @@ -25,12 +25,102 @@
> > > > > > public class SecurityManagerTest extends TestCase {
> > > > > >
> > > > > > /**
> > > > > > + * @tests java.lang.SecurityManager#checkPackageAccess
> > (String)
> > > > > > + */
> > > > > > + public void test_checkPackageAccessLjava_lang_String() {
> > > > > > + final String old = Security.getProperty("package.access
> > ");
> > > > > > + Security.setProperty("package.access", "a.,bbb, c.d.");
> > > > > > +
> > > > > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > > > > + sm.denyPermission(new
> > > > RuntimePermission("accessClassInPackage.*"));
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageAccess("z.z.z");
> > > > > > + sm.checkPackageAccess("aa");
> > > > > > + sm.checkPackageAccess("bb");
> > > > > > + sm.checkPackageAccess("c");
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageAccess("a");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageAccess("bbb");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageAccess("c.d.e");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + Security.setProperty("package.access", "QWERTY");
> > > > > > + sm.checkPackageAccess("a");
> > > > > > + sm.checkPackageAccess("qwerty");
> > > > > > + try {
> > > > > > + sm.checkPackageAccess("QWERTY");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + } finally {
> > > > > > + Security.setProperty("package.access",
> > > > > > + old == null ? "" : old);
> > > > > > + }
> > > > > > + }
> > > > > > +
> > > > > > + /**
> > > > > > + * @tests java.lang.SecurityManager#checkPackageDefinition
> > > > (String)
> > > > > > + */
> > > > > > + public void test_checkPackageDefinitionLjava_lang_String() {
> > > > > > + final String old = Security.getProperty("
> > package.definition
> > > > ");
> > > > > > + Security.setProperty("package.definition", "a.,bbb, c.d
> > .");
> > > > > > +
> > > > > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > > > > + sm.denyPermission(new
> > > > RuntimePermission("defineClassInPackage.*"));
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageDefinition("z.z.z");
> > > > > > + sm.checkPackageDefinition("aa");
> > > > > > + sm.checkPackageDefinition("bb");
> > > > > > + sm.checkPackageDefinition("c");
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageDefinition("a");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageDefinition("bbb");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + try {
> > > > > > + sm.checkPackageDefinition("c.d.e");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + Security.setProperty("package.definition", "QWERTY");
> > > > > > + sm.checkPackageDefinition("a");
> > > > > > + sm.checkPackageDefinition("qwerty");
> > > > > > + try {
> > > > > > + sm.checkPackageDefinition("QWERTY");
> > > > > > + fail("This should throw a SecurityException.");
> > > > > > + } catch (SecurityException ok) {}
> > > > > > +
> > > > > > + } finally {
> > > > > > + Security.setProperty("package.definition",
> > > > > > + old == null ? "" : old);
> > > > > > + }
> > > > > > + }
> > > > > > +
> > > > > > + /**
> > > > > > * @tests java.lang.SecurityManager#checkMemberAccess(
> > > > java.lang.Class, int)
> > > > > > */
> > > > > > public void test_checkMemberAccessLjava_lang_ClassI() {
> > > > > > MutableSecurityManager sm = new MutableSecurityManager();
> > > > > > sm.addPermission(
> > MutableSecurityManager.SET_SECURITY_MANAGER);
> > > > > > - sm.denyPermission("accessDeclaredMembers");
> > > > > > + sm.denyPermission(new
> > > > RuntimePermission("accessDeclaredMembers"));
> > > > > > System.setSecurityManager(sm);
> > > > > > try {
> > > > > > try {
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Stepan Mishura
> > > Intel Enterprise Solutions Software Division
> > >
> > >
> >
>
>
>
> --
> Stepan Mishura
> Intel Enterprise Solutions Software Division
>
>
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Stepan Mishura <st...@gmail.com>.
On 12/13/06, Alexey Varlamov wrote:
> I found the reason why my results are different: presence of
> all-enabling ~/.java.policy again :-/
Alexey, to make a test independent from ~/.java.policy file I would suggest
forking new VM with system property -Duser.home=${java.io.tmpdir}/tmpTestDir.
We have a couple of such tests in 'auth', for example,
modules/auth/src/test/java/common/org/apache/harmony/auth/tests/javax/security/auth/login/ConfigurationTest.java
Also your commit introduced crash of
org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest.
full-report:
[junitreport] [Fatal Error] :-1:-1: Premature end of file.
[junitreport] The file
/nfs/ins/proj/drl/security/smishura/classlib/build/test_report/TEST-
org.apache.harmony.nio.tests.java.nio.channels.DatagramChannelTest.xml is
not a valid XML document. It is possibly corrupted.
[junitreport] Transform time: 25106ms
[echo] The test report is in
/nfs/ins/proj/drl/security/smishura/classlib/build/test_report/html/index.html
Can you reproduce it?
Thanks,
Stepan.
> I wonder which test did add it - I'm aware of one ill-behaved drlvm
> kernel test(SystemExtensionTest.test_setSecurityManager_Sec), but it
> is disabled now. Probably the policy file remained from some earlier
> testing...
> Sorry for confusion!
>
> 2006/12/13, Stepan Mishura <st...@gmail.com>:
> > On 12/13/06, Alexey Varlamov wrote:
> > >
> > > That's really strange. I've just re-checked with j9 on SUSe9 and
> > > Win2003 Server - 100% passed with my changes.
> > > Are you sure this commit was really guilty??
> > > Stepan did the rollback actually - seems he also investigated the
> build
> > > alert.
> > > Guys, could you please provide some more details on this?
> >
> >
> > I got the same log as CC sent with notification:
> >
> > error:
> >
> test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> > tests.api.java.security.DomainCombinerTest
> > Unit Test Error Details: (1)
> >
> > Test:
> >
> test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomainClass:
> >
> tests.api.java.security.DomainCombinerTestjava.security.AccessControlException
> :
> > Access denied (java.security.SecurityPermission
> getProperty.package.access)
> > at java.security.AccessController.checkPermission(AccessController.java
> :94)
> > at java.lang.SecurityManager.checkPermission(SecurityManager.java:734)
> > at tests.api.java.security.DomainCombinerTest$1.checkPermission(
> > DomainCombinerTest.java:82)
> > at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java
> :421)
> > at java.security.Security.getProperty(Security.java:360)
> > at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java:131)
> > at java.security.AccessController.doPrivileged(AccessController.java
> :179)
> > at java.lang.SecurityManager.checkPackageProperty(SecurityManager.java
> :331)
> > at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java
> :33)
> > at com.ibm.oti.vm.URLSystemClassLoader.loadClass(
> URLSystemClassLoader.java
> > :54)
> > at java.lang.ClassLoader.loadClass(ClassLoader.java:594)
> > at
> >
> tests.api.java.security.DomainCombinerTest.test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> > (DomainCombinerTest.java:89)
> > at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:25)
> >
> >
> > Thanks,
> > Stepan.
> >
> > --
> > > Alexey
> > >
> > >
> > > 2006/12/12, Alexey Petrenko <al...@gmail.com>:
> > > > Alexey,
> > > >
> > > > looks like your commit is the cause of unit test failure in nio
> module.
> > > > I'll revert it.
> > > >
> > > > SY, Alexey
> > > >
> > > > 2006/12/12, varlax@apache.org <va...@apache.org>:
> > > > > Author: varlax
> > > > > Date: Mon Dec 11 23:43:28 2006
> > > > > New Revision: 486052
> > > > >
> > > > > URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> > > > > Log:
> > > > > Fixed HARMONY-2301 [luni] flawed
> SecurityManager.checkPackageAccess()
> > > impl
> > > > > Regression tests added.
> > > > > Tested on DRLVM
> > > > >
> > > > > Modified:
> > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > >
> > >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > >
> > > > > Modified:
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > > URL:
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > >
> > >
> ==============================================================================
> > > > > ---
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > (original)
> > > > > +++
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > Mon Dec 11 23:43:28 2006
> > > > > @@ -46,7 +46,8 @@
> > > > > private static final PropertyPermission
> > > READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> > > > > "*", "read,write");
> > > > >
> > > > > - private static String[] securePackageList;
> > > > > + private static final String PKG_ACC_KEY = "package.access";
> > > > > + private static final String PKG_DEF_KEY = "package.definition
> ";
> > > > >
> > > > > /**
> > > > > * Flag to indicate whether a security check is in
> progress.
