/hg/release/icedtea-web-1.5: Add Thread/ThreadGroup permissions ...

aazores at icedtea.classpath.org aazores at icedtea.classpath.org
Mon Apr 14 16:14:23 UTC 2014 

changeset 72e24f635c8b in /hg/release/icedtea-web-1.5
details: http://icedtea.classpath.org/hg/release/icedtea-web-1.5?cmd=changeset;node=72e24f635c8b
author: Andrew Azores <aazores at redhat.com>
date: Mon Apr 14 12:14:15 2014 -0400

	Add Thread/ThreadGroup permissions for PolicyEditor and temp

	* netx/net/sourceforge/jnlp/resources/Messages.properties:
	(PEAccessThreads, PEAccessThreadsDetail, PEAccessThreadGroups,
	PEAccessThreadGroupsDetail) new messages
	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java:
	(ACCESS_THREADS_PERMISSION, ACCESS_THREAD_GROUPS_PERMISSION) new
	permissions, added to reflection group.
	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
	(ACCESS_THREADS, ACCESS_THREAD_GROUPS) new targets
	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
	(ACCESS_THREADS, ACCESS_THREAD_GROUPS) new permissions, added to
	reflection group. Minor formatting fixes.


diffstat:

 ChangeLog                                                                    |  14 ++++++++
 netx/net/sourceforge/jnlp/resources/Messages.properties                      |   4 ++
 netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java         |   9 ++++-
 netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java        |   2 +
 netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java |  16 ++++++---
 5 files changed, 37 insertions(+), 8 deletions(-)

diffs (122 lines):

diff -r 80e5f17e3bbc -r 72e24f635c8b ChangeLog
--- a/ChangeLog	Mon Apr 14 15:20:30 2014 +0200
+++ b/ChangeLog	Mon Apr 14 12:14:15 2014 -0400
@@ -1,3 +1,17 @@
+2014-04-14  Andrew Azores  <aazores at redhat.com>
+
+	* netx/net/sourceforge/jnlp/resources/Messages.properties:
+	(PEAccessThreads, PEAccessThreadsDetail, PEAccessThreadGroups,
+	PEAccessThreadGroupsDetail) new messages
+	* netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java:
+	(ACCESS_THREADS_PERMISSION, ACCESS_THREAD_GROUPS_PERMISSION) new
+	permissions, added to reflection group.
+	* netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java:
+	(ACCESS_THREADS, ACCESS_THREAD_GROUPS) new targets
+	* netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java:
+	(ACCESS_THREADS, ACCESS_THREAD_GROUPS) new permissions, added to
+	reflection group. Minor formatting fixes.
+
 2014-04-14  Jiri Vanek  <jvanek at redhat.com>
 
 	All manifest attributes can be disabled
diff -r 80e5f17e3bbc -r 72e24f635c8b netx/net/sourceforge/jnlp/resources/Messages.properties
--- a/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Apr 14 15:20:30 2014 +0200
+++ b/netx/net/sourceforge/jnlp/resources/Messages.properties	Mon Apr 14 12:14:15 2014 -0400
@@ -548,6 +548,10 @@
 PEClassInPackageDetail=Allow applets to access classes from other applet packages (often used with Reflection)
 PEDeclaredMembers=Access private class data
 PEDeclaredMembersDetail=Allow applets to access normally hidden data from other Java classes (often used with Reflection)
+PEAccessThreads=Modify threads
+PEAccessThreadsDetail=Allow applets to start, stop, and otherwise manage threads
+PEAccessThreadGroups=Modify threadgroups
+PEAccessThreadGroupsDetail=Allow applets to start, stop, and otherwise manage thread groups
 PEExec=Execute commands
 PEExecDetail=Allow applets to execute system commands
 PEGetEnv=Get environment variables
diff -r 80e5f17e3bbc -r 72e24f635c8b netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java
--- a/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java	Mon Apr 14 15:20:30 2014 +0200
+++ b/netx/net/sourceforge/jnlp/security/dialogs/TemporaryPermissions.java	Mon Apr 14 12:14:15 2014 -0400
@@ -83,6 +83,8 @@
     public static final RuntimePermission CLASSLOADER_PERMISSION = new RuntimePermission(GET_CLASSLOADER.getTarget().target);
     public static final RuntimePermission ACCESS_CLASS_IN_PACKAGE_PERMISSION = new RuntimePermission(ACCESS_CLASS_IN_PACKAGE.getTarget().target);
     public static final RuntimePermission ACCESS_DECLARED_MEMBERS_PERMISSION = new RuntimePermission(ACCESS_DECLARED_MEMBERS.getTarget().target);
+    public static final RuntimePermission ACCESS_THREADS_PERMISSION = new RuntimePermission(ACCESS_THREADS.getTarget().target);
+    public static final RuntimePermission ACCESS_THREADGROUPS_PERMISSION = new RuntimePermission(ACCESS_THREAD_GROUPS.getTarget().target);
 
