Examples of java.util.PropertyPermission

• java.util.PropertyPermission
  This class is for property permissions.

  The name is the name of the property ("java.home", "os.name", etc). The naming convention follows the hierarchical property naming convention. Also, an asterisk may appear at the end of the name, following a ".", or by itself, to signify a wildcard match. For example: "java.*" or "*" is valid, "*java" or "a*b" is not valid.

  The actions to be granted are passed to the constructor in a string containing a list of zero or more comma-separated keywords. The possible keywords are "read" and "write". Their meaning is defined as follows:

  read

  read permission. Allows System.getProperty to be called.

  write

  write permission. Allows System.setProperty to be called.

  The actions string is converted to lowercase before processing.

  Care should be taken before granting code permission to access certain system properties. For example, granting permission to access the "java.home" system property gives potentially malevolent code sensitive information about the system environment (the Java installation directory). Also, granting permission to access the "user.name" and "user.home" system properties gives potentially malevolent code sensitive information about the user environment (the user's account name and home directory). @see java.security.BasicPermission @see java.security.Permission @see java.security.Permissions @see java.security.PermissionCollection @see java.lang.SecurityManager @version 1.35 06/04/21 @author Roland Schemers @since 1.2 @serial exclude

    }

    public static String setProperty(String key, String value) {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null)
      sm.checkPermission(new PropertyPermission(key, "write")); //$NON-NLS-1$
      return (String) properties.put(key, value);
    }

    }

    public static String clearProperty(String key) {
    SecurityManager sm = System.getSecurityManager();
    if (sm != null)
      sm.checkPermission(new PropertyPermission(key, "write")); //$NON-NLS-1$
        return (String) properties.remove(key);
    }

    public void engineSecured() throws Exception {
        Permissions perms = new Permissions();
        //we need to be able to read files and props so that the default module source provider can work
        perms.add(new FilePermission("<<ALL FILES>>", "read"));
        perms.add(new PropertyPermission("*", "read"));

        ScriptEngine eng = new JsEngineInitializer().instantiate(Collections.<String>emptySet(), perms);

        try {
            eng.eval("java.lang.System.exit(1)");

        //guard what is writeable and what is not.
        add(new FilePermission("<<ALL FILES>>", "read,write,execute,delete"));

        //we don't suppose the serverside scripts to be malevolent, so let's
        //give them the read access to the system properties.
        add(new PropertyPermission("*", "read"));

        add(new ReflectPermission("suppressAccessChecks"));

        //these are required for server-side scripts to be able to
        //invoke remote EJBs.

   *
   * @param key
   *            the name of the property to be accessed.
   */
  public void checkPropertyAccess(String key) {
    checkPermission(new PropertyPermission(key, "read"));
  }

     *
     * @param key
     *            the name of the property to be accessed.
     */
    public void checkPropertyAccess(String key) {
        checkPermission(new PropertyPermission(key, "read")); //$NON-NLS-1$
    }

     * @throws SecurityException
     *             if the calling thread is not allowed to access the {@code
     *             key} system property.
     */
    public void checkPropertyAccess(String key) {
        checkPermission(new PropertyPermission(key, "read")); //$NON-NLS-1$
    }

     */
    private Permission[] getDefaultPermissions()
    {
        final ArrayList list = new ArrayList();
        //these properties straight out ot ${java.home}/lib/security/java.policy
        list.add( new PropertyPermission( "os.name", "read" ) );
        list.add( new PropertyPermission( "os.arch", "read" ) );
        list.add( new PropertyPermission( "os.version", "read" ) );
        list.add( new PropertyPermission( "file.separator", "read" ) );
        list.add( new PropertyPermission( "path.separator", "read" ) );
        list.add( new PropertyPermission( "line.separator", "read" ) );

        list.add( new PropertyPermission( "java.version", "read" ) );
        list.add( new PropertyPermission( "java.vendor", "read" ) );
        list.add( new PropertyPermission( "java.vendor.url", "read" ) );

        list.add( new PropertyPermission( "java.class.version", "read" ) );
        list.add( new PropertyPermission( "java.vm.version", "read" ) );
        list.add( new PropertyPermission( "java.vm.vendor", "read" ) );
        list.add( new PropertyPermission( "java.vm.name", "read" ) );

        list.add( new PropertyPermission( "java.specification.version", "read" ) );
        list.add( new PropertyPermission( "java.specification.vendor", "read" ) );
        list.add( new PropertyPermission( "java.specification.name", "read" ) );
        list.add( new PropertyPermission( "java.vm.specification.version", "read" ) );
        list.add( new PropertyPermission( "java.vm.specification.vendor", "read" ) );
        list.add( new PropertyPermission( "java.vm.specification.name", "read" ) );

        return (Permission[])list.toArray( new Permission[ list.size() ] );
    }

     */
    public static String setProperty(String key, String value) {
        checkKey(key);
        SecurityManager sm = getSecurityManager();
        if (sm != null) {
            sm.checkPermission(new PropertyPermission(key,
                SecurityConstants.PROPERTY_WRITE_ACTION));
        }

        return (String) props.setProperty(key, value);
    }

     */
    public static String clearProperty(String key) {
        checkKey(key);
        SecurityManager sm = getSecurityManager();
        if (sm != null) {
            sm.checkPermission(new PropertyPermission(key, "write"));
        }

        return (String) props.remove(key);
    }