1. /*

  2.  * Copyright  2003-2004 The Apache Software Foundation

  3.  *

  4.  *  Licensed under the Apache License, Version 2.0 (the "License");

  5.  *  you may not use this file except in compliance with the License.

  6.  *  You may obtain a copy of the License at

  7.  *

  8.  *      http://www.apache.org/licenses/LICENSE-2.0

  9.  *

  10.  *  Unless required by applicable law or agreed to in writing, software

  11.  *  distributed under the License is distributed on an "AS IS" BASIS,

  12.  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

  13.  *  See the License for the specific language governing permissions and

  14.  *  limitations under the License.

  15.  *

  16.  */

  17. 

  18. package org.apache.tools.ant.types;

  19. 

  20. import java.security.UnresolvedPermission;

  21. import java.util.HashSet;

  22. import java.util.Iterator;

  23. import java.util.LinkedList;

  24. import java.util.List;

  25. import java.util.Set;

  26. import java.util.StringTokenizer;

  27. 

  28. import org.apache.tools.ant.BuildException;

  29. import org.apache.tools.ant.ExitException;

  30. 

  31. /**

  32.  * This class implements a security manager meant for useage by tasks that run inside the

  33.  * ant VM. An examples are the Java Task and JUnitTask.

  34.  *

  35.  * The basic functionality is that nothing (except for a base set of permissions) is allowed, unless

  36.  * the permission is granted either explicitly or implicitly.

  37.  * If an permission is granted this can be overruled by explicitly revoking the permission.

  38.  *

  39.  * It is not permissible to add permissions (either granted or revoked) while the Security Manager

  40.  * is active (after calling setSecurityManager() but before calling restoreSecurityManager()).

  41.  *

  42.  * @since Ant 1.6

  43.  */

  44. public class Permissions {

  45. 

  46.     private List grantedPermissions = new LinkedList();

  47.     private List revokedPermissions = new LinkedList();

  48.     private java.security.Permissions granted = null;

  49.     private SecurityManager origSm = null;

  50.     private boolean active = false;

  51.     private boolean delegateToOldSM = false;

  52. 

  53.     /**

  54.      * default constructor

  55.      */

  56.     public Permissions() {

  57.     }

  58.     /**

  59.      * create a new set of permissions

  60.      * @param delegateToOldSM  if <code>true</code> the old security manager

  61.      * will be used if the permission has not been explicitly granted or revoked

  62.      * in this instance

  63.      * if false, it behaves like the default constructor

  64.      */

  65.     public Permissions(boolean delegateToOldSM) {

  66.         this.delegateToOldSM = delegateToOldSM;

  67.     }

  68.     /**

  69.      * Adds a permission to be granted.

  70.      * @param perm The Permissions.Permission to be granted.

  71.      */

  72.     public void addConfiguredGrant(Permissions.Permission perm) {

  73.         grantedPermissions.add(perm);

  74.     }

  75. 

  76.     /**

  77.      * Adds a permission to be revoked.

  78.      * @param perm The Permissions.Permission to be revoked

  79.      */

  80.     public void addConfiguredRevoke(Permissions.Permission perm) {

  81.         revokedPermissions.add(perm);

  82.     }

  83. 

  84.     /**

  85.      * To be used by tasks wishing to use this security model before executing the part to be

  86.      * subject to these Permissions. Note that setting the SecurityManager too early may

  87.      * prevent your part from starting, as for instance changing classloaders may be prohibited.

  88.      * The classloader for the new situation is supposed to be present.

  89.      */

  90.     public void setSecurityManager() throws BuildException{

  91.         origSm = System.getSecurityManager();

  92.         init();

  93.         System.setSecurityManager(new MySM());

  94.         active = true;

  95.     }

  96. 

  97.     /**

  98.      * Initializes the list of granted permissions, checks the list of revoked permissions.

