From 0596fc07d788ad7baa5aad8354176d42a0192a9f Mon Sep 17 00:00:00 2001 From: gandalf Date: Thu, 16 Dec 2010 19:48:07 +0000 Subject: PR libgcj/46774: Create dynamic ProtectionDomain instances which check the system policy. 2010-12-13 Andrew John Hughes PR libgcj/46774 * libjava/java/security/VMAccessController.java: (DEFAULT_CONTEXT): Create ProtectionDomain with four argument constructor (arguments are the same as those implied by the two argument constructor). (getContext()): Create ProtectionDomain instances with four argument constructor using a null Principal array (as before) but including the classloader, which was always null before. git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/trunk@167952 138bc75d-0d04-0410-961f-82ee72b054a4 --- libjava/ChangeLog | 12 ++++++++++++ .../lib/java/security/VMAccessController.class | Bin 4797 -> 4908 bytes libjava/java/security/VMAccessController.java | 16 +++++++++------- 3 files changed, 21 insertions(+), 7 deletions(-) (limited to 'libjava') diff --git a/libjava/ChangeLog b/libjava/ChangeLog index 16cfc79099c..c53120d3086 100644 --- a/libjava/ChangeLog +++ b/libjava/ChangeLog @@ -1,3 +1,15 @@ +2010-12-13 Andrew John Hughes + + PR libgcj/46774 + * libjava/java/security/VMAccessController.java: + (DEFAULT_CONTEXT): Create ProtectionDomain with + four argument constructor (arguments are the same + as those implied by the two argument constructor). + (getContext()): Create ProtectionDomain instances + with four argument constructor using a null Principal + array (as before) but including the classloader, which + was always null before. + 2010-12-06 Dave Korn PR target/40125 diff --git a/libjava/classpath/lib/java/security/VMAccessController.class b/libjava/classpath/lib/java/security/VMAccessController.class index d05cd9c8456..9a129803916 100644 Binary files a/libjava/classpath/lib/java/security/VMAccessController.class and b/libjava/classpath/lib/java/security/VMAccessController.class differ diff --git a/libjava/java/security/VMAccessController.java b/libjava/java/security/VMAccessController.java index 8436c9ccb60..d214e1926d0 100644 --- a/libjava/java/security/VMAccessController.java +++ b/libjava/java/security/VMAccessController.java @@ -56,7 +56,7 @@ final class VMAccessController Permissions permissions = new Permissions(); permissions.add(new AllPermission()); ProtectionDomain[] domain = new ProtectionDomain[] { - new ProtectionDomain(source, permissions) + new ProtectionDomain(source, permissions, null, null) }; DEFAULT_CONTEXT = new AccessControlContext(domain); } @@ -121,7 +121,7 @@ final class VMAccessController LinkedList stack = state.getContexts(); if (!stack.isEmpty()) { - stack.removeFirst(); + stack.removeFirst(); } else if (DEBUG) { @@ -178,26 +178,27 @@ final class VMAccessController for (int i = 3; i < classes.length; i++) { Class clazz = classes[i]; + ClassLoader loader = clazz.getClassLoader(); if (DEBUG) { debug("checking " + clazz); // subject to getClassLoader RuntimePermission - debug("loader = " + clazz.getClassLoader()); + debug("loader = " + loader); } if (privileged && i == classes.length - 2) { // If there was a call to doPrivileged with a supplied context, - // return that context. If using JAAS doAs*, it should be - // a context with a SubjectDomainCombiner + // return that context. If using JAAS doAs*, it should be + // a context with a SubjectDomainCombiner LinkedList l = state.getContexts(); if (!l.isEmpty()) context = (AccessControlContext) l.getFirst(); } // subject to getProtectionDomain RuntimePermission - ProtectionDomain domain = clazz.getProtectionDomain(); + ProtectionDomain domain = clazz.getProtectionDomain(); if (domain == null) continue; @@ -208,7 +209,8 @@ final class VMAccessController // Create a static snapshot of this domain, which may change over time // if the current policy changes. domains.add(new ProtectionDomain(domain.getCodeSource(), - domain.getPermissions())); + domain.getPermissions(), + loader, null)); } if (DEBUG) -- cgit v1.2.1