1 *java.lang.SecurityManager* *SecurityManager* The security manager is a class th
3 public class SecurityManager
4 extends |java.lang.Object|
6 |java.lang.SecurityManager_Description|
7 |java.lang.SecurityManager_Fields|
8 |java.lang.SecurityManager_Constructors|
9 |java.lang.SecurityManager_Methods|
11 ================================================================================
13 *java.lang.SecurityManager_Fields*
14 |boolean_java.lang.SecurityManager.inCheck|
16 *java.lang.SecurityManager_Constructors*
17 |java.lang.SecurityManager()|Constructs a new SecurityManager.
19 *java.lang.SecurityManager_Methods*
20 |java.lang.SecurityManager.checkAccept(String,int)|Throws a SecurityException i
21 |java.lang.SecurityManager.checkAccess(Thread)|Throws a SecurityException if th
22 |java.lang.SecurityManager.checkAccess(ThreadGroup)|Throws a SecurityException
23 |java.lang.SecurityManager.checkAwtEventQueueAccess()|Throws a SecurityExceptio
24 |java.lang.SecurityManager.checkConnect(String,int)|Throws a SecurityException
25 |java.lang.SecurityManager.checkConnect(String,int,Object)|Throws a SecurityExc
26 |java.lang.SecurityManager.checkCreateClassLoader()|Throws a SecurityException
27 |java.lang.SecurityManager.checkDelete(String)|Throws a SecurityException if th
28 |java.lang.SecurityManager.checkExec(String)|Throws a SecurityException if the
29 |java.lang.SecurityManager.checkExit(int)|Throws a SecurityException if the c
30 |java.lang.SecurityManager.checkLink(String)|Throws a SecurityException if the
31 |java.lang.SecurityManager.checkListen(int)|Throws a SecurityException if the
32 |java.lang.SecurityManager.checkMemberAccess(Class<?>,int)|Throws a SecurityExc
33 |java.lang.SecurityManager.checkMulticast(InetAddress)|Throws a SecurityExcepti
34 |java.lang.SecurityManager.checkMulticast(InetAddress,byte)|Throws a SecurityEx
35 |java.lang.SecurityManager.checkPackageAccess(String)|Throws a SecurityExceptio
36 |java.lang.SecurityManager.checkPackageDefinition(String)|Throws a SecurityExce
37 |java.lang.SecurityManager.checkPermission(Permission)|Throws a SecurityExcepti
38 |java.lang.SecurityManager.checkPermission(Permission,Object)|Throws a Security
39 |java.lang.SecurityManager.checkPrintJobAccess()|Throws a SecurityException if
40 |java.lang.SecurityManager.checkPropertiesAccess()|Throws a SecurityException i
41 |java.lang.SecurityManager.checkPropertyAccess(String)|Throws a SecurityExcepti
42 |java.lang.SecurityManager.checkRead(FileDescriptor)|Throws a SecurityException
43 |java.lang.SecurityManager.checkRead(String)|Throws a SecurityException if the
44 |java.lang.SecurityManager.checkRead(String,Object)|Throws a SecurityException
45 |java.lang.SecurityManager.checkSecurityAccess(String)|Determines whether the p
46 |java.lang.SecurityManager.checkSetFactory()|Throws a SecurityException if the
47 |java.lang.SecurityManager.checkSystemClipboardAccess()|Throws a SecurityExcept
48 |java.lang.SecurityManager.checkTopLevelWindow(Object)|Returns false if the cal
49 |java.lang.SecurityManager.checkWrite(FileDescriptor)|Throws a SecurityExceptio
50 |java.lang.SecurityManager.checkWrite(String)|Throws a SecurityException if the
51 |java.lang.SecurityManager.classDepth(String)|Returns the stack depth of the sp
52 |java.lang.SecurityManager.classLoaderDepth()|Returns the stack depth of the mo
53 |java.lang.SecurityManager.currentClassLoader()|Returns the class loader of the
54 |java.lang.SecurityManager.currentLoadedClass()|Returns the class of the most r
55 |java.lang.SecurityManager.getClassContext()|Returns the current execution stac
56 |java.lang.SecurityManager.getInCheck()|Tests if there is a security check in p
57 |java.lang.SecurityManager.getSecurityContext()|Creates an object that encapsul
58 |java.lang.SecurityManager.getThreadGroup()|Returns the thread group into which
59 |java.lang.SecurityManager.inClass(String)|Tests if a method from a class with
60 |java.lang.SecurityManager.inClassLoader()|Basically, tests if a method from a
62 *java.lang.SecurityManager_Description*
64 The security manager is a class that allows applications to implement a
65 security policy. It allows an application to determine, before performing a
66 possibly unsafe or sensitive operation, what the operation is and whether it is
67 being attempted in a security context that allows the operation to be
68 performed. The application can allow or disallow the operation.
