libjava/java/lang/reflect/AccessibleObject.java

   1 /* java.lang.reflect.AccessibleObject
   2    Copyright (C) 2001 Free Software Foundation, Inc.
   3
   4 This file is part of GNU Classpath.
   5
   6 GNU Classpath is free software; you can redistribute it and/or modify
   7 it under the terms of the GNU General Public License as published by
   8 the Free Software Foundation; either version 2, or (at your option)
   9 any later version.
  10
  11 GNU Classpath is distributed in the hope that it will be useful, but
  12 WITHOUT ANY WARRANTY; without even the implied warranty of
  13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14 General Public License for more details.
  15
  16 You should have received a copy of the GNU General Public License
  17 along with GNU Classpath; see the file COPYING.  If not, write to the
  18 Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
  19 02111-1307 USA.
  20
  21 Linking this library statically or dynamically with other modules is
  22 making a combined work based on this library.  Thus, the terms and
  23 conditions of the GNU General Public License cover the whole
  24 combination.
  25
  26 As a special exception, the copyright holders of this library give you
  27 permission to link this library with independent modules to produce an
  28 executable, regardless of the license terms of these independent
  29 modules, and to copy and distribute the resulting executable under
  30 terms of your choice, provided that you also meet, for each linked
  31 independent module, the terms and conditions of the license of that
  32 module.  An independent module is a module which is not derived from
  33 or based on this library.  If you modify this library, you may extend
  34 this exception to your version of the library, but you are not
  35 obligated to do so.  If you do not wish to do so, delete this
  36 exception statement from your version. */
  37
  38
  39 package java.lang.reflect;
  40
  41 /**
  42  * This class is the superclass of various reflection classes, and
  43  * allows sufficiently trusted code to bypass normal restrictions to
  44  * do necessary things like invoke private methods outside of the
  45  * class during Serialization.  If you don't have a good reason
  46  * to mess with this, don't try. Fortunately, there are adequate
  47  * security checks before you can set a reflection object as accessible.
  48  *
  49  * @author Tom Tromey <tromey@cygnus.com>
  50  * @author Eric Blake <ebb9@email.byu.edu>
  51  * @see Field
  52  * @see Constructor
  53  * @see Method
  54  * @see ReflectPermission
  55  * @since 1.2
  56  * @status updated to 1.4
  57  */
  58 public class AccessibleObject
  59 {
  60   /**
  61    * True if this object is marked accessible, which means the reflected
  62    * object bypasses normal security checks. <em>NOTE</em>Don't try messing
  63    * with this by reflection.  You'll mess yourself up.
  64    */
  65   // default visibility for use by inherited classes
  66   boolean flag = false;
  67
  68   /**
  69    * Only the three reflection classes that extend this can create an
  70    * accessible object.  This is not serializable for security reasons.
  71    */
  72   protected AccessibleObject()
  73   {
  74   }
  75
  76   /**
  77    * Return the accessibility status of this object.
  78    *
  79    * @return true if this object bypasses security checks
  80    */
  81   public boolean isAccessible()
  82   {
  83     return flag;
  84   }
  85
  86   /**
  87    * Convenience method to set the flag on a number of objects with a single
  88    * security check. If a security manager exists, it is checked for
  89    * <code>ReflectPermission("suppressAccessChecks")</code>.<p>
  90    *
  91    * If <code>flag</code> is true, and the initial security check succeeds,
  92    * this can still fail if a forbidden object is encountered, leaving the
  93    * array half-modified. At the moment, the forbidden members are:<br>
  94    * <ul>
  95    *  <li>Any Constructor for java.lang.Class</li>
  96    *  <li>Any AccessibleObject for java.lang.reflect.AccessibleObject
  97    *      (this is not specified by Sun, but it closes a big security hole
  98    *      where you can use reflection to bypass the security checks that
  99    *      reflection is supposed to provide)</li>
 100    * </ul>
 101    * (Sun has not specified others, but good candidates might include
 102    * ClassLoader, String, and such. However, the more checks we do, the
 103    * slower this method gets).
 104    *
 105    * @param array the array of accessible objects
 106    * @param flag the desired state of accessibility, true to bypass security
 107    * @throws NullPointerException if array is null
 108    * @throws SecurityException if the request is denied
 109    * @see SecurityManager#checkPermission(java.security.Permission)
 110    * @see RuntimePermission
 111    */
 112   public static void setAccessible(AccessibleObject[] array, boolean flag)
 113   {
 114     checkPermission();
 115     for (int i = 0; i < array.length; i++)
 116       array[i].secureSetAccessible(flag);
 117   }
 118
 119   /**
 120    * Sets the accessibility flag for this reflection object. If a security
 121    * manager exists, it is checked for
 122    * <code>ReflectPermission("suppressAccessChecks")</code>.<p>
 123    *
 124    * If <code>flag</code> is true, and the initial security check succeeds,
 125    * this will still fail for a forbidden object. At the moment, the
 126    * forbidden members are:<br>
 127    * <ul>
 128    *  <li>Any Constructor for java.lang.Class</li>
 129    *  <li>Any AccessibleObject for java.lang.reflect.AccessibleObject
 130    *      (this is not specified by Sun, but it closes a big security hole
 131    *      where you can use reflection to bypass the security checks that
 132    *      reflection is supposed to provide)</li>
 133    * </ul>
 134    * (Sun has not specified others, but good candidates might include
 135    * ClassLoader, String, and such. However, the more checks we do, the
 136    * slower this method gets).
 137    *
 138    * @param flag the desired state of accessibility, true to bypass security
 139    * @throws NullPointerException if array is null
 140    * @throws SecurityException if the request is denied
 141    * @see SecurityManager#checkPermission(java.security.Permission)
 142    * @see RuntimePermission
 143    */
 144   public void setAccessible(boolean flag)
 145   {
 146     checkPermission();
 147     secureSetAccessible(flag);
 148   }
 149
 150   /**
 151    * Performs the specified security check, for
 152    * <code>ReflectPermission("suppressAccessChecks")</code>.
 153    *
 154    * @throws SecurityException if permission is denied
 155    */
 156   private static final void checkPermission()
 157   {
 158     SecurityManager sm = System.getSecurityManager();
 159     if (sm != null)
 160       sm.checkPermission(new ReflectPermission("suppressAccessChecks"));
 161   }
 162
 163   /**
 164    * Performs the actual accessibility change, this must always be invoked
 165    * after calling checkPermission.
 166    *
 167    * @param flag the desired status
 168    * @throws SecurityException if flag is true and this is one of the
 169    *         forbidden members mentioned in {@link setAccessible(boolean)}.
 170    */
 171   private final void secureSetAccessible(boolean flag)
 172   {
 173     if (flag &&
 174         ((this instanceof Constructor
 175           && ((Constructor) this).getDeclaringClass() == Class.class)
 176          || ((Member) this).getDeclaringClass() == AccessibleObject.class))
 177       throw new SecurityException("Cannot make object accessible: " + this);
 178     this.flag = flag;
 179   }
 180 }