> > > > > @@ -299,26 +300,8 @@
> > > > > if (packageName == null) {
> > > > > throw new NullPointerException();
> > > > > }
> > > > > - synchronized (SecurityManager.class) {
> > > > > - if (securePackageList == null) {
> > > > > - String securePackages = getSecurityProperty("
> > > package.access");
> > > > > - if (securePackages != null) {
> > > > > - StringTokenizer tokenizer = new
> > > StringTokenizer(securePackages, ", ");
> > > > > - int i = 0;
> > > > > - securePackageList = new String[
> > > tokenizer.countTokens()];
> > > > > - while (tokenizer.hasMoreTokens()) {
> > > > > - securePackageList[i++] =
> tokenizer.nextToken
> > > ();
> > > > > - }
> > > > > - } else {
> > > > > - securePackageList = new String[0];
> > > > > - }
> > > > > - }
> > > > > - for (int i = 0; i < securePackageList.length; i++) {
> > > > > - if (packageName.startsWith(securePackageList[i]))
> {
> > > > > - checkPermission(new
> > > RuntimePermission("accessClassInPackage." + packageName));
> > > > > - return;
> > > > > - }
> > > > > - }
> > > > > + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> > > > > + checkPermission(new
> > > RuntimePermission("accessClassInPackage." + packageName));
> > > > > }
> > > > > }
> > > > >
> > > > > @@ -330,26 +313,44 @@
> > > > > * the name of the package to add a class to.
> > > > > */
> > > > > public void checkPackageDefinition(String packageName) {
> > > > > - if (packageName == null) {
> > > > > - throw new NullPointerException();
> > > > > + if (packageName == null) {
> > > > > + throw new NullPointerException();
> > > > > + }
> > > > > + if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
> > > > > + checkPermission(new
> > > RuntimePermission("defineClassInPackage." + packageName));
> > > > > + }
> > > > > + }
> > > > > +
> > > > > + /**
> > > > > + * Returns true if the package name is restricted by
> > > > > + * the specified security property.
> > > > > + */
> > > > > + private static boolean checkPackageProperty(
> > > > > + final String property, final String pkg)
> > > > > + {
> > > > > + String list = AccessController.doPrivileged
> (PriviAction
> > > > > + .getSecurityProperty(property));
> > > > > + if (list != null) {
> > > > > + int plen = pkg.length();
> > > > > + StringTokenizer tokenizer = new StringTokenizer(list,
> ",
> > > ");
> > > > > + while (tokenizer.hasMoreTokens()) {
> > > > > + String token = tokenizer.nextToken();
> > > > > + int tlen = token.length();
> > > > > + if (plen > tlen) {
> > > > > + if (pkg.startsWith(token)
> > > > > + && (token.charAt(tlen - 1) == '.' ||
> pkg
> > > > > + .charAt(tlen) == '.')) {
> > > > > + return true;
> > > > > + }
> > > > > + } else if (plen + 1 >= tlen && token.startsWith
> (pkg))
> > > {
> > > > > + if (plen == tlen || token.charAt(tlen - 1) ==
> > > '.') {
> > > > > + return true;
> > > > > + }
> > > > > + }
> > > > > + }
> > > > > }
> > > > > - String securePackages = getSecurityProperty("
> > > package.definition");
> > > > > - if (securePackages != null) {
> > > > > - StringTokenizer tokenizer = new
> > > StringTokenizer(securePackages,
> > > > > - ", ");
> > > > > - while (tokenizer.hasMoreTokens()) {
> > > > > - if (packageName.startsWith(
> > > tokenizer.nextToken())) {
> > > > > - checkPermission(new
> > > RuntimePermission(
> > > > > -
> > > "defineClassInPackage." + packageName));
> > > > > - return;
> > > > > - }
> > > > > - }
> > > > > - }
> > > > > - }
> > > > > -
> > > > > - private String getSecurityProperty(final String property)
> {
> > > > > - PrivilegedAction<String> pa =
> PriviAction.getSecurityProperty
> > > (property);
> > > > > - return AccessController.doPrivileged(pa);
> > > > > +
> > > > > + return false;
> > > > > }
> > > > >
> > > > > /**
> > > > >
> > > > > Modified:
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > > URL:
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > >
> > >
> ==============================================================================
> > > > > ---
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > (original)
> > > > > +++
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > Mon Dec 11 23:43:28 2006
> > > > > @@ -53,8 +53,8 @@
> > > > > *
> > > > > * @see Security#getProperty
> > > > > */
> > > > > - public static <T> PrivilegedAction<T>
> > > getSecurityProperty(String property) {
> > > > > - return new PriviAction<T>(GET_SECURITY_PROPERTY,
> > > property);
> > > > > + public static PrivilegedAction<String>
> > > getSecurityProperty(String property) {
> > > > > + return new
> PriviAction<String>(GET_SECURITY_PROPERTY,
> > > property);
> > > > > }
> > > > >
> > > > > private PriviAction(int action, Object arg) {
> > > > >
> > > > > Modified:
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > > URL:
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > >
> > >
> ==============================================================================
> > > > > ---
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > (original)
> > > > > +++
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > Mon Dec 11 23:43:28 2006
> > > > > @@ -17,53 +17,54 @@
> > > > > package org.apache.harmony.luni.tests.java.lang;
> > > > >
> > > > > import java.security.Permission;
> > > > > -import java.util.HashSet;
> > > > > -import java.util.Set;
> > > > > +import java.security.PermissionCollection;
> > > > > +import java.security.Permissions;
> > > > >
> > > > > class MutableSecurityManager extends SecurityManager {
> > > > >
> > > > > static final RuntimePermission SET_SECURITY_MANAGER = new
> > > RuntimePermission("setSecurityManager");
> > > > >
> > > > > - private final Set<Permission> permissions;
> > > > > + private PermissionCollection enabled;
> > > > >
> > > > > - private String deny;
> > > > > + private PermissionCollection denied;
> > > > >
> > > > > public MutableSecurityManager() {
> > > > > super();
> > > > > - this.permissions = new HashSet<Permission>();
> > > > > + this.enabled = new Permissions();
> > > > > }
> > > > >
> > > > > public MutableSecurityManager(Permission... permissions) {
> > > > > this();
> > > > > for (int i = 0; i < permissions.length; i++) {
> > > > > - this.permissions.add(permissions[i]);
> > > > > + this.enabled.add(permissions[i]);
> > > > > }
> > > > > }
> > > > >
> > > > > void addPermission(Permission permission) {
> > > > > - permissions.add(permission);
> > > > > - }
> > > > > -
> > > > > - void removePermission(Permission permission) {
> > > > > - permissions.remove(permission);
> > > > > + enabled.add(permission);
> > > > > }
> > > > >
> > > > > void clearPermissions() {
> > > > > - permissions.clear();
> > > > > + enabled = new Permissions();
> > > > > }
> > > > >
> > > > > - void denyPermission(String name) {
> > > > > - deny = name;
> > > > > + void denyPermission(Permission p) {
> > > > > + if (denied == null) {
> > > > > + denied = new Permissions();
> > > > > + }
> > > > > + denied.add(p);
> > > > > }
> > > > >
> > > > > @Override
> > > > > public void checkPermission(Permission permission) {
> > > > > - if (permissions.contains(permission)) {
> > > > > + if (enabled.implies(permission)) {
> > > > > return;
> > > > > }
> > > > > - if (permission.getName().equals(deny)){
> > > > > - throw new SecurityException();
> > > > > +
> > > > > + if (denied != null && denied.implies(permission)){
> > > > > + throw new SecurityException("Denied " + permission);
> > > > > }
> > > > > +
> > > > > super.checkPermission(permission);
> > > > > }
> > > > > }
> > > > >
> > > > > Modified:
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > > URL:
> > >
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> > > > >
> > >
> ==============================================================================
> > > > > ---
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > (original)
> > > > > +++
> > >
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > Mon Dec 11 23:43:28 2006
> > > > > @@ -17,7 +17,7 @@
> > > > > package org.apache.harmony.luni.tests.java.lang;
> > > > >
> > > > > import java.io.File;
> > > > > -
> > > > > +import java.security.Security;
> > > > > import tests.support.Support_Exec;
> > > > >
> > > > > import junit.framework.TestCase;
> > > > > @@ -25,12 +25,102 @@
> > > > > public class SecurityManagerTest extends TestCase {
> > > > >
> > > > > /**
> > > > > + * @tests java.lang.SecurityManager#checkPackageAccess
> (String)
> > > > > + */
> > > > > + public void test_checkPackageAccessLjava_lang_String() {
> > > > > + final String old = Security.getProperty("package.access
> ");
> > > > > + Security.setProperty("package.access", "a.,bbb, c.d.");
> > > > > +
> > > > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > > > + sm.denyPermission(new
> > > RuntimePermission("accessClassInPackage.*"));