70 The SecurityManager class contains many methods with names that begin with the
71 word check. These methods are called by various methods in the Java libraries
72 before those methods perform certain potentially sensitive operations. The
73 invocation of such a check method typically looks like this:
75 SecurityManager security = System.getSecurityManager(); if (security != null) {
76 security.checkXXX(argument, ...); }
78 The security manager is thereby given an opportunity to prevent completion of
79 the operation by throwing an exception. A security manager routine simply
80 returns if the operation is permitted, but throws a SecurityException if the
81 operation is not permitted. The only exception to this convention is
82 checkTopLevelWindow, which returns a boolean value.
84 The current security manager is set by the setSecurityManager method in class
85 System. The current security manager is obtained by the getSecurityManager
88 The special method (|java.lang.SecurityManager|) determines whether an access
89 request indicated by a specified permission should be granted or denied. The
90 default implementation calls
94 AccessController.checkPermission(perm);
96 If a requested access is allowed, checkPermission returns quietly. If denied, a
97 SecurityException is thrown.
99 As of Java 2 SDK v1.2, the default implementation of each of the other check
100 methods in SecurityManager is to call the SecurityManager checkPermission
101 method to determine if the calling thread has permission to perform the
104 Note that the checkPermission method with just a single permission argument
105 always performs security checks within the context of the currently executing
106 thread. Sometimes a security check that should be made within a given context
107 will actually need to be done from within a different context (for example,
108 from within a worker thread). The
109 getSecurityContext(|java.lang.SecurityManager|) method and the
110 checkPermission(|java.lang.SecurityManager|) method that includes a context
111 argument are provided for this situation. The getSecurityContext method returns
112 a "snapshot" of the current calling context. (The default implementation
113 returns an AccessControlContext object.) A sample call is the following:
117 Object context = null; SecurityManager sm = System.getSecurityManager(); if (sm
118 != null) context = sm.getSecurityContext();
122 The checkPermission method that takes a context object in addition to a
123 permission makes access decisions based on that context, rather than on that of
124 the current execution thread. Code within a different context can thus call
125 that method, passing the permission and the previously-saved context object. A
126 sample call, using the SecurityManager sm obtained as in the previous example,
131 if (sm != null) sm.checkPermission(permission, context);
135 Permissions fall into these categories: File, Socket, Net, Security, Runtime,
136 Property, AWT, Reflect, and Serializable. The classes managing these various
137 permission categories are java.io.FilePermission, java.net.SocketPermission,
138 java.net.NetPermission, java.security.SecurityPermission,
139 java.lang.RuntimePermission, java.util.PropertyPermission,
140 java.awt.AWTPermission, java.lang.reflect.ReflectPermission, and
141 java.io.SerializablePermission.
143 All but the first two (FilePermission and SocketPermission) are subclasses of
144 java.security.BasicPermission, which itself is an abstract subclass of the
145 top-level class for permissions, which is java.security.Permission.
146 BasicPermission defines the functionality needed for all permissions that
147 contain a name that follows the hierarchical property naming convention (for
148 example, "exitVM", "setFactory", "queuePrintJob", etc). An asterisk may appear
149 at the end of the name, following a ".", or by itself, to signify a wildcard
150 match. For example: "a.*" or "*" is valid, "*a" or "a*b" is not valid.
152 FilePermission and SocketPermission are subclasses of the top-level class for
153 permissions (java.security.Permission). Classes like these that have a more
154 complicated name syntax than that used by BasicPermission subclass directly
155 from Permission rather than from BasicPermission. For example, for a
156 java.io.FilePermission object, the permission name is the path name of a file
159 Some of the permission classes have an "actions" list that tells the actions
160 that are permitted for the object. For example, for a java.io.FilePermission
161 object, the actions list (such as "read, write") specifies which actions are
162 granted for the specified file (or for files in the specified directory).