     public static final AWTPermission AWT_PERMISSION = new AWTPermission(ALL_AWT.getTarget().target);
     public static final AudioPermission PLAY_AUDIO_PERMISSION = new AudioPermission(PLAY_AUDIO.getTarget().target);
@@ -93,8 +95,9 @@
     public static final Collection<Permission> ALL_PERMISSIONS, FILE_PERMISSIONS, PROPERTY_PERMISSIONS, NETWORK_PERMISSIONS, EXEC_PERMISSIONS,
             REFLECTION_PERMISSIONS, MEDIA_PERMISSIONS;
     static {
-        final Collection<Permission> all = new HashSet<Permission>(), file = new HashSet<Permission>(), property = new HashSet<Permission>(),
-                network = new HashSet<Permission>(), exec = new HashSet<Permission>(), reflection = new HashSet<Permission>(), media = new HashSet<Permission>();
+        final Collection<Permission> all = new HashSet<Permission>(), file = new HashSet<Permission>(),
+              property = new HashSet<Permission>(), network = new HashSet<Permission>(), exec = new HashSet<Permission>(),
+              reflection = new HashSet<Permission>(), media = new HashSet<Permission>();
 
         file.add(READ_LOCAL_FILES_PERMISSION);
         file.add(WRITE_LOCAL_FILES_PERMISSION);
@@ -121,6 +124,8 @@
         reflection.add(CLASSLOADER_PERMISSION);
         reflection.add(ACCESS_CLASS_IN_PACKAGE_PERMISSION);
         reflection.add(ACCESS_DECLARED_MEMBERS_PERMISSION);
+        reflection.add(ACCESS_THREADS_PERMISSION);
+        reflection.add(ACCESS_THREADGROUPS_PERMISSION);
         REFLECTION_PERMISSIONS = Collections.unmodifiableCollection(reflection);
 
         media.add(AWT_PERMISSION);
diff -r 80e5f17e3bbc -r 72e24f635c8b netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java	Mon Apr 14 15:20:30 2014 +0200
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PermissionTarget.java	Mon Apr 14 12:14:15 2014 -0400
@@ -52,6 +52,8 @@
     RECORD("record"),
     REFLECT("suppressAccessChecks"),
     GETENV("getenv.*"),
+    ACCESS_THREADS("modifyThread"),
+    ACCESS_THREAD_GROUPS("modifyThreadGroup"),
     ACCESS_CLASS_IN_PACKAGE("accessClassInPackage.*"),
     DECLARED_MEMBERS("accessDeclaredMembers"),
     CLASSLOADER("getClassLoader");
diff -r 80e5f17e3bbc -r 72e24f635c8b netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java
--- a/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java	Mon Apr 14 15:20:30 2014 +0200
+++ b/netx/net/sourceforge/jnlp/security/policyeditor/PolicyEditorPermissions.java	Mon Apr 14 12:14:15 2014 -0400
@@ -89,6 +89,12 @@
     ACCESS_DECLARED_MEMBERS(R("PEDeclaredMembers"), R("PEDeclaredMembersDetail"),
             PermissionType.RUNTIME_PERMISSION, PermissionTarget.DECLARED_MEMBERS, PermissionActions.NONE),
 
+    ACCESS_THREADS(R("PEAccessThreads"), R("PEAccessThreadsDetail"),
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.ACCESS_THREADS, PermissionActions.NONE),
+
+    ACCESS_THREAD_GROUPS(R("PEAccessThreadGroups"), R("PEAccessThreadGroupsDetail"),
+            PermissionType.RUNTIME_PERMISSION, PermissionTarget.ACCESS_THREAD_GROUPS, PermissionActions.NONE),
+
     NETWORK(R("PENetwork"), R("PENetworkDetail"),
             PermissionType.SOCKET_PERMISSION, PermissionTarget.ALL, PermissionActions.NETALL),
 
@@ -116,21 +122,19 @@
     public static enum Group {
 
         ReadFileSystem(R("PEGReadFileSystem"),  READ_LOCAL_FILES, READ_PROPERTIES, READ_SYSTEM_FILES, READ_TMP_FILES, GET_ENV),
-        WriteFileSystem(R("PEGWriteFileSystem"), WRITE_LOCAL_FILES, DELETE_LOCAL_FILES, WRITE_PROPERTIES, WRITE_SYSTEM_FILES, WRITE_TMP_FILES,
-                DELETE_TMP_FILES, EXEC_COMMANDS),
-        AccesUnowenedCode(R("PEGAccesUnowenedCode"), JAVA_REFLECTION, GET_CLASSLOADER, ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS),
+        WriteFileSystem(R("PEGWriteFileSystem"), WRITE_LOCAL_FILES, DELETE_LOCAL_FILES, WRITE_PROPERTIES, WRITE_SYSTEM_FILES, WRITE_TMP_FILES, DELETE_TMP_FILES, EXEC_COMMANDS),
+        AccessUnownedCode(R("PEGAccesUnowenedCode"), JAVA_REFLECTION, GET_CLASSLOADER, ACCESS_CLASS_IN_PACKAGE, ACCESS_DECLARED_MEMBERS, ACCESS_THREADS, ACCESS_THREAD_GROUPS),
         MediaAccess(R("PEGMediaAccess"), PLAY_AUDIO, RECORD_AUDIO, PRINT, CLIPBOARD);
 
         private final PolicyEditorPermissions[] permissions;
-        private final String title; 
+        private final String title;
         private Group(String title, PolicyEditorPermissions... permissions) {
             this.title = title;
             this.permissions = permissions;
-        
         }
 
         public static boolean anyContains(PolicyEditorPermissions permission) {
-            for (Group g : Group.values()) {
+            for (final Group g : Group.values()) {
                 if (g.contains(permission)) {
                     return true;
                 }

More information about the distro-pkg-dev mailing list