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageAccess("z.z.z");
> > > > > + sm.checkPackageAccess("aa");
> > > > > + sm.checkPackageAccess("bb");
> > > > > + sm.checkPackageAccess("c");
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageAccess("a");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageAccess("bbb");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageAccess("c.d.e");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + Security.setProperty("package.access", "QWERTY");
> > > > > + sm.checkPackageAccess("a");
> > > > > + sm.checkPackageAccess("qwerty");
> > > > > + try {
> > > > > + sm.checkPackageAccess("QWERTY");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + } finally {
> > > > > + Security.setProperty("package.access",
> > > > > + old == null ? "" : old);
> > > > > + }
> > > > > + }
> > > > > +
> > > > > + /**
> > > > > + * @tests java.lang.SecurityManager#checkPackageDefinition
> > > (String)
> > > > > + */
> > > > > + public void test_checkPackageDefinitionLjava_lang_String() {
> > > > > + final String old = Security.getProperty("
> package.definition
> > > ");
> > > > > + Security.setProperty("package.definition", "a.,bbb, c.d
> .");
> > > > > +
> > > > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > > > + sm.denyPermission(new
> > > RuntimePermission("defineClassInPackage.*"));
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageDefinition("z.z.z");
> > > > > + sm.checkPackageDefinition("aa");
> > > > > + sm.checkPackageDefinition("bb");
> > > > > + sm.checkPackageDefinition("c");
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageDefinition("a");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageDefinition("bbb");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + try {
> > > > > + sm.checkPackageDefinition("c.d.e");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + Security.setProperty("package.definition", "QWERTY");
> > > > > + sm.checkPackageDefinition("a");
> > > > > + sm.checkPackageDefinition("qwerty");
> > > > > + try {
> > > > > + sm.checkPackageDefinition("QWERTY");
> > > > > + fail("This should throw a SecurityException.");
> > > > > + } catch (SecurityException ok) {}
> > > > > +
> > > > > + } finally {
> > > > > + Security.setProperty("package.definition",
> > > > > + old == null ? "" : old);
> > > > > + }
> > > > > + }
> > > > > +
> > > > > + /**
> > > > > * @tests java.lang.SecurityManager#checkMemberAccess(
> > > java.lang.Class, int)
> > > > > */
> > > > > public void test_checkMemberAccessLjava_lang_ClassI() {
> > > > > MutableSecurityManager sm = new MutableSecurityManager();
> > > > > sm.addPermission(
> MutableSecurityManager.SET_SECURITY_MANAGER);
> > > > > - sm.denyPermission("accessDeclaredMembers");
> > > > > + sm.denyPermission(new
> > > RuntimePermission("accessDeclaredMembers"));
> > > > > System.setSecurityManager(sm);
> > > > > try {
> > > > > try {
> > > > >
> > > > >
> > > > >
> > > >
> > >
> >
> >
> >
> > --
> > Stepan Mishura
> > Intel Enterprise Solutions Software Division
> >
> >
>
--
Stepan Mishura
Intel Enterprise Solutions Software Division
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Alexey Varlamov <al...@gmail.com>.
I found the reason why my results are different: presence of
all-enabling ~/.java.policy again :-/
I wonder which test did add it - I'm aware of one ill-behaved drlvm
kernel test(SystemExtensionTest.test_setSecurityManager_Sec), but it
is disabled now. Probably the policy file remained from some earlier
testing...
Sorry for confusion!
2006/12/13, Stepan Mishura <st...@gmail.com>:
> On 12/13/06, Alexey Varlamov wrote:
> >
> > That's really strange. I've just re-checked with j9 on SUSe9 and
> > Win2003 Server - 100% passed with my changes.
> > Are you sure this commit was really guilty??
> > Stepan did the rollback actually - seems he also investigated the build
> > alert.
> > Guys, could you please provide some more details on this?
>
>
> I got the same log as CC sent with notification:
>
> error:
> test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> tests.api.java.security.DomainCombinerTest
> Unit Test Error Details: (1)
>
> Test:
> test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomainClass:
> tests.api.java.security.DomainCombinerTestjava.security.AccessControlException:
> Access denied (java.security.SecurityPermission getProperty.package.access)
> at java.security.AccessController.checkPermission(AccessController.java:94)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:734)
> at tests.api.java.security.DomainCombinerTest$1.checkPermission(
> DomainCombinerTest.java:82)
> at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:421)
> at java.security.Security.getProperty(Security.java:360)
> at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java:131)
> at java.security.AccessController.doPrivileged(AccessController.java:179)
> at java.lang.SecurityManager.checkPackageProperty(SecurityManager.java:331)
> at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:33)
> at com.ibm.oti.vm.URLSystemClassLoader.loadClass(URLSystemClassLoader.java
> :54)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:594)
> at
> tests.api.java.security.DomainCombinerTest.test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
> (DomainCombinerTest.java:89)
> at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:25)
>
>
> Thanks,
> Stepan.
>
> --
> > Alexey
> >
> >
> > 2006/12/12, Alexey Petrenko <al...@gmail.com>:
> > > Alexey,
> > >
> > > looks like your commit is the cause of unit test failure in nio module.
> > > I'll revert it.
> > >
> > > SY, Alexey
> > >
> > > 2006/12/12, varlax@apache.org <va...@apache.org>:
> > > > Author: varlax
> > > > Date: Mon Dec 11 23:43:28 2006
> > > > New Revision: 486052
> > > >
> > > > URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> > > > Log:
> > > > Fixed HARMONY-2301 [luni] flawed SecurityManager.checkPackageAccess()
> > impl
> > > > Regression tests added.
> > > > Tested on DRLVM
> > > >
> > > > Modified:
> > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > >
> > > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > >
> > > > Modified:
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > > URL:
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > >
> > ==============================================================================
> > > > ---
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > (original)
> > > > +++
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > Mon Dec 11 23:43:28 2006
> > > > @@ -46,7 +46,8 @@
> > > > private static final PropertyPermission
> > READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> > > > "*", "read,write");
> > > >
> > > > - private static String[] securePackageList;
> > > > + private static final String PKG_ACC_KEY = "package.access";
> > > > + private static final String PKG_DEF_KEY = "package.definition";
> > > >
> > > > /**
> > > > * Flag to indicate whether a security check is in progress.
> > > > @@ -299,26 +300,8 @@
> > > > if (packageName == null) {
> > > > throw new NullPointerException();
> > > > }
> > > > - synchronized (SecurityManager.class) {
> > > > - if (securePackageList == null) {
> > > > - String securePackages = getSecurityProperty("
> > package.access");
> > > > - if (securePackages != null) {
> > > > - StringTokenizer tokenizer = new
> > StringTokenizer(securePackages, ", ");
> > > > - int i = 0;
> > > > - securePackageList = new String[
> > tokenizer.countTokens()];
> > > > - while (tokenizer.hasMoreTokens()) {
> > > > - securePackageList[i++] = tokenizer.nextToken
> > ();
> > > > - }
> > > > - } else {
> > > > - securePackageList = new String[0];
> > > > - }
> > > > - }
> > > > - for (int i = 0; i < securePackageList.length; i++) {
> > > > - if (packageName.startsWith(securePackageList[i])) {
> > > > - checkPermission(new
> > RuntimePermission("accessClassInPackage." + packageName));
> > > > - return;
> > > > - }
> > > > - }
> > > > + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> > > > + checkPermission(new
> > RuntimePermission("accessClassInPackage." + packageName));
> > > > }
> > > > }
> > > >
> > > > @@ -330,26 +313,44 @@
> > > > * the name of the package to add a class to.
> > > > */
> > > > public void checkPackageDefinition(String packageName) {
> > > > - if (packageName == null) {
> > > > - throw new NullPointerException();
> > > > + if (packageName == null) {
> > > > + throw new NullPointerException();
> > > > + }
> > > > + if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
> > > > + checkPermission(new
> > RuntimePermission("defineClassInPackage." + packageName));
> > > > + }
> > > > + }
> > > > +
> > > > + /**
> > > > + * Returns true if the package name is restricted by
> > > > + * the specified security property.