164 Other permission classes are for "named" permissions - ones that contain a name
165 but no actions list; you either have the named permission or you don't.
167 Note: There is also a java.security.AllPermission permission that implies all
168 permissions. It exists to simplify the work of system administrators who might
169 need to perform multiple tasks that require all (or numerous) permissions.
171 See Permissions in the JDK for permission-related information. This document
172 includes, for example, a table listing the various SecurityManager check
173 methods and the permission(s) the default implementation of each such method
174 requires. It also contains a table of all the version 1.2 methods that require
175 permissions, and for each such method tells which permission it requires.
177 For more information about SecurityManager changes made in the JDK and advice
178 regarding porting of 1.1-style security managers, see the security
183 *boolean_java.lang.SecurityManager.inCheck*
185 This field is true if there is a security check in progress; false otherwise.
189 *java.lang.SecurityManager()*
191 public SecurityManager()
193 Constructs a new SecurityManager.
195 If there is a security manager already installed, this method first calls the
196 security manager's checkPermission method with the
197 RuntimePermission("createSecurityManager") permission to ensure the calling
198 thread has permission to create a new security manager. This may result in
199 throwing a SecurityException.
202 *java.lang.SecurityManager.checkAccept(String,int)*
204 public void checkAccept(
205 java.lang.String host,
208 Throws a SecurityException if the calling thread is not permitted to accept a
209 socket connection from the specified host and port number.
211 This method is invoked for the current security manager by the accept method of
214 This method calls checkPermission with the
215 SocketPermission(host+":"+port,"accept") permission.
217 If you override this method, then you should make a call to super.checkAccept
218 at the point the overridden method would normally throw an exception.
221 host - the host name of the socket connection.
222 port - the port number of the socket connection.
224 *java.lang.SecurityManager.checkAccess(Thread)*
226 public void checkAccess(java.lang.Thread t)
228 Throws a SecurityException if the calling thread is not allowed to modify the
231 This method is invoked for the current security manager by the stop, suspend,
232 resume, setPriority, setName, and setDaemon methods of class Thread.
234 If the thread argument is a system thread (belongs to the thread group with a
235 null parent) then this method calls checkPermission with the
236 RuntimePermission("modifyThread") permission. If the thread argument is not a
237 system thread, this method just returns silently.
239 Applications that want a stricter policy should override this method. If this
240 method is overridden, the method that overrides it should additionally check to
241 see if the calling thread has the RuntimePermission("modifyThread") permission,
242 and if so, return silently. This is to ensure that code granted that permission
243 (such as the JDK itself) is allowed to manipulate any thread.
245 If this method is overridden, then super.checkAccess should be called by the
246 first statement in the overridden method, or the equivalent security check
247 should be placed in the overridden method.
250 t - the thread to be checked.
252 *java.lang.SecurityManager.checkAccess(ThreadGroup)*
254 public void checkAccess(java.lang.ThreadGroup g)
256 Throws a SecurityException if the calling thread is not allowed to modify the
257 thread group argument.
259 This method is invoked for the current security manager when a new child thread
260 or child thread group is created, and by the setDaemon, setMaxPriority, stop,
261 suspend, resume, and destroy methods of class ThreadGroup.
263 If the thread group argument is the system thread group ( has a null parent)
264 then this method calls checkPermission with the
265 RuntimePermission("modifyThreadGroup") permission. If the thread group argument
266 is not the system thread group, this method just returns silently.
268 Applications that want a stricter policy should override this method. If this
269 method is overridden, the method that overrides it should additionally check to
270 see if the calling thread has the RuntimePermission("modifyThreadGroup")
271 permission, and if so, return silently. This is to ensure that code granted
272 that permission (such as the JDK itself) is allowed to manipulate any thread.
274 If this method is overridden, then super.checkAccess should be called by the
275 first statement in the overridden method, or the equivalent security check
276 should be placed in the overridden method.
279 g - the thread group to be checked.
281 *java.lang.SecurityManager.checkAwtEventQueueAccess()*
283 public void checkAwtEventQueueAccess()
285 Throws a SecurityException if the calling thread is not allowed to access the
288 This method calls checkPermission with the AWTPermission("accessEventQueue")
291 If you override this method, then you should make a call to
292 super.checkAwtEventQueueAccess at the point the overridden method would
293 normally throw an exception.