  99.      */

  100.     private void init() throws BuildException {

  101.         granted = new java.security.Permissions();

  102.         for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) {

  103.             Permissions.Permission p = (Permissions.Permission) i.next();

  104.             if (p.getClassName() == null) {

  105.                 throw new BuildException("Revoked permission " + p + " does not contain a class.");

  106.             }

  107.         }

  108.         for (Iterator i = grantedPermissions.listIterator(); i.hasNext();) {

  109.             Permissions.Permission p = (Permissions.Permission) i.next();

  110.             if (p.getClassName() == null) {

  111.                 throw new BuildException("Granted permission " + p + " does not contain a class.");

  112.             } else {

  113.                 java.security.Permission perm =  new UnresolvedPermission(p.getClassName(),p.getName(),p.getActions(),null);

  114.                 granted.add(perm);

  115.             }

  116.         }

  117.         // Add base set of permissions

  118.         granted.add(new java.net.SocketPermission("localhost:1024-", "listen"));

  119.         granted.add(new java.util.PropertyPermission("java.version", "read"));

  120.         granted.add(new java.util.PropertyPermission("java.vendor", "read"));

  121.         granted.add(new java.util.PropertyPermission("java.vendor.url", "read"));

  122.         granted.add(new java.util.PropertyPermission("java.class.version", "read"));

  123.         granted.add(new java.util.PropertyPermission("os.name", "read"));

  124.         granted.add(new java.util.PropertyPermission("os.version", "read"));

  125.         granted.add(new java.util.PropertyPermission("os.arch", "read"));

  126.         granted.add(new java.util.PropertyPermission("file.encoding", "read"));

  127.         granted.add(new java.util.PropertyPermission("file.separator", "read"));

  128.         granted.add(new java.util.PropertyPermission("path.separator", "read"));

  129.         granted.add(new java.util.PropertyPermission("line.separator", "read"));

  130.         granted.add(new java.util.PropertyPermission("java.specification.version", "read"));

  131.         granted.add(new java.util.PropertyPermission("java.specification.vendor", "read"));

  132.         granted.add(new java.util.PropertyPermission("java.specification.name", "read"));

  133.         granted.add(new java.util.PropertyPermission("java.vm.specification.version", "read"));

  134.         granted.add(new java.util.PropertyPermission("java.vm.specification.vendor", "read"));

  135.         granted.add(new java.util.PropertyPermission("java.vm.specification.name", "read"));

  136.         granted.add(new java.util.PropertyPermission("java.vm.version", "read"));

  137.         granted.add(new java.util.PropertyPermission("java.vm.vendor", "read"));

  138.         granted.add(new java.util.PropertyPermission("java.vm.name", "read"));

  139.     }

  140. 

  141.     /**

  142.      * To be used by tasks that just finished executing the parts subject to these permissions.

  143.      */

  144.     public void restoreSecurityManager() {

  145.         active = false;

  146.         System.setSecurityManager(origSm);

  147.     }

  148. 

  149.     /**

  150.      * This inner class implements the actual SecurityManager that can be used by tasks

  151.      * supporting Permissions.

  152.      */

  153.     private class MySM extends SecurityManager {

  154. 

  155.         /**

  156.          * Exit is treated in a special way in order to be able to return the exit code towards tasks.

  157.          * An ExitException is thrown instead of a simple SecurityException to indicate the exit

  158.          * code.

  159.          * Overridden from java.lang.SecurityManager

  160.          * @param status The exit status requested.

  161.          */

  162.         public void checkExit(int status) {

  163.             java.security.Permission perm = new java.lang.RuntimePermission("exitVM",null);

  164.             try {

  165.                 checkPermission(perm);

  166.             } catch (SecurityException e) {

  167.                 throw new ExitException(e.getMessage(), status);

  168.             }

  169.         }

  170. 

  171.         /**

  172.          * The central point in checking permissions.

  173.          * Overridden from java.lang.SecurityManager

  174.          *

  175.          * @param perm The permission requested.