> > > > + */
> > > > + private static boolean checkPackageProperty(
> > > > + final String property, final String pkg)
> > > > + {
> > > > + String list = AccessController.doPrivileged(PriviAction
> > > > + .getSecurityProperty(property));
> > > > + if (list != null) {
> > > > + int plen = pkg.length();
> > > > + StringTokenizer tokenizer = new StringTokenizer(list, ",
> > ");
> > > > + while (tokenizer.hasMoreTokens()) {
> > > > + String token = tokenizer.nextToken();
> > > > + int tlen = token.length();
> > > > + if (plen > tlen) {
> > > > + if (pkg.startsWith(token)
> > > > + && (token.charAt(tlen - 1) == '.' || pkg
> > > > + .charAt(tlen) == '.')) {
> > > > + return true;
> > > > + }
> > > > + } else if (plen + 1 >= tlen && token.startsWith(pkg))
> > {
> > > > + if (plen == tlen || token.charAt(tlen - 1) ==
> > '.') {
> > > > + return true;
> > > > + }
> > > > + }
> > > > + }
> > > > }
> > > > - String securePackages = getSecurityProperty("
> > package.definition");
> > > > - if (securePackages != null) {
> > > > - StringTokenizer tokenizer = new
> > StringTokenizer(securePackages,
> > > > - ", ");
> > > > - while (tokenizer.hasMoreTokens()) {
> > > > - if (packageName.startsWith(
> > tokenizer.nextToken())) {
> > > > - checkPermission(new
> > RuntimePermission(
> > > > -
> > "defineClassInPackage." + packageName));
> > > > - return;
> > > > - }
> > > > - }
> > > > - }
> > > > - }
> > > > -
> > > > - private String getSecurityProperty(final String property) {
> > > > - PrivilegedAction<String> pa = PriviAction.getSecurityProperty
> > (property);
> > > > - return AccessController.doPrivileged(pa);
> > > > +
> > > > + return false;
> > > > }
> > > >
> > > > /**
> > > >
> > > > Modified:
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > > URL:
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> > > >
> > ==============================================================================
> > > > ---
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > (original)
> > > > +++
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > Mon Dec 11 23:43:28 2006
> > > > @@ -53,8 +53,8 @@
> > > > *
> > > > * @see Security#getProperty
> > > > */
> > > > - public static <T> PrivilegedAction<T>
> > getSecurityProperty(String property) {
> > > > - return new PriviAction<T>(GET_SECURITY_PROPERTY,
> > property);
> > > > + public static PrivilegedAction<String>
> > getSecurityProperty(String property) {
> > > > + return new PriviAction<String>(GET_SECURITY_PROPERTY,
> > property);
> > > > }
> > > >
> > > > private PriviAction(int action, Object arg) {
> > > >
> > > > Modified:
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > > URL:
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > > >
> > ==============================================================================
> > > > ---
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > (original)
> > > > +++
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > Mon Dec 11 23:43:28 2006
> > > > @@ -17,53 +17,54 @@
> > > > package org.apache.harmony.luni.tests.java.lang;
> > > >
> > > > import java.security.Permission;
> > > > -import java.util.HashSet;
> > > > -import java.util.Set;
> > > > +import java.security.PermissionCollection;
> > > > +import java.security.Permissions;
> > > >
> > > > class MutableSecurityManager extends SecurityManager {
> > > >
> > > > static final RuntimePermission SET_SECURITY_MANAGER = new
> > RuntimePermission("setSecurityManager");
> > > >
> > > > - private final Set<Permission> permissions;
> > > > + private PermissionCollection enabled;
> > > >
> > > > - private String deny;
> > > > + private PermissionCollection denied;
> > > >
> > > > public MutableSecurityManager() {
> > > > super();
> > > > - this.permissions = new HashSet<Permission>();
> > > > + this.enabled = new Permissions();
> > > > }
> > > >
> > > > public MutableSecurityManager(Permission... permissions) {
> > > > this();
> > > > for (int i = 0; i < permissions.length; i++) {
> > > > - this.permissions.add(permissions[i]);
> > > > + this.enabled.add(permissions[i]);
> > > > }
> > > > }
> > > >
> > > > void addPermission(Permission permission) {
> > > > - permissions.add(permission);
> > > > - }
> > > > -
> > > > - void removePermission(Permission permission) {
> > > > - permissions.remove(permission);
> > > > + enabled.add(permission);
> > > > }
> > > >
> > > > void clearPermissions() {
> > > > - permissions.clear();
> > > > + enabled = new Permissions();
> > > > }
> > > >
> > > > - void denyPermission(String name) {
> > > > - deny = name;
> > > > + void denyPermission(Permission p) {
> > > > + if (denied == null) {
> > > > + denied = new Permissions();
> > > > + }
> > > > + denied.add(p);
> > > > }
> > > >
> > > > @Override
> > > > public void checkPermission(Permission permission) {
> > > > - if (permissions.contains(permission)) {
> > > > + if (enabled.implies(permission)) {
> > > > return;
> > > > }
> > > > - if (permission.getName().equals(deny)){
> > > > - throw new SecurityException();
> > > > +
> > > > + if (denied != null && denied.implies(permission)){
> > > > + throw new SecurityException("Denied " + permission);
> > > > }
> > > > +
> > > > super.checkPermission(permission);
> > > > }
> > > > }
> > > >
> > > > Modified:
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > > URL:
> > http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> > > >
> > ==============================================================================
> > > > ---
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > (original)
> > > > +++
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > Mon Dec 11 23:43:28 2006
> > > > @@ -17,7 +17,7 @@
> > > > package org.apache.harmony.luni.tests.java.lang;
> > > >
> > > > import java.io.File;
> > > > -
> > > > +import java.security.Security;
> > > > import tests.support.Support_Exec;
> > > >
> > > > import junit.framework.TestCase;
> > > > @@ -25,12 +25,102 @@
> > > > public class SecurityManagerTest extends TestCase {
> > > >
> > > > /**
> > > > + * @tests java.lang.SecurityManager#checkPackageAccess(String)
> > > > + */
> > > > + public void test_checkPackageAccessLjava_lang_String() {
> > > > + final String old = Security.getProperty("package.access");
> > > > + Security.setProperty("package.access", "a.,bbb, c.d.");
> > > > +
> > > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > > + sm.denyPermission(new
> > RuntimePermission("accessClassInPackage.*"));
> > > > +
> > > > + try {
> > > > + sm.checkPackageAccess("z.z.z");
> > > > + sm.checkPackageAccess("aa");
> > > > + sm.checkPackageAccess("bb");
> > > > + sm.checkPackageAccess("c");
> > > > +
> > > > + try {
> > > > + sm.checkPackageAccess("a");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + try {
> > > > + sm.checkPackageAccess("bbb");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + try {
> > > > + sm.checkPackageAccess("c.d.e");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + Security.setProperty("package.access", "QWERTY");
> > > > + sm.checkPackageAccess("a");
> > > > + sm.checkPackageAccess("qwerty");
> > > > + try {
> > > > + sm.checkPackageAccess("QWERTY");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + } finally {
> > > > + Security.setProperty("package.access",
> > > > + old == null ? "" : old);
> > > > + }
> > > > + }
> > > > +
> > > > + /**
> > > > + * @tests java.lang.SecurityManager#checkPackageDefinition
> > (String)
> > > > + */
> > > > + public void test_checkPackageDefinitionLjava_lang_String() {
> > > > + final String old = Security.getProperty("package.definition
> > ");
> > > > + Security.setProperty("package.definition", "a.,bbb, c.d.");
> > > > +
> > > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > > + sm.denyPermission(new
> > RuntimePermission("defineClassInPackage.*"));
> > > > +
> > > > + try {
> > > > + sm.checkPackageDefinition("z.z.z");
> > > > + sm.checkPackageDefinition("aa");
> > > > + sm.checkPackageDefinition("bb");
> > > > + sm.checkPackageDefinition("c");
> > > > +
> > > > + try {
> > > > + sm.checkPackageDefinition("a");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + try {
> > > > + sm.checkPackageDefinition("bbb");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + try {
> > > > + sm.checkPackageDefinition("c.d.e");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + Security.setProperty("package.definition", "QWERTY");
> > > > + sm.checkPackageDefinition("a");
> > > > + sm.checkPackageDefinition("qwerty");
> > > > + try {
> > > > + sm.checkPackageDefinition("QWERTY");
> > > > + fail("This should throw a SecurityException.");
> > > > + } catch (SecurityException ok) {}
> > > > +
> > > > + } finally {
> > > > + Security.setProperty("package.definition",
> > > > + old == null ? "" : old);
> > > > + }
> > > > + }
> > > > +
> > > > + /**
> > > > * @tests java.lang.SecurityManager#checkMemberAccess(
> > java.lang.Class, int)
> > > > */
> > > > public void test_checkMemberAccessLjava_lang_ClassI() {
> > > > MutableSecurityManager sm = new MutableSecurityManager();
> > > > sm.addPermission(MutableSecurityManager.SET_SECURITY_MANAGER);
> > > > - sm.denyPermission("accessDeclaredMembers");
> > > > + sm.denyPermission(new
> > RuntimePermission("accessDeclaredMembers"));
> > > > System.setSecurityManager(sm);
> > > > try {
> > > > try {
> > > >
> > > >
> > > >
> > >
> >
>
>
>
> --
> Stepan Mishura
> Intel Enterprise Solutions Software Division
>
>
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Stepan Mishura <st...@gmail.com>.
On 12/13/06, Alexey Varlamov wrote:
>
> That's really strange. I've just re-checked with j9 on SUSe9 and
> Win2003 Server - 100% passed with my changes.
> Are you sure this commit was really guilty??
> Stepan did the rollback actually - seems he also investigated the build
> alert.
> Guys, could you please provide some more details on this?