297 *java.lang.SecurityManager.checkConnect(String,int)*
299 public void checkConnect(
300 java.lang.String host,
303 Throws a SecurityException if the calling thread is not allowed to open a
304 socket connection to the specified host and port number.
306 A port number of -1 indicates that the calling method is attempting to
307 determine the IP address of the specified host name.
309 This method calls checkPermission with the
310 SocketPermission(host+":"+port,"connect") permission if the port is not equal
311 to -1. If the port is equal to -1, then it calls checkPermission with the
312 SocketPermission(host,"resolve") permission.
314 If you override this method, then you should make a call to super.checkConnect
315 at the point the overridden method would normally throw an exception.
318 host - the host name port to connect to.
319 port - the protocol port to connect to.
321 *java.lang.SecurityManager.checkConnect(String,int,Object)*
323 public void checkConnect(
324 java.lang.String host,
326 java.lang.Object context)
328 Throws a SecurityException if the specified security context is not allowed to
329 open a socket connection to the specified host and port number.
331 A port number of -1 indicates that the calling method is attempting to
332 determine the IP address of the specified host name. If context is not an
333 instance of AccessControlContext then a SecurityException is thrown.
335 Otherwise, the port number is checked. If it is not equal to -1, the context's
336 checkPermission method is called with a
337 SocketPermission(host+":"+port,"connect") permission. If the port is equal to
338 -1, then the context's checkPermission method is called with a
339 SocketPermission(host,"resolve") permission.
341 If you override this method, then you should make a call to super.checkConnect
342 at the point the overridden method would normally throw an exception.
345 host - the host name port to connect to.
346 port - the protocol port to connect to.
347 context - a system-dependent security context.
349 *java.lang.SecurityManager.checkCreateClassLoader()*
351 public void checkCreateClassLoader()
353 Throws a SecurityException if the calling thread is not allowed to create a new
356 This method calls checkPermission with the
357 RuntimePermission("createClassLoader") permission.
359 If you override this method, then you should make a call to
360 super.checkCreateClassLoader at the point the overridden method would normally
365 *java.lang.SecurityManager.checkDelete(String)*
367 public void checkDelete(java.lang.String file)
369 Throws a SecurityException if the calling thread is not allowed to delete the
372 This method is invoked for the current security manager by the delete method of
375 This method calls checkPermission with the FilePermission(file,"delete")
378 If you override this method, then you should make a call to super.checkDelete
379 at the point the overridden method would normally throw an exception.
382 file - the system-dependent filename.
384 *java.lang.SecurityManager.checkExec(String)*
386 public void checkExec(java.lang.String cmd)
388 Throws a SecurityException if the calling thread is not allowed to create a
391 This method is invoked for the current security manager by the exec methods of
394 This method calls checkPermission with the FilePermission(cmd,"execute")
395 permission if cmd is an absolute path, otherwise it calls checkPermission with
396 FilePermission("<<ALL FILES>>","execute").
398 If you override this method, then you should make a call to super.checkExec at
399 the point the overridden method would normally throw an exception.
402 cmd - the specified system command.
404 *java.lang.SecurityManager.checkExit(int)*
406 public void checkExit(int status)
408 Throws a SecurityException if the calling thread is not allowed to cause the
409 Java Virtual Machine to halt with the specified status code.
411 This method is invoked for the current security manager by the exit method of
412 class Runtime. A status of 0 indicates success; other values indicate various
415 This method calls checkPermission with the RuntimePermission("exitVM."+status)
418 If you override this method, then you should make a call to super.checkExit at
419 the point the overridden method would normally throw an exception.
422 status - the exit status.
424 *java.lang.SecurityManager.checkLink(String)*
426 public void checkLink(java.lang.String lib)
428 Throws a SecurityException if the calling thread is not allowed to dynamic link
429 the library code specified by the string argument file. The argument is either
430 a simple library name or a complete filename.
432 This method is invoked for the current security manager by methods load and
433 loadLibrary of class Runtime.
435 This method calls checkPermission with the
436 RuntimePermission("loadLibrary."+lib) permission.
438 If you override this method, then you should make a call to super.checkLink at
439 the point the overridden method would normally throw an exception.