  176.          */

  177.         public void checkPermission(java.security.Permission perm) {

  178.             if (active) {

  179.                 if (delegateToOldSM && !perm.getName().equals("exitVM")) {

  180.                     boolean permOK = false;

  181.                     if (granted.implies(perm)) {

  182.                         permOK = true;

  183.                     }

  184.                     checkRevoked(perm);

  185.                     /*

  186.                      if the permission was not explicitly granted or revoked

  187.                      the original security manager will do its work

  188.                     */

  189.                     if (!permOK && origSm != null) {

  190.                         origSm.checkPermission(perm);

  191.                     }

  192.                 }  else {

  193.                     if (!granted.implies(perm)) {

  194.                         throw new SecurityException("Permission " + perm + " was not granted.");

  195.                     }

  196.                     checkRevoked(perm);

  197.                 }

  198.             }

  199.         }

  200.         /**

  201.          * throws an exception if this permission is revoked

  202.          * @param perm the permission being checked

  203.          */

  204.         private void checkRevoked(java.security.Permission perm) {

  205.             for (Iterator i = revokedPermissions.listIterator(); i.hasNext();) {

  206.                 if (((Permissions.Permission)i.next()).matches(perm)) {

  207.                     throw new SecurityException("Permission " + perm + " was revoked.");

  208.                 }

  209.             }

  210. 

  211.         }

  212.     }

  213. 

  214.     /** Represents a permission. */

  215.     public static class Permission {

  216.         private String className;

  217.         private String name;

  218.         private String actionString;

  219.         private Set actions;

  220. 

  221.         /**

  222.          * Sets the class, mandatory.

  223.          * @param aClass The class name of the permission.

  224.          */

  225.         public void setClass(String aClass) {

  226.                 className = aClass.trim();

  227.         }

  228. 

  229.         /** Get the class of the permission

  230.          * @return The class name of the permission.

  231.          */

  232.         public String getClassName() {

  233.             return className;

  234.         }

  235. 

  236.         /**

  237.          * Sets the name of the permission.

  238.          * @param aName The name of the permission.

  239.          */

  240.         public void setName(String aName) {

  241.             name = aName.trim();

  242.         }

  243. 

  244.         /**

  245.          * Get the name of the permission.

  246.          * @return  The name of the permission.

  247.          */

  248.         public String getName() {

  249.             return name;

  250.         }

  251. 

  252.         /**

  253.          * Sets the actions.

  254.          * @param actions The actions of the permission.

  255.          */

  256.         public void setActions(String actions) {

  257.             actionString = actions;

  258.             if (actions.length() > 0) {

  259.                 this.actions = parseActions(actions);

  260.             }

  261.         }

  262. 

  263.         /**

  264.          * Gets the actions.

  265.          * @return The actions of the permission.

  266.          */

  267.         public String getActions() {

  268.             return actionString;

  269.         }

  270. 

  271.         /**

  272.          *  Checks if the permission matches in case of a revoked permission.

  273.          * @param perm The permission to check against.

  274.          */

  275.         boolean matches(java.security.Permission perm) {

  276. 

  277.             if (!className.equals(perm.getClass().getName())) {

  278.                 return false;

  279.             }

  280. 

  281.             if (name != null) {

  282.                 if (name.endsWith("*")) {

  283.                     if (!perm.getName().startsWith(name.substring(0, name.length() - 1))) {

  284.                         return false;

  285.                     }

  286.                 } else {

  287.                     if (!name.equals(perm.getName())) {

  288.                         return false;

  289.                     }

  290.                 }

  291.             }

  292. 

  293.             if (actions != null) {

  294.                 Set as = parseActions(perm.getActions());

  295.                 int size = as.size();

  296.                 as.removeAll(actions);

  297.                 if (as.size() == size) {

  298.                     // None of the actions revoked, so all allowed.

  299.                     return false;

  300.                 }

  301.             }

  302. 

  303.             return true;

  304.         }

  305. 

  306.         /**

  307.          * Parses the actions into a set of separate strings.

  308.          * @param actions The actions to be parsed.

  309.          */

  310.         private Set parseActions(String actions) {

  311.             Set result = new HashSet();

  312.             StringTokenizer tk = new StringTokenizer(actions, ",");

  313.             while (tk.hasMoreTokens()) {

  314.                 String item = tk.nextToken().trim();

  315.                 if (!item.equals("")) {

  316.                     result.add(item);

  317.                 }

  318.             }

  319.             return result;

  320.         }

  321.         /**

  322.          * get a string description of the permissions

  323.          * @return  string description of the permissions

  324.          */

  325.         public String toString() {

  326.             return ("Permission: " + className + " (\"" + name + "\", \"" + actions + "\")");

  327.         }

  328.     }

  329. }