5.6. Permission Classes
Table 5-1 lists the various Permission subclasses, the target and action names they support, and the methods that require those permissions (in Java 1.2 and later).
Table 5-1. Permission Classes and the Methods They Govern
| Permission | Target, Action | Methods |
|---|---|---|
|
AWT-Permission | "accessClipboard" |
Toolkit.getSystemClipboard() |
| "accessEventQueue" |
Toolkit.getSystemEventQueue() |
|
| "listenToAllAWTEvents" |
Toolkit.{addAWTEventListener(), removeAWTEventListener()} |
|
| "readDisplayPixels" |
Graphics2D.setComposite() |
|
|
"showWindowWithout-WarningBanner" |
Window.Window() (if permission is not granted, window has an "insecure" indication) |
|
|
File-Permission | command, "execute" |
Runtime.exec() |
| filename, "delete" |
File.{delete(), deleteOnExit()} |
|
|
File-Permission | filename, "read" |
FileInputStream.FileInputStream(), File.{exists(), canRead(), isFile(), isDirectory(), isHidden(), lastModified(), length(), list(), listFiles()}, RandomAccessFile.RandomAccessFile(), ZipFile.ZipFile() |
| filename, "write" |
FileOutputStream.FileOutputStream(), File.{canWrite(), createNewFile(), createTempFile(), mkdir(), mkdirs(), renameTo(), setLastModified(), setReadOnly()}, RandomAccessFile.RandomAccessFile() |
|
|
Net-Permission |
"requestPassword-Authentication" |
Authenticator.requestPassword-Authentication() |
| "setDefaultAuthenticator" |
Authenticator.setDefault() |
|
| "specifyStreamHandler" |
URL.URL() |
|
|
Property-Permission | "*", "read, write" |
Beans.{setDesignTime(), setGuiAvailable()}, Introspector.setBeanInfo-SearchPath(), PropertyEditorManager.{register-Editor(), setEditorSearchPath()}, System.{getProperties(), setProperties()} |
| "user.language", "write" |
Locale.setDefault() |
|
| prop, "read" |
System.getProperty() |
|
| prop, "write" |
System.setProperty() |
|
|
Reflect-Permission | "suppressAccessChecks" |
AccessibleObject.setAccessible() |
|
Runtime-Permission |
"accessClassIn- Package.pkgname " |
Class.{getClasses(), getDeclaredClasses(), getConstructor(), getConstructors(), getDeclaredFields(), getDeclaredMethods(), getDeclaredConstructors(), getDeclaredField(), getDeclaredMethod(), getDeclaredConstructor(), |
|
Runtime-Permission |
getFields(), getMethods(), getField(), getMethod()} |
|
|
"accessDeclaredMembers" |
Class.{getClasses(), getDeclaredClasses(), getDeclaredFields(), getDeclaredMethods(), getDeclaredConstructors(), getDeclaredField(), getDeclaredMethod(), getDeclaredConstructor()} |
|
| "createClassLoader" |
ClassLoader.Class-Loader(), URLClassLoader.URL-ClassLoader(), SecureClassLoader.Secure-ClassLoader() |
|
| "exitVM" |
Runtime.{exit(), runFinalizersOnExit()}, System.{exit(), runFinalizersOnExit()} |
|
| "getClassLoader" |
Class.{forName(), getClassLoader()}, ClassLoader.{getSystemClassLoader(), getParent()}, Thread.getContextClassLoader() |
|
| "getProtectionDomain" |
Class.getProtectionDomain() |
|
| "loadLibrary.libName " |
Runtime.{load(), loadLibrary()}, System.{load(), loadLibrary()} |
|
| "modifyThread" |
Thread.{checkAccess(), interrupt(), suspend(), resume(), setPriority(), setName(), setDaemon()}, ThreadGroup.{interrupt(), stop()} |
|
| "modifyThreadGroup" |
Thread.{Thread(), enumerate()}, ThreadGroup.{ThreadGroup(), enumerate(), getParent(), interrupt(), setDaemon(), setMaxPriority(), stop(), suspend(), resume(), destroy()} |
|
| "queuePrintJob" |
Toolkit.getPrintJob() |
|
| "readFileDescriptor" |
FileInputStream.File-InputStream(FileDescriptor) |
|
| "setContextClassLoader" |
Thread.setContextClassLoader() |
|
|
Runtime-Permission | "setFactory" |
ServerSocket.setSocketFactory(), Socket.setSocketImplFactory(), URL.setURLStream-HandlerFactory(), URLConnection.{setContent-HandlerFactory(), setFileNameMap()}, HttpURLConnection.set-FollowRedirects(), activation.Activation-Group.{createGroup(), setSystem()}, server.RMISocketFactory.set-SocketFactory() |
| "setIO" |
System.{setIn(), setOut(), setErr()} |
|
| "setSecurityManager" |
System.setSecurityManager() |
|
| "stopThread" |
Thread.stop(), ThreadGroup.stop() |
|
| "writeFileDescriptor" |
FileOutputStream.File-OutputStream(FileDescriptor) |
|
|
Security- | "addIdentityCertificate" |
Identity.addCertificate() |
| Permission |
"clearProvider- Properties.provider " |
Provider.clear() |
| "getPolicy" |
Policy.getPolicy() |
|
| "getProperty.propname " |
Security.getProperty() |
|
| "getSignerPrivateKey" |
Signer.getPrivateKey() |
|
| "insertProvider.provider " |
Security.{addProvider(), insertProviderAt()} |
|
| "printIdentity" |
Identity.toString() |
|
|
"putProvider- Property.provider " |
Provider.put() |
|
| "removeIdentityCertificate" |
Identity.removeCertificate() |
|
|
"removeProvider.provider " |
Security.removeProvider() |
|
|
"removeProvider- Property.provider " |
Provider.remove() |
|
| "setIdentityInfo" |
Identity.setInfo(String) |
|
| "setIdentityPublicKey" |
Identity.setPublicKey() |
|
| "setPolicy" |
Policy.setPolicy(); |
|
| "setProperty.propname " |
Security.setProperty() |
|
| "setSignerKeypair" |
Signer.setKeyPair() |
|
| "setSystemScope" |
IdentityScope.setSystemScope() |
|
|
Serializable-Permission |
"enableSubclass- Implementation" |
ObjectInputStream.Object-InputStream(), ObjectOutputStream.Object-OutputStream() |
| "enableSubstitution" |
ObjectInputStream.enable-ResolveObject(), ObjectOutputStream.enable-ReplaceObject() |
|
|
Socket-Permission | "localhost:port ", "listen" |
ServerSocket.ServerSocket(), DatagramSocket.DatagramSocket(), MulticastSocket.MulticastSocket() |
| host, "accept, connect" |
MulticastSocket.{joinGroup(), leaveGroup(), send()} |
|
| host, "resolve" |
InetAddress.{getHostName(), getAllByName(), getLocalHost()}, DatagramSocket.getLocalAddress() |
|
| host:port, "accept" |
DatagramSocket.receive(), ServerSocket.{accept(), implAccept()} |
|
| host:port, "connect" |
 |  |  |
| 5.5. Security for Everyone |  | 6. JavaBeans |
Copyright © 2001 O'Reilly & Associates. All rights reserved.