442 lib - the name of the library.
444 *java.lang.SecurityManager.checkListen(int)*
446 public void checkListen(int port)
448 Throws a SecurityException if the calling thread is not allowed to wait for a
449 connection request on the specified local port number.
451 If port is not 0, this method calls checkPermission with the
452 SocketPermission("localhost:"+port,"listen"). If port is zero, this method
453 calls checkPermission with SocketPermission("localhost:1024-","listen").
455 If you override this method, then you should make a call to super.checkListen
456 at the point the overridden method would normally throw an exception.
459 port - the local port.
461 *java.lang.SecurityManager.checkMemberAccess(Class<?>,int)*
463 public void checkMemberAccess(
464 java.lang.Class<?> clazz,
467 Throws a SecurityException if the calling thread is not allowed to access
470 The default policy is to allow access to PUBLIC members, as well as access to
471 classes that have the same class loader as the caller. In all other cases, this
472 method calls checkPermission with the
473 RuntimePermission("accessDeclaredMembers") permission.
475 If this method is overridden, then a call to super.checkMemberAccess cannot be
476 made, as the default implementation of checkMemberAccess relies on the code
477 being checked being at a stack depth of 4.
480 clazz - the class that reflection is to be performed on.
481 which - type of access, PUBLIC or DECLARED.
483 *java.lang.SecurityManager.checkMulticast(InetAddress)*
485 public void checkMulticast(java.net.InetAddress maddr)
487 Throws a SecurityException if the calling thread is not allowed to use
488 (join/leave/send/receive) IP multicast.
490 This method calls checkPermission with the
491 java.net.SocketPermission(maddr.getHostAddress(), "accept,connect") permission.
493 If you override this method, then you should make a call to
494 super.checkMulticast at the point the overridden method would normally throw an
498 maddr - Internet group address to be used.
500 *java.lang.SecurityManager.checkMulticast(InetAddress,byte)*
502 public void checkMulticast(
503 java.net.InetAddress maddr,
506 Throws a SecurityException if the calling thread is not allowed to use
507 (join/leave/send/receive) IP multicast.
509 This method calls checkPermission with the
510 java.net.SocketPermission(maddr.getHostAddress(), "accept,connect") permission.
512 If you override this method, then you should make a call to
513 super.checkMulticast at the point the overridden method would normally throw an
516 Deprecated: Use #checkPermission(java.security.Permission) instead
518 maddr - Internet group address to be used.
519 ttl - value in use, if it is multicast send. Note: this particular implementation
520 does not use the ttl parameter.
522 *java.lang.SecurityManager.checkPackageAccess(String)*
524 public void checkPackageAccess(java.lang.String pkg)
526 Throws a SecurityException if the calling thread is not allowed to access the
527 package specified by the argument.
529 This method is used by the loadClass method of class loaders.
531 This method first gets a list of restricted packages by obtaining a
532 comma-separated list from a call to
533 java.security.Security.getProperty("package.access"), and checks to see if pkg
534 starts with or equals any of the restricted packages. If it does, then
535 checkPermission gets called with the
536 RuntimePermission("accessClassInPackage."+pkg) permission.
538 If this method is overridden, then super.checkPackageAccess should be called as
539 the first line in the overridden method.
542 pkg - the package name.
544 *java.lang.SecurityManager.checkPackageDefinition(String)*
546 public void checkPackageDefinition(java.lang.String pkg)
548 Throws a SecurityException if the calling thread is not allowed to define
549 classes in the package specified by the argument.
551 This method is used by the loadClass method of some class loaders.
553 This method first gets a list of restricted packages by obtaining a
554 comma-separated list from a call to
555 java.security.Security.getProperty("package.definition"), and checks to see if
556 pkg starts with or equals any of the restricted packages. If it does, then
557 checkPermission gets called with the
558 RuntimePermission("defineClassInPackage."+pkg) permission.
560 If this method is overridden, then super.checkPackageDefinition should be
561 called as the first line in the overridden method.
564 pkg - the package name.
566 *java.lang.SecurityManager.checkPermission(Permission)*
568 public void checkPermission(java.security.Permission perm)
570 Throws a SecurityException if the requested access, specified by the given
571 permission, is not permitted based on the security policy currently in effect.