I got the same log as CC sent with notification:
error:
test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
tests.api.java.security.DomainCombinerTest
Unit Test Error Details: (1)
Test:
test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomainClass:
tests.api.java.security.DomainCombinerTestjava.security.AccessControlException:
Access denied (java.security.SecurityPermission getProperty.package.access)
at java.security.AccessController.checkPermission(AccessController.java:94)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:734)
at tests.api.java.security.DomainCombinerTest$1.checkPermission(
DomainCombinerTest.java:82)
at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:421)
at java.security.Security.getProperty(Security.java:360)
at org.apache.harmony.luni.util.PriviAction.run(PriviAction.java:131)
at java.security.AccessController.doPrivileged(AccessController.java:179)
at java.lang.SecurityManager.checkPackageProperty(SecurityManager.java:331)
at java.lang.SecurityManager.checkPackageAccess(SecurityManager.java:33)
at com.ibm.oti.vm.URLSystemClassLoader.loadClass(URLSystemClassLoader.java
:54)
at java.lang.ClassLoader.loadClass(ClassLoader.java:594)
at
tests.api.java.security.DomainCombinerTest.test_combine$Ljava_security_ProtectionDomain$Ljava_security_ProtectionDomain
(DomainCombinerTest.java:89)
at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:25)
Thanks,
Stepan.
--
> Alexey
>
>
> 2006/12/12, Alexey Petrenko <al...@gmail.com>:
> > Alexey,
> >
> > looks like your commit is the cause of unit test failure in nio module.
> > I'll revert it.
> >
> > SY, Alexey
> >
> > 2006/12/12, varlax@apache.org <va...@apache.org>:
> > > Author: varlax
> > > Date: Mon Dec 11 23:43:28 2006
> > > New Revision: 486052
> > >
> > > URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> > > Log:
> > > Fixed HARMONY-2301 [luni] flawed SecurityManager.checkPackageAccess()
> impl
> > > Regression tests added.
> > > Tested on DRLVM
> > >
> > > Modified:
> >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> >
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> >
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > >
> > > Modified:
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > > URL:
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > >
> ==============================================================================
> > > ---
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> (original)
> > > +++
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> Mon Dec 11 23:43:28 2006
> > > @@ -46,7 +46,8 @@
> > > private static final PropertyPermission
> READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> > > "*", "read,write");
> > >
> > > - private static String[] securePackageList;
> > > + private static final String PKG_ACC_KEY = "package.access";
> > > + private static final String PKG_DEF_KEY = "package.definition";
> > >
> > > /**
> > > * Flag to indicate whether a security check is in progress.
> > > @@ -299,26 +300,8 @@
> > > if (packageName == null) {
> > > throw new NullPointerException();
> > > }
> > > - synchronized (SecurityManager.class) {
> > > - if (securePackageList == null) {
> > > - String securePackages = getSecurityProperty("
> package.access");
> > > - if (securePackages != null) {
> > > - StringTokenizer tokenizer = new
> StringTokenizer(securePackages, ", ");
> > > - int i = 0;
> > > - securePackageList = new String[
> tokenizer.countTokens()];
> > > - while (tokenizer.hasMoreTokens()) {
> > > - securePackageList[i++] = tokenizer.nextToken
> ();
> > > - }
> > > - } else {
> > > - securePackageList = new String[0];
> > > - }
> > > - }
> > > - for (int i = 0; i < securePackageList.length; i++) {
> > > - if (packageName.startsWith(securePackageList[i])) {
> > > - checkPermission(new
> RuntimePermission("accessClassInPackage." + packageName));
> > > - return;
> > > - }
> > > - }
> > > + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> > > + checkPermission(new
> RuntimePermission("accessClassInPackage." + packageName));
> > > }
> > > }
> > >
> > > @@ -330,26 +313,44 @@
> > > * the name of the package to add a class to.
> > > */
> > > public void checkPackageDefinition(String packageName) {
> > > - if (packageName == null) {
> > > - throw new NullPointerException();
> > > + if (packageName == null) {
> > > + throw new NullPointerException();
> > > + }
> > > + if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
> > > + checkPermission(new
> RuntimePermission("defineClassInPackage." + packageName));
> > > + }
> > > + }
> > > +
> > > + /**
> > > + * Returns true if the package name is restricted by
> > > + * the specified security property.
> > > + */
> > > + private static boolean checkPackageProperty(
> > > + final String property, final String pkg)
> > > + {
> > > + String list = AccessController.doPrivileged(PriviAction
> > > + .getSecurityProperty(property));
> > > + if (list != null) {
> > > + int plen = pkg.length();
> > > + StringTokenizer tokenizer = new StringTokenizer(list, ",
> ");
> > > + while (tokenizer.hasMoreTokens()) {
> > > + String token = tokenizer.nextToken();
> > > + int tlen = token.length();
> > > + if (plen > tlen) {
> > > + if (pkg.startsWith(token)
> > > + && (token.charAt(tlen - 1) == '.' || pkg
> > > + .charAt(tlen) == '.')) {
> > > + return true;
> > > + }
> > > + } else if (plen + 1 >= tlen && token.startsWith(pkg))
> {
> > > + if (plen == tlen || token.charAt(tlen - 1) ==
> '.') {
> > > + return true;
> > > + }
> > > + }
> > > + }
> > > }
> > > - String securePackages = getSecurityProperty("
> package.definition");
> > > - if (securePackages != null) {
> > > - StringTokenizer tokenizer = new
> StringTokenizer(securePackages,
> > > - ", ");
> > > - while (tokenizer.hasMoreTokens()) {
> > > - if (packageName.startsWith(
> tokenizer.nextToken())) {
> > > - checkPermission(new
> RuntimePermission(
> > > -
> "defineClassInPackage." + packageName));
> > > - return;
> > > - }
> > > - }
> > > - }
> > > - }
> > > -
> > > - private String getSecurityProperty(final String property) {
> > > - PrivilegedAction<String> pa = PriviAction.getSecurityProperty
> (property);
> > > - return AccessController.doPrivileged(pa);
> > > +
> > > + return false;
> > > }
> > >
> > > /**
> > >
> > > Modified:
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > > URL:
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> > >
> ==============================================================================
> > > ---
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> (original)
> > > +++
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> Mon Dec 11 23:43:28 2006
> > > @@ -53,8 +53,8 @@
> > > *
> > > * @see Security#getProperty
> > > */
> > > - public static <T> PrivilegedAction<T>
> getSecurityProperty(String property) {
> > > - return new PriviAction<T>(GET_SECURITY_PROPERTY,
> property);
> > > + public static PrivilegedAction<String>
> getSecurityProperty(String property) {
> > > + return new PriviAction<String>(GET_SECURITY_PROPERTY,
> property);
> > > }
> > >
> > > private PriviAction(int action, Object arg) {
> > >
> > > Modified:
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > > URL:
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > >
> ==============================================================================
> > > ---
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> (original)
> > > +++
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> Mon Dec 11 23:43:28 2006
> > > @@ -17,53 +17,54 @@
> > > package org.apache.harmony.luni.tests.java.lang;
> > >
> > > import java.security.Permission;
> > > -import java.util.HashSet;
> > > -import java.util.Set;
> > > +import java.security.PermissionCollection;
> > > +import java.security.Permissions;
> > >
> > > class MutableSecurityManager extends SecurityManager {
> > >
> > > static final RuntimePermission SET_SECURITY_MANAGER = new
> RuntimePermission("setSecurityManager");
> > >
> > > - private final Set<Permission> permissions;
> > > + private PermissionCollection enabled;
> > >
> > > - private String deny;
> > > + private PermissionCollection denied;
> > >
> > > public MutableSecurityManager() {
> > > super();
> > > - this.permissions = new HashSet<Permission>();
> > > + this.enabled = new Permissions();
> > > }
> > >
> > > public MutableSecurityManager(Permission... permissions) {
> > > this();
> > > for (int i = 0; i < permissions.length; i++) {
> > > - this.permissions.add(permissions[i]);
