Examples of java.lang.management.ManagementPermission

• java.lang.management.ManagementPermission
  The permission which the SecurityManager will check when code that is running with a SecurityManager calls methods defined in the management interface for the Java platform.

  The following table provides a summary description of what the permission allows, and discusses the risks of granting code the permission.

  Permission Target Name	What the Permission Allows	Risks of Allowing this Permission
  control	Ability to control the runtime characteristics of the Java virtual machine, for example, setting the -verbose:gc and -verbose:class flag, setting the threshold of a memory pool, and enabling and disabling the thread contention monitoring support.	This allows an attacker to control the runtime characteristics of the Java virtual machine and cause the system to misbehave.
  monitor	Ability to retrieve runtime information about the Java virtual machine such as thread stack trace, a list of all loaded class names, and input arguments to the Java virtual machine.	This allows malicious code to monitor runtime information and uncover vulnerabilities.

  Programmers do not normally create ManagementPermission objects directly. Instead they are created by the security policy code based on reading the security policy file. @author Mandy Chung @version 1.5, 04/21/06 @since 1.5 @see java.security.BasicPermission @see java.security.Permission @see java.security.Permissions @see java.security.PermissionCollection @see java.lang.SecurityManager

     * Method to test whether a given user has permission to execute the given method.
     */
    public static void checkSecurity() {
        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
            secMan.checkPermission(new ManagementPermission("control"));
        }
    }

        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
            StackTraceElement[] trace = Thread.currentThread().getStackTrace();
            String callingClass = trace[3].getClassName();
            if (!allowedClasses.contains(callingClass)) {
                secMan.checkPermission(new ManagementPermission("control"));
            }
        }
    }/**

                if (allowedMethods.keySet().contains(callingClass)
                        && allowedMethods.get(callingClass).equals(methodName)) {
                    return;
                }
            }
            secMan.checkPermission(new ManagementPermission("control"));
        }
    }

    // Initializes caching manager
        CarbonContextHolder.getCurrentCarbonContextHolder();
        // Need permissions in order to instantiate user core
        SecurityManager secMan = System.getSecurityManager();
        if(secMan != null){
           secMan.checkPermission(new ManagementPermission("control"));
        }
        try {
            RealmService realmService = new DefaultRealmService(bundleContext);
            bundleContext.registerService(RealmService.class.getName(), realmService, null);
            DatabaseUtil.logDatabaseConnections();

public class FrameworkRestarter implements Runnable {

    public void run() {
        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
            secMan.checkPermission(new ManagementPermission("control"));
        }

        if (CarbonUtils.isRunningInStandaloneMode()) { // If Carbon is running standalone
            SystemRestarter.restart();
        } else {  // Carbon is running within an AppServer

    @SuppressWarnings("unused")
    protected void activate(ComponentContext context) {
        // Need permissions in order activate Registry
        SecurityManager securityManager = System.getSecurityManager();
        if(securityManager != null){
            securityManager.checkPermission(new ManagementPermission("control"));
        }
        try {
            bundleContext = context.getBundleContext();
            registryService = buildRegistryService();

     */
    public void start(BundleContext context) {
        // Need permissions in order to instantiate CarbonServerManager
        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
            secMan.checkPermission(new ManagementPermission("control"));
            new Timer("JavaSecPolicyUpdateTimer").
                    scheduleAtFixedRate(new TimerTask() {
                        public void run() {
                            java.security.Policy.getPolicy().refresh();
                        }

     *                   restart should be forced
     */
    private void restart(boolean isGraceful) {
        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
            secMan.checkPermission(new ManagementPermission("control"));
        }
        Runtime.getRuntime().removeShutdownHook(shutdownHook);
        new JMXServerManager().stopJmxService();

        try {

     * Forced shutdown
     */
    public void shutdown() {
        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
            secMan.checkPermission(new ManagementPermission("control"));
        }
        log.info("Shutting down " + serverName + "...");
        if (!isShutdownTriggeredByShutdownHook) {
            Runtime.getRuntime().removeShutdownHook(shutdownHook);
        }

    public void start(BundleContext context) throws Exception {
        // Need permissions in order to activate Carbon Core
        SecurityManager secMan = System.getSecurityManager();
        if (secMan != null) {
           secMan.checkPermission(new ManagementPermission("control"));
        }
        dataHolder.setBundleContext(context);
        log.info("Starting WSO2 Carbon...");
        log.info("Operating System : " + System.getProperty("os.name") + " " +
                 System.getProperty("os.version") + ", " + System.getProperty("os.arch"));