573 This method calls AccessController.checkPermission with the given permission.
576 perm - the requested permission.
578 *java.lang.SecurityManager.checkPermission(Permission,Object)*
580 public void checkPermission(
581 java.security.Permission perm,
582 java.lang.Object context)
584 Throws a SecurityException if the specified security context is denied access
585 to the resource specified by the given permission. The context must be a
586 security context returned by a previous call to getSecurityContext and the
587 access control decision is based upon the configured security policy for that
590 If context is an instance of AccessControlContext then the
591 AccessControlContext.checkPermission method is invoked with the specified
594 If context is not an instance of AccessControlContext then a SecurityException
598 perm - the specified permission
599 context - a system-dependent security context.
601 *java.lang.SecurityManager.checkPrintJobAccess()*
603 public void checkPrintJobAccess()
605 Throws a SecurityException if the calling thread is not allowed to initiate a
608 This method calls checkPermission with the RuntimePermission("queuePrintJob")
611 If you override this method, then you should make a call to
612 super.checkPrintJobAccess at the point the overridden method would normally
617 *java.lang.SecurityManager.checkPropertiesAccess()*
619 public void checkPropertiesAccess()
621 Throws a SecurityException if the calling thread is not allowed to access or
622 modify the system properties.
624 This method is used by the getProperties and setProperties methods of class
627 This method calls checkPermission with the PropertyPermission("*",
628 "read,write") permission.
630 If you override this method, then you should make a call to
631 super.checkPropertiesAccess at the point the overridden method would normally
636 *java.lang.SecurityManager.checkPropertyAccess(String)*
638 public void checkPropertyAccess(java.lang.String key)
640 Throws a SecurityException if the calling thread is not allowed to access the
641 system property with the specified key name.
643 This method is used by the getProperty method of class System.
645 This method calls checkPermission with the PropertyPermission(key, "read")
648 If you override this method, then you should make a call to
649 super.checkPropertyAccess at the point the overridden method would normally
653 key - a system property key.
655 *java.lang.SecurityManager.checkRead(FileDescriptor)*
657 public void checkRead(java.io.FileDescriptor fd)
659 Throws a SecurityException if the calling thread is not allowed to read from
660 the specified file descriptor.
662 This method calls checkPermission with the
663 RuntimePermission("readFileDescriptor") permission.
665 If you override this method, then you should make a call to super.checkRead at
666 the point the overridden method would normally throw an exception.
669 fd - the system-dependent file descriptor.
671 *java.lang.SecurityManager.checkRead(String)*
673 public void checkRead(java.lang.String file)
675 Throws a SecurityException if the calling thread is not allowed to read the
676 file specified by the string argument.
678 This method calls checkPermission with the FilePermission(file,"read")
681 If you override this method, then you should make a call to super.checkRead at
682 the point the overridden method would normally throw an exception.
685 file - the system-dependent file name.
687 *java.lang.SecurityManager.checkRead(String,Object)*
689 public void checkRead(
690 java.lang.String file,
691 java.lang.Object context)
693 Throws a SecurityException if the specified security context is not allowed to
694 read the file specified by the string argument. The context must be a security
695 context returned by a previous call to getSecurityContext. If context is an
696 instance of AccessControlContext then the AccessControlContext.checkPermission
697 method will be invoked with the FilePermission(file,"read") permission. If
698 context is not an instance of AccessControlContext then a SecurityException is
701 If you override this method, then you should make a call to super.checkRead at
702 the point the overridden method would normally throw an exception.
705 file - the system-dependent filename.
706 context - a system-dependent security context.
708 *java.lang.SecurityManager.checkSecurityAccess(String)*
710 public void checkSecurityAccess(java.lang.String target)
712 Determines whether the permission with the specified permission target name
713 should be granted or denied.
715 If the requested permission is allowed, this method returns quietly. If denied,
716 a SecurityException is raised.
718 This method creates a SecurityPermission object for the given permission target
719 name and calls checkPermission with it.
721 See the documentation for (|java.security.SecurityPermission|) for a list of
722 possible permission target names.
724 If you override this method, then you should make a call to
725 super.checkSecurityAccess at the point the overridden method would normally
729 target - the target name of the SecurityPermission.