> > > + this.enabled.add(permissions[i]);
> > > }
> > > }
> > >
> > > void addPermission(Permission permission) {
> > > - permissions.add(permission);
> > > - }
> > > -
> > > - void removePermission(Permission permission) {
> > > - permissions.remove(permission);
> > > + enabled.add(permission);
> > > }
> > >
> > > void clearPermissions() {
> > > - permissions.clear();
> > > + enabled = new Permissions();
> > > }
> > >
> > > - void denyPermission(String name) {
> > > - deny = name;
> > > + void denyPermission(Permission p) {
> > > + if (denied == null) {
> > > + denied = new Permissions();
> > > + }
> > > + denied.add(p);
> > > }
> > >
> > > @Override
> > > public void checkPermission(Permission permission) {
> > > - if (permissions.contains(permission)) {
> > > + if (enabled.implies(permission)) {
> > > return;
> > > }
> > > - if (permission.getName().equals(deny)){
> > > - throw new SecurityException();
> > > +
> > > + if (denied != null && denied.implies(permission)){
> > > + throw new SecurityException("Denied " + permission);
> > > }
> > > +
> > > super.checkPermission(permission);
> > > }
> > > }
> > >
> > > Modified:
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > > URL:
> http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> > >
> ==============================================================================
> > > ---
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> (original)
> > > +++
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> Mon Dec 11 23:43:28 2006
> > > @@ -17,7 +17,7 @@
> > > package org.apache.harmony.luni.tests.java.lang;
> > >
> > > import java.io.File;
> > > -
> > > +import java.security.Security;
> > > import tests.support.Support_Exec;
> > >
> > > import junit.framework.TestCase;
> > > @@ -25,12 +25,102 @@
> > > public class SecurityManagerTest extends TestCase {
> > >
> > > /**
> > > + * @tests java.lang.SecurityManager#checkPackageAccess(String)
> > > + */
> > > + public void test_checkPackageAccessLjava_lang_String() {
> > > + final String old = Security.getProperty("package.access");
> > > + Security.setProperty("package.access", "a.,bbb, c.d.");
> > > +
> > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > + sm.denyPermission(new
> RuntimePermission("accessClassInPackage.*"));
> > > +
> > > + try {
> > > + sm.checkPackageAccess("z.z.z");
> > > + sm.checkPackageAccess("aa");
> > > + sm.checkPackageAccess("bb");
> > > + sm.checkPackageAccess("c");
> > > +
> > > + try {
> > > + sm.checkPackageAccess("a");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + try {
> > > + sm.checkPackageAccess("bbb");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + try {
> > > + sm.checkPackageAccess("c.d.e");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + Security.setProperty("package.access", "QWERTY");
> > > + sm.checkPackageAccess("a");
> > > + sm.checkPackageAccess("qwerty");
> > > + try {
> > > + sm.checkPackageAccess("QWERTY");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + } finally {
> > > + Security.setProperty("package.access",
> > > + old == null ? "" : old);
> > > + }
> > > + }
> > > +
> > > + /**
> > > + * @tests java.lang.SecurityManager#checkPackageDefinition
> (String)
> > > + */
> > > + public void test_checkPackageDefinitionLjava_lang_String() {
> > > + final String old = Security.getProperty("package.definition
> ");
> > > + Security.setProperty("package.definition", "a.,bbb, c.d.");
> > > +
> > > + MutableSecurityManager sm = new MutableSecurityManager();
> > > + sm.denyPermission(new
> RuntimePermission("defineClassInPackage.*"));
> > > +
> > > + try {
> > > + sm.checkPackageDefinition("z.z.z");
> > > + sm.checkPackageDefinition("aa");
> > > + sm.checkPackageDefinition("bb");
> > > + sm.checkPackageDefinition("c");
> > > +
> > > + try {
> > > + sm.checkPackageDefinition("a");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + try {
> > > + sm.checkPackageDefinition("bbb");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + try {
> > > + sm.checkPackageDefinition("c.d.e");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + Security.setProperty("package.definition", "QWERTY");
> > > + sm.checkPackageDefinition("a");
> > > + sm.checkPackageDefinition("qwerty");
> > > + try {
> > > + sm.checkPackageDefinition("QWERTY");
> > > + fail("This should throw a SecurityException.");
> > > + } catch (SecurityException ok) {}
> > > +
> > > + } finally {
> > > + Security.setProperty("package.definition",
> > > + old == null ? "" : old);
> > > + }
> > > + }
> > > +
> > > + /**
> > > * @tests java.lang.SecurityManager#checkMemberAccess(
> java.lang.Class, int)
> > > */
> > > public void test_checkMemberAccessLjava_lang_ClassI() {
> > > MutableSecurityManager sm = new MutableSecurityManager();
> > > sm.addPermission(MutableSecurityManager.SET_SECURITY_MANAGER);
> > > - sm.denyPermission("accessDeclaredMembers");
> > > + sm.denyPermission(new
> RuntimePermission("accessDeclaredMembers"));
> > > System.setSecurityManager(sm);
> > > try {
> > > try {
> > >
> > >
> > >
> >
>
--
Stepan Mishura
Intel Enterprise Solutions Software Division
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Alexey Varlamov <al...@gmail.com>.
That's really strange. I've just re-checked with j9 on SUSe9 and
Win2003 Server - 100% passed with my changes.
Are you sure this commit was really guilty??
Stepan did the rollback actually - seems he also investigated the build alert.
Guys, could you please provide some more details on this?
--
Alexey
2006/12/12, Alexey Petrenko <al...@gmail.com>:
> Alexey,
>
> looks like your commit is the cause of unit test failure in nio module.
> I'll revert it.
>
> SY, Alexey
>
> 2006/12/12, varlax@apache.org <va...@apache.org>:
> > Author: varlax
> > Date: Mon Dec 11 23:43:28 2006
> > New Revision: 486052
> >
> > URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> > Log:
> > Fixed HARMONY-2301 [luni] flawed SecurityManager.checkPackageAccess() impl
> > Regression tests added.
> > Tested on DRLVM
> >
> > Modified:
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> >
> > Modified: harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> > URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > ==============================================================================
> > --- harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java (original)
> > +++ harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java Mon Dec 11 23:43:28 2006
> > @@ -46,7 +46,8 @@
> > private static final PropertyPermission READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> > "*", "read,write");
> >
> > - private static String[] securePackageList;
> > + private static final String PKG_ACC_KEY = "package.access";
> > + private static final String PKG_DEF_KEY = "package.definition";
> >
> > /**
> > * Flag to indicate whether a security check is in progress.
> > @@ -299,26 +300,8 @@
> > if (packageName == null) {
> > throw new NullPointerException();
> > }
> > - synchronized (SecurityManager.class) {
> > - if (securePackageList == null) {
> > - String securePackages = getSecurityProperty("package.access");
> > - if (securePackages != null) {
> > - StringTokenizer tokenizer = new StringTokenizer(securePackages, ", ");
> > - int i = 0;
> > - securePackageList = new String[tokenizer.countTokens()];
> > - while (tokenizer.hasMoreTokens()) {
> > - securePackageList[i++] = tokenizer.nextToken();
> > - }
> > - } else {
> > - securePackageList = new String[0];
> > - }
> > - }
> > - for (int i = 0; i < securePackageList.length; i++) {
> > - if (packageName.startsWith(securePackageList[i])) {
> > - checkPermission(new RuntimePermission("accessClassInPackage." + packageName));
> > - return;
> > - }
> > - }
> > + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> > + checkPermission(new RuntimePermission("accessClassInPackage." + packageName));
> > }
> > }
> >
> > @@ -330,26 +313,44 @@
> > * the name of the package to add a class to.
> > */
> > public void checkPackageDefinition(String packageName) {
> > - if (packageName == null) {
> > - throw new NullPointerException();
> > + if (packageName == null) {
> > + throw new NullPointerException();
> > + }
> > + if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
> > + checkPermission(new RuntimePermission("defineClassInPackage." + packageName));
> > + }
> > + }
> > +
> > + /**
> > + * Returns true if the package name is restricted by
> > + * the specified security property.
