Table 5-1 lists the various Permission subclasses, the target and action names they support, and the methods that require those permissions (in Java 1.2 and later).
Permission | Target, Action | Methods |
---|---|---|
AWT-Permission | "accessClipboard" |
Toolkit.getSystemClipboard() |
"accessEventQueue" |
Toolkit.getSystemEventQueue() |
|
"listenToAllAWTEvents" |
Toolkit.{addAWTEventListener(), removeAWTEventListener()} |
|
"readDisplayPixels" |
Graphics2D.setComposite() |
|
"showWindowWithout-WarningBanner" |
Window.Window() (if permission is not granted, window has an "insecure" indication) |
|
File-Permission | command, "execute" |
Runtime.exec() |
filename, "delete" |
File.{delete(), deleteOnExit()} |
|
File-Permission | filename, "read" |
FileInputStream.FileInputStream(), File.{exists(), canRead(), isFile(), isDirectory(), isHidden(), lastModified(), length(), list(), listFiles()}, RandomAccessFile.RandomAccessFile(), ZipFile.ZipFile() |
filename, "write" |
FileOutputStream.FileOutputStream(), File.{canWrite(), createNewFile(), createTempFile(), mkdir(), mkdirs(), renameTo(), setLastModified(), setReadOnly()}, RandomAccessFile.RandomAccessFile() |
|
Net-Permission |
"requestPassword-Authentication" |
Authenticator.requestPassword-Authentication() |
"setDefaultAuthenticator" |
Authenticator.setDefault() |
|
"specifyStreamHandler" |
URL.URL() |
|
Property-Permission | "*", "read, write" |
Beans.{setDesignTime(), setGuiAvailable()}, Introspector.setBeanInfo-SearchPath(), PropertyEditorManager.{register-Editor(), setEditorSearchPath()}, System.{getProperties(), setProperties()} |
"user.language", "write" |
Locale.setDefault() |
|
prop, "read" |
System.getProperty() |
|
prop, "write" |
System.setProperty() |
|
Reflect-Permission | "suppressAccessChecks" |
AccessibleObject.setAccessible() |
Runtime-Permission |
"accessClassIn- Package.pkgname " |
Class.{getClasses(), getDeclaredClasses(), getConstructor(), getConstructors(), getDeclaredFields(), getDeclaredMethods(), getDeclaredConstructors(), getDeclaredField(), getDeclaredMethod(), getDeclaredConstructor(), |
Runtime-Permission |
getFields(), getMethods(), getField(), getMethod()} |
|
"accessDeclaredMembers" |
Class.{getClasses(), getDeclaredClasses(), getDeclaredFields(), getDeclaredMethods(), getDeclaredConstructors(), getDeclaredField(), getDeclaredMethod(), getDeclaredConstructor()} |
|
"createClassLoader" |
ClassLoader.Class-Loader(), URLClassLoader.URL-ClassLoader(), SecureClassLoader.Secure-ClassLoader() |
|
"exitVM" |
Runtime.{exit(), runFinalizersOnExit()}, System.{exit(), runFinalizersOnExit()} |
|
"getClassLoader" |
Class.{forName(), getClassLoader()}, ClassLoader.{getSystemClassLoader(), getParent()}, Thread.getContextClassLoader() |
|
"getProtectionDomain" |
Class.getProtectionDomain() |
|
"loadLibrary.libName " |
Runtime.{load(), loadLibrary()}, System.{load(), loadLibrary()} |
|
"modifyThread" |
Thread.{checkAccess(), interrupt(), suspend(), resume(), setPriority(), setName(), setDaemon()}, ThreadGroup.{interrupt(), stop()} |
|
"modifyThreadGroup" |
Thread.{Thread(), enumerate()}, ThreadGroup.{ThreadGroup(), enumerate(), getParent(), interrupt(), setDaemon(), setMaxPriority(), stop(), suspend(), resume(), destroy()} |
|
"queuePrintJob" |
Toolkit.getPrintJob() |
|
"readFileDescriptor" |
FileInputStream.File-InputStream(FileDescriptor) |
|
"setContextClassLoader" |
Thread.setContextClassLoader() |
|
Runtime-Permission | "setFactory" |
ServerSocket.setSocketFactory(), Socket.setSocketImplFactory(), URL.setURLStream-HandlerFactory(), URLConnection.{setContent-HandlerFactory(), setFileNameMap()}, HttpURLConnection.set-FollowRedirects(), activation.Activation-Group.{createGroup(), setSystem()}, server.RMISocketFactory.set-SocketFactory() |
"setIO" |
System.{setIn(), setOut(), setErr()} |
|
"setSecurityManager" |
System.setSecurityManager() |
|
"stopThread" |
Thread.stop(), ThreadGroup.stop() |
|
"writeFileDescriptor" |
FileOutputStream.File-OutputStream(FileDescriptor) |
|
Security- | "addIdentityCertificate" |
Identity.addCertificate() |
Permission |
"clearProvider- Properties.provider " |
Provider.clear() |
"getPolicy" |
Policy.getPolicy() |
|
"getProperty.propname " |
Security.getProperty() |
|
"getSignerPrivateKey" |
Signer.getPrivateKey() |
|
"insertProvider.provider " |
Security.{addProvider(), insertProviderAt()} |
|
"printIdentity" |
Identity.toString() |
|
"putProvider- Property.provider " |
Provider.put() |
|
"removeIdentityCertificate" |
Identity.removeCertificate() |
|
"removeProvider.provider " |
Security.removeProvider() |
|
"removeProvider- Property.provider " |
Provider.remove() |
|
"setIdentityInfo" |
Identity.setInfo(String) |
|
"setIdentityPublicKey" |
Identity.setPublicKey() |
|
"setPolicy" |
Policy.setPolicy(); |
|
"setProperty.propname " |
Security.setProperty() |
|
"setSignerKeypair" |
Signer.setKeyPair() |
|
"setSystemScope" |
IdentityScope.setSystemScope() |
|
Serializable-Permission |
"enableSubclass- Implementation" |
ObjectInputStream.Object-InputStream(), ObjectOutputStream.Object-OutputStream() |
"enableSubstitution" |
ObjectInputStream.enable-ResolveObject(), ObjectOutputStream.enable-ReplaceObject() |
|
Socket-Permission | "localhost:port ", "listen" |
ServerSocket.ServerSocket(), DatagramSocket.DatagramSocket(), MulticastSocket.MulticastSocket() |
host, "accept, connect" |
MulticastSocket.{joinGroup(), leaveGroup(), send()} |
|
host, "resolve" |
InetAddress.{getHostName(), getAllByName(), getLocalHost()}, DatagramSocket.getLocalAddress() |
|
host:port, "accept" |
DatagramSocket.receive(), ServerSocket.{accept(), implAccept()} |
|
host:port, "connect" |
Copyright © 2001 O'Reilly & Associates. All rights reserved.