731 *java.lang.SecurityManager.checkSetFactory()*
733 public void checkSetFactory()
735 Throws a SecurityException if the calling thread is not allowed to set the
736 socket factory used by ServerSocket or Socket, or the stream handler factory
739 This method calls checkPermission with the RuntimePermission("setFactory")
742 If you override this method, then you should make a call to
743 super.checkSetFactory at the point the overridden method would normally throw
748 *java.lang.SecurityManager.checkSystemClipboardAccess()*
750 public void checkSystemClipboardAccess()
752 Throws a SecurityException if the calling thread is not allowed to access the
755 This method calls checkPermission with the AWTPermission("accessClipboard")
758 If you override this method, then you should make a call to
759 super.checkSystemClipboardAccess at the point the overridden method would
760 normally throw an exception.
764 *java.lang.SecurityManager.checkTopLevelWindow(Object)*
766 public boolean checkTopLevelWindow(java.lang.Object window)
768 Returns false if the calling thread is not trusted to bring up the top-level
769 window indicated by the window argument. In this case, the caller can still
770 decide to show the window, but the window should include some sort of visual
771 warning. If the method returns true, then the window can be shown without any
772 special restrictions.
774 See class Window for more information on trusted and untrusted windows.
776 This method calls checkPermission with the
777 AWTPermission("showWindowWithoutWarningBanner") permission, and returns true if
778 a SecurityException is not thrown, otherwise it returns false.
780 If you override this method, then you should make a call to
781 super.checkTopLevelWindow at the point the overridden method would normally
782 return false, and the value of super.checkTopLevelWindow should be returned.
785 window - the new window that is being created.
787 Returns: true if the calling thread is trusted to put up top-level windows; false
790 *java.lang.SecurityManager.checkWrite(FileDescriptor)*
792 public void checkWrite(java.io.FileDescriptor fd)
794 Throws a SecurityException if the calling thread is not allowed to write to the
795 specified file descriptor.
797 This method calls checkPermission with the
798 RuntimePermission("writeFileDescriptor") permission.
800 If you override this method, then you should make a call to super.checkWrite at
801 the point the overridden method would normally throw an exception.
804 fd - the system-dependent file descriptor.
806 *java.lang.SecurityManager.checkWrite(String)*
808 public void checkWrite(java.lang.String file)
810 Throws a SecurityException if the calling thread is not allowed to write to the
811 file specified by the string argument.
813 This method calls checkPermission with the FilePermission(file,"write")
816 If you override this method, then you should make a call to super.checkWrite at
817 the point the overridden method would normally throw an exception.
820 file - the system-dependent filename.
822 *java.lang.SecurityManager.classDepth(String)*
824 protected native int classDepth(java.lang.String name)
826 Returns the stack depth of the specified class.
828 Deprecated: This type of security checking is not recommended.
829 It is recommended that the <code>checkPermission</code>
830 call be used instead.
832 name - the fully qualified name of the class to search for.
834 Returns: the depth on the stack frame of the first occurrence of a method from a class
835 with the specified name; -1 if such a frame cannot be found.
837 *java.lang.SecurityManager.classLoaderDepth()*
839 protected int classLoaderDepth()
841 Returns the stack depth of the most recently executing method from a class
842 defined using a non-system class loader. A non-system class loader is defined
843 as being a class loader that is not equal to the system class loader (as
844 returned by (|java.lang.ClassLoader|) ) or one of its ancestors.
846 This method will return -1 in the following three cases:
848 All methods on the execution stack are from classes defined using the system
849 class loader or one of its ancestors.
851 All methods on the execution stack up to the first "privileged" caller (see
852 (|java.security.AccessController|) ) are from classes defined using the system
853 class loader or one of its ancestors.
855 A call to checkPermission with java.security.AllPermission does not result in a
860 Deprecated: This type of security checking is not recommended.
861 It is recommended that the <code>checkPermission</code>
862 call be used instead.
865 Returns: the depth on the stack frame of the most recent occurrence of a method from a
866 class defined using a non-system class loader.
868 *java.lang.SecurityManager.currentClassLoader()*
870 protected |java.lang.ClassLoader| currentClassLoader()
872 Returns the class loader of the most recently executing method from a class
873 defined using a non-system class loader. A non-system class loader is defined
874 as being a class loader that is not equal to the system class loader (as
875 returned by (|java.lang.ClassLoader|) ) or one of its ancestors.