> > + */
> > + private static boolean checkPackageProperty(
> > + final String property, final String pkg)
> > + {
> > + String list = AccessController.doPrivileged(PriviAction
> > + .getSecurityProperty(property));
> > + if (list != null) {
> > + int plen = pkg.length();
> > + StringTokenizer tokenizer = new StringTokenizer(list, ", ");
> > + while (tokenizer.hasMoreTokens()) {
> > + String token = tokenizer.nextToken();
> > + int tlen = token.length();
> > + if (plen > tlen) {
> > + if (pkg.startsWith(token)
> > + && (token.charAt(tlen - 1) == '.' || pkg
> > + .charAt(tlen) == '.')) {
> > + return true;
> > + }
> > + } else if (plen + 1 >= tlen && token.startsWith(pkg)) {
> > + if (plen == tlen || token.charAt(tlen - 1) == '.') {
> > + return true;
> > + }
> > + }
> > + }
> > }
> > - String securePackages = getSecurityProperty("package.definition");
> > - if (securePackages != null) {
> > - StringTokenizer tokenizer = new StringTokenizer(securePackages,
> > - ", ");
> > - while (tokenizer.hasMoreTokens()) {
> > - if (packageName.startsWith(tokenizer.nextToken())) {
> > - checkPermission(new RuntimePermission(
> > - "defineClassInPackage." + packageName));
> > - return;
> > - }
> > - }
> > - }
> > - }
> > -
> > - private String getSecurityProperty(final String property) {
> > - PrivilegedAction<String> pa = PriviAction.getSecurityProperty(property);
> > - return AccessController.doPrivileged(pa);
> > +
> > + return false;
> > }
> >
> > /**
> >
> > Modified: harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> > URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> > ==============================================================================
> > --- harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java (original)
> > +++ harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java Mon Dec 11 23:43:28 2006
> > @@ -53,8 +53,8 @@
> > *
> > * @see Security#getProperty
> > */
> > - public static <T> PrivilegedAction<T> getSecurityProperty(String property) {
> > - return new PriviAction<T>(GET_SECURITY_PROPERTY, property);
> > + public static PrivilegedAction<String> getSecurityProperty(String property) {
> > + return new PriviAction<String>(GET_SECURITY_PROPERTY, property);
> > }
> >
> > private PriviAction(int action, Object arg) {
> >
> > Modified: harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> > URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> > ==============================================================================
> > --- harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java (original)
> > +++ harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java Mon Dec 11 23:43:28 2006
> > @@ -17,53 +17,54 @@
> > package org.apache.harmony.luni.tests.java.lang;
> >
> > import java.security.Permission;
> > -import java.util.HashSet;
> > -import java.util.Set;
> > +import java.security.PermissionCollection;
> > +import java.security.Permissions;
> >
> > class MutableSecurityManager extends SecurityManager {
> >
> > static final RuntimePermission SET_SECURITY_MANAGER = new RuntimePermission("setSecurityManager");
> >
> > - private final Set<Permission> permissions;
> > + private PermissionCollection enabled;
> >
> > - private String deny;
> > + private PermissionCollection denied;
> >
> > public MutableSecurityManager() {
> > super();
> > - this.permissions = new HashSet<Permission>();
> > + this.enabled = new Permissions();
> > }
> >
> > public MutableSecurityManager(Permission... permissions) {
> > this();
> > for (int i = 0; i < permissions.length; i++) {
> > - this.permissions.add(permissions[i]);
> > + this.enabled.add(permissions[i]);
> > }
> > }
> >
> > void addPermission(Permission permission) {
> > - permissions.add(permission);
> > - }
> > -
> > - void removePermission(Permission permission) {
> > - permissions.remove(permission);
> > + enabled.add(permission);
> > }
> >
> > void clearPermissions() {
> > - permissions.clear();
> > + enabled = new Permissions();
> > }
> >
> > - void denyPermission(String name) {
> > - deny = name;
> > + void denyPermission(Permission p) {
> > + if (denied == null) {
> > + denied = new Permissions();
> > + }
> > + denied.add(p);
> > }
> >
> > @Override
> > public void checkPermission(Permission permission) {
> > - if (permissions.contains(permission)) {
> > + if (enabled.implies(permission)) {
> > return;
> > }
> > - if (permission.getName().equals(deny)){
> > - throw new SecurityException();
> > +
> > + if (denied != null && denied.implies(permission)){
> > + throw new SecurityException("Denied " + permission);
> > }
> > +
> > super.checkPermission(permission);
> > }
> > }
> >
> > Modified: harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> > URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> > ==============================================================================
> > --- harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java (original)
> > +++ harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java Mon Dec 11 23:43:28 2006
> > @@ -17,7 +17,7 @@
> > package org.apache.harmony.luni.tests.java.lang;
> >
> > import java.io.File;
> > -
> > +import java.security.Security;
> > import tests.support.Support_Exec;
> >
> > import junit.framework.TestCase;
> > @@ -25,12 +25,102 @@
> > public class SecurityManagerTest extends TestCase {
> >
> > /**
> > + * @tests java.lang.SecurityManager#checkPackageAccess(String)
> > + */
> > + public void test_checkPackageAccessLjava_lang_String() {
> > + final String old = Security.getProperty("package.access");
> > + Security.setProperty("package.access", "a.,bbb, c.d.");
> > +
> > + MutableSecurityManager sm = new MutableSecurityManager();
> > + sm.denyPermission(new RuntimePermission("accessClassInPackage.*"));
> > +
> > + try {
> > + sm.checkPackageAccess("z.z.z");
> > + sm.checkPackageAccess("aa");
> > + sm.checkPackageAccess("bb");
> > + sm.checkPackageAccess("c");
> > +
> > + try {
> > + sm.checkPackageAccess("a");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + try {
> > + sm.checkPackageAccess("bbb");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + try {
> > + sm.checkPackageAccess("c.d.e");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + Security.setProperty("package.access", "QWERTY");
> > + sm.checkPackageAccess("a");
> > + sm.checkPackageAccess("qwerty");
> > + try {
> > + sm.checkPackageAccess("QWERTY");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + } finally {
> > + Security.setProperty("package.access",
> > + old == null ? "" : old);
> > + }
> > + }
> > +
> > + /**
> > + * @tests java.lang.SecurityManager#checkPackageDefinition(String)
> > + */
> > + public void test_checkPackageDefinitionLjava_lang_String() {
> > + final String old = Security.getProperty("package.definition");
> > + Security.setProperty("package.definition", "a.,bbb, c.d.");
> > +
> > + MutableSecurityManager sm = new MutableSecurityManager();
> > + sm.denyPermission(new RuntimePermission("defineClassInPackage.*"));
> > +
> > + try {
> > + sm.checkPackageDefinition("z.z.z");
> > + sm.checkPackageDefinition("aa");
> > + sm.checkPackageDefinition("bb");
> > + sm.checkPackageDefinition("c");
> > +
> > + try {
> > + sm.checkPackageDefinition("a");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + try {
> > + sm.checkPackageDefinition("bbb");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + try {
> > + sm.checkPackageDefinition("c.d.e");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + Security.setProperty("package.definition", "QWERTY");
> > + sm.checkPackageDefinition("a");
> > + sm.checkPackageDefinition("qwerty");
> > + try {
> > + sm.checkPackageDefinition("QWERTY");
> > + fail("This should throw a SecurityException.");
> > + } catch (SecurityException ok) {}
> > +
> > + } finally {
> > + Security.setProperty("package.definition",
> > + old == null ? "" : old);
> > + }
> > + }
> > +
> > + /**
> > * @tests java.lang.SecurityManager#checkMemberAccess(java.lang.Class, int)
> > */
> > public void test_checkMemberAccessLjava_lang_ClassI() {
> > MutableSecurityManager sm = new MutableSecurityManager();
> > sm.addPermission(MutableSecurityManager.SET_SECURITY_MANAGER);
> > - sm.denyPermission("accessDeclaredMembers");
> > + sm.denyPermission(new RuntimePermission("accessDeclaredMembers"));
> > System.setSecurityManager(sm);
> > try {
> > try {
> >
> >
> >
>
Re: svn commit: r486052 - in /harmony/enhanced/classlib/trunk/modules/luni/src: main/java/java/lang/ main/java/org/apache/harmony/luni/util/ test/java/org/apache/harmony/luni/tests/java/lang/
Posted by Alexey Petrenko <al...@gmail.com>.
Alexey,
looks like your commit is the cause of unit test failure in nio module.
I'll revert it.
SY, Alexey
2006/12/12, varlax@apache.org <va...@apache.org>:
> Author: varlax
> Date: Mon Dec 11 23:43:28 2006
> New Revision: 486052
>
> URL: http://svn.apache.org/viewvc?view=rev&rev=486052
> Log:
> Fixed HARMONY-2301 [luni] flawed SecurityManager.checkPackageAccess() impl
> Regression tests added.
> Tested on DRLVM
>
> Modified:
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
>
> Modified: harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java
> URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> ==============================================================================
> --- harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java (original)
> +++ harmony/enhanced/classlib/trunk/modules/luni/src/main/java/java/lang/SecurityManager.java Mon Dec 11 23:43:28 2006
> @@ -46,7 +46,8 @@
> private static final PropertyPermission READ_WRITE_ALL_PROPERTIES_PERMISSION = new PropertyPermission(
> "*", "read,write");
>
> - private static String[] securePackageList;
> + private static final String PKG_ACC_KEY = "package.access";
> + private static final String PKG_DEF_KEY = "package.definition";
>
> /**
> * Flag to indicate whether a security check is in progress.
> @@ -299,26 +300,8 @@
> if (packageName == null) {
> throw new NullPointerException();
> }
> - synchronized (SecurityManager.class) {
> - if (securePackageList == null) {
> - String securePackages = getSecurityProperty("package.access");
> - if (securePackages != null) {
> - StringTokenizer tokenizer = new StringTokenizer(securePackages, ", ");
> - int i = 0;
> - securePackageList = new String[tokenizer.countTokens()];
> - while (tokenizer.hasMoreTokens()) {
> - securePackageList[i++] = tokenizer.nextToken();
> - }
> - } else {
> - securePackageList = new String[0];
> - }
> - }
> - for (int i = 0; i < securePackageList.length; i++) {
> - if (packageName.startsWith(securePackageList[i])) {
> - checkPermission(new RuntimePermission("accessClassInPackage." + packageName));
> - return;
> - }
> - }
> + if (checkPackageProperty(PKG_ACC_KEY, packageName)) {
> + checkPermission(new RuntimePermission("accessClassInPackage." + packageName));
> }
> }
>
> @@ -330,26 +313,44 @@
> * the name of the package to add a class to.