877 This method will return null in the following three cases:
879 All methods on the execution stack are from classes defined using the system
880 class loader or one of its ancestors.
882 All methods on the execution stack up to the first "privileged" caller (see
883 (|java.security.AccessController|) ) are from classes defined using the system
884 class loader or one of its ancestors.
886 A call to checkPermission with java.security.AllPermission does not result in a
891 Deprecated: This type of security checking is not recommended.
892 It is recommended that the <code>checkPermission</code>
893 call be used instead.
896 Returns: the class loader of the most recent occurrence on the stack of a method from a
897 class defined using a non-system class loader.
899 *java.lang.SecurityManager.currentLoadedClass()*
901 protected |java.lang.Class|<?> currentLoadedClass()
903 Returns the class of the most recently executing method from a class defined
904 using a non-system class loader. A non-system class loader is defined as being
905 a class loader that is not equal to the system class loader (as returned by
906 (|java.lang.ClassLoader|) ) or one of its ancestors.
908 This method will return null in the following three cases:
910 All methods on the execution stack are from classes defined using the system
911 class loader or one of its ancestors.
913 All methods on the execution stack up to the first "privileged" caller (see
914 (|java.security.AccessController|) ) are from classes defined using the system
915 class loader or one of its ancestors.
917 A call to checkPermission with java.security.AllPermission does not result in a
922 Deprecated: This type of security checking is not recommended.
923 It is recommended that the <code>checkPermission</code>
924 call be used instead.
927 Returns: the class of the most recent occurrence on the stack of a method from a class
928 defined using a non-system class loader.
930 *java.lang.SecurityManager.getClassContext()*
932 protected native |java.lang.Class|[] getClassContext()
934 Returns the current execution stack as an array of classes.
936 The length of the array is the number of methods on the execution stack. The
937 element at index 0 is the class of the currently executing method, the element
938 at index 1 is the class of that method's caller, and so on.
942 Returns: the execution stack.
944 *java.lang.SecurityManager.getInCheck()*
946 public boolean getInCheck()
948 Tests if there is a security check in progress.
950 Deprecated: This type of security checking is not recommended.
951 It is recommended that the <code>checkPermission</code>
952 call be used instead.
955 Returns: the value of the inCheck field. This field should contain true if a security
956 check is in progress, false otherwise.
958 *java.lang.SecurityManager.getSecurityContext()*
960 public |java.lang.Object| getSecurityContext()
962 Creates an object that encapsulates the current execution environment. The
963 result of this method is used, for example, by the three-argument checkConnect
964 method and by the two-argument checkRead method. These methods are needed
965 because a trusted method may be called on to read a file or open a socket on
966 behalf of another method. The trusted method needs to determine if the other
967 (possibly untrusted) method would be allowed to perform the operation on its
968 own. The default implementation of this method is to return an
969 AccessControlContext object.
973 Returns: an implementation-dependent object that encapsulates sufficient information
974 about the current execution environment to perform some security
977 *java.lang.SecurityManager.getThreadGroup()*
979 public |java.lang.ThreadGroup| getThreadGroup()
981 Returns the thread group into which to instantiate any new thread being created
982 at the time this is being called. By default, it returns the thread group of
983 the current thread. This should be overridden by a specific security manager to
984 return the appropriate thread group.
988 Returns: ThreadGroup that new threads are instantiated into
990 *java.lang.SecurityManager.inClass(String)*
992 protected boolean inClass(java.lang.String name)
994 Tests if a method from a class with the specified name is on the execution
997 Deprecated: This type of security checking is not recommended.
998 It is recommended that the <code>checkPermission</code>
999 call be used instead.
1001 name - the fully qualified name of the class.
1003 Returns: true if a method from a class with the specified name is on the execution
1004 stack; false otherwise.
1006 *java.lang.SecurityManager.inClassLoader()*
1008 protected boolean inClassLoader()
1010 Basically, tests if a method from a class defined using a class loader is on
1011 the execution stack.
1013 Deprecated: This type of security checking is not recommended.
1014 It is recommended that the <code>checkPermission</code>
1015 call be used instead.
1018 Returns: true if a call to currentClassLoader has a non-null return value.