> */
> public void checkPackageDefinition(String packageName) {
> - if (packageName == null) {
> - throw new NullPointerException();
> + if (packageName == null) {
> + throw new NullPointerException();
> + }
> + if (checkPackageProperty(PKG_DEF_KEY, packageName)) {
> + checkPermission(new RuntimePermission("defineClassInPackage." + packageName));
> + }
> + }
> +
> + /**
> + * Returns true if the package name is restricted by
> + * the specified security property.
> + */
> + private static boolean checkPackageProperty(
> + final String property, final String pkg)
> + {
> + String list = AccessController.doPrivileged(PriviAction
> + .getSecurityProperty(property));
> + if (list != null) {
> + int plen = pkg.length();
> + StringTokenizer tokenizer = new StringTokenizer(list, ", ");
> + while (tokenizer.hasMoreTokens()) {
> + String token = tokenizer.nextToken();
> + int tlen = token.length();
> + if (plen > tlen) {
> + if (pkg.startsWith(token)
> + && (token.charAt(tlen - 1) == '.' || pkg
> + .charAt(tlen) == '.')) {
> + return true;
> + }
> + } else if (plen + 1 >= tlen && token.startsWith(pkg)) {
> + if (plen == tlen || token.charAt(tlen - 1) == '.') {
> + return true;
> + }
> + }
> + }
> }
> - String securePackages = getSecurityProperty("package.definition");
> - if (securePackages != null) {
> - StringTokenizer tokenizer = new StringTokenizer(securePackages,
> - ", ");
> - while (tokenizer.hasMoreTokens()) {
> - if (packageName.startsWith(tokenizer.nextToken())) {
> - checkPermission(new RuntimePermission(
> - "defineClassInPackage." + packageName));
> - return;
> - }
> - }
> - }
> - }
> -
> - private String getSecurityProperty(final String property) {
> - PrivilegedAction<String> pa = PriviAction.getSecurityProperty(property);
> - return AccessController.doPrivileged(pa);
> +
> + return false;
> }
>
> /**
>
> Modified: harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java
> URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java?view=diff&rev=486052&r1=486051&r2=486052
> ==============================================================================
> --- harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java (original)
> +++ harmony/enhanced/classlib/trunk/modules/luni/src/main/java/org/apache/harmony/luni/util/PriviAction.java Mon Dec 11 23:43:28 2006
> @@ -53,8 +53,8 @@
> *
> * @see Security#getProperty
> */
> - public static <T> PrivilegedAction<T> getSecurityProperty(String property) {
> - return new PriviAction<T>(GET_SECURITY_PROPERTY, property);
> + public static PrivilegedAction<String> getSecurityProperty(String property) {
> + return new PriviAction<String>(GET_SECURITY_PROPERTY, property);
> }
>
> private PriviAction(int action, Object arg) {
>
> Modified: harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java
> URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java?view=diff&rev=486052&r1=486051&r2=486052
> ==============================================================================
> --- harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java (original)
> +++ harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/MutableSecurityManager.java Mon Dec 11 23:43:28 2006
> @@ -17,53 +17,54 @@
> package org.apache.harmony.luni.tests.java.lang;
>
> import java.security.Permission;
> -import java.util.HashSet;
> -import java.util.Set;
> +import java.security.PermissionCollection;
> +import java.security.Permissions;
>
> class MutableSecurityManager extends SecurityManager {
>
> static final RuntimePermission SET_SECURITY_MANAGER = new RuntimePermission("setSecurityManager");
>
> - private final Set<Permission> permissions;
> + private PermissionCollection enabled;
>
> - private String deny;
> + private PermissionCollection denied;
>
> public MutableSecurityManager() {
> super();
> - this.permissions = new HashSet<Permission>();
> + this.enabled = new Permissions();
> }
>
> public MutableSecurityManager(Permission... permissions) {
> this();
> for (int i = 0; i < permissions.length; i++) {
> - this.permissions.add(permissions[i]);
> + this.enabled.add(permissions[i]);
> }
> }
>
> void addPermission(Permission permission) {
> - permissions.add(permission);
> - }
> -
> - void removePermission(Permission permission) {
> - permissions.remove(permission);
> + enabled.add(permission);
> }
>
> void clearPermissions() {
> - permissions.clear();
> + enabled = new Permissions();
> }
>
> - void denyPermission(String name) {
> - deny = name;
> + void denyPermission(Permission p) {
> + if (denied == null) {
> + denied = new Permissions();
> + }
> + denied.add(p);
> }
>
> @Override
> public void checkPermission(Permission permission) {
> - if (permissions.contains(permission)) {
> + if (enabled.implies(permission)) {
> return;
> }
> - if (permission.getName().equals(deny)){
> - throw new SecurityException();
> +
> + if (denied != null && denied.implies(permission)){
> + throw new SecurityException("Denied " + permission);
> }
> +
> super.checkPermission(permission);
> }
> }
>
> Modified: harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java
> URL: http://svn.apache.org/viewvc/harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java?view=diff&rev=486052&r1=486051&r2=486052
> ==============================================================================
> --- harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java (original)
> +++ harmony/enhanced/classlib/trunk/modules/luni/src/test/java/org/apache/harmony/luni/tests/java/lang/SecurityManagerTest.java Mon Dec 11 23:43:28 2006
> @@ -17,7 +17,7 @@
> package org.apache.harmony.luni.tests.java.lang;
>
> import java.io.File;
> -
> +import java.security.Security;
> import tests.support.Support_Exec;
>
> import junit.framework.TestCase;
> @@ -25,12 +25,102 @@
> public class SecurityManagerTest extends TestCase {
>
> /**
> + * @tests java.lang.SecurityManager#checkPackageAccess(String)
> + */
> + public void test_checkPackageAccessLjava_lang_String() {
> + final String old = Security.getProperty("package.access");
> + Security.setProperty("package.access", "a.,bbb, c.d.");
> +
> + MutableSecurityManager sm = new MutableSecurityManager();
> + sm.denyPermission(new RuntimePermission("accessClassInPackage.*"));
> +
> + try {
> + sm.checkPackageAccess("z.z.z");
> + sm.checkPackageAccess("aa");
> + sm.checkPackageAccess("bb");
> + sm.checkPackageAccess("c");
> +
> + try {
> + sm.checkPackageAccess("a");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + try {
> + sm.checkPackageAccess("bbb");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + try {
> + sm.checkPackageAccess("c.d.e");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + Security.setProperty("package.access", "QWERTY");
> + sm.checkPackageAccess("a");
> + sm.checkPackageAccess("qwerty");
> + try {
> + sm.checkPackageAccess("QWERTY");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + } finally {
> + Security.setProperty("package.access",
> + old == null ? "" : old);
> + }
> + }
> +
> + /**
> + * @tests java.lang.SecurityManager#checkPackageDefinition(String)
> + */
> + public void test_checkPackageDefinitionLjava_lang_String() {
> + final String old = Security.getProperty("package.definition");
> + Security.setProperty("package.definition", "a.,bbb, c.d.");
> +
> + MutableSecurityManager sm = new MutableSecurityManager();
> + sm.denyPermission(new RuntimePermission("defineClassInPackage.*"));
> +
> + try {
> + sm.checkPackageDefinition("z.z.z");
> + sm.checkPackageDefinition("aa");
> + sm.checkPackageDefinition("bb");
> + sm.checkPackageDefinition("c");
> +
> + try {
> + sm.checkPackageDefinition("a");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + try {
> + sm.checkPackageDefinition("bbb");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + try {
> + sm.checkPackageDefinition("c.d.e");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + Security.setProperty("package.definition", "QWERTY");
> + sm.checkPackageDefinition("a");
> + sm.checkPackageDefinition("qwerty");
> + try {
> + sm.checkPackageDefinition("QWERTY");
> + fail("This should throw a SecurityException.");
> + } catch (SecurityException ok) {}
> +
> + } finally {
> + Security.setProperty("package.definition",
> + old == null ? "" : old);
> + }
> + }
> +
> + /**
> * @tests java.lang.SecurityManager#checkMemberAccess(java.lang.Class, int)
> */
> public void test_checkMemberAccessLjava_lang_ClassI() {
> MutableSecurityManager sm = new MutableSecurityManager();
> sm.addPermission(MutableSecurityManager.SET_SECURITY_MANAGER);
> - sm.denyPermission("accessDeclaredMembers");
> + sm.denyPermission(new RuntimePermission("accessDeclaredMembers"));
> System.setSecurityManager(sm);
> try {
> try {
>
>
>