1. /*
  2. * @(#)ManagementPermission.java 1.3 03/12/19
  3. *
  4. * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
  5. * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.
  6. */
  7. package java.lang.management;
  8. /**
  9. * The permission which the SecurityManager will check when code
  10. * that is running with a SecurityManager calls methods defined
  11. * in the management interface for the Java platform.
  12. * <P>
  13. * The following table
  14. * provides a summary description of what the permission allows,
  15. * and discusses the risks of granting code the permission.
  16. * <P>
  17. *
  18. * <table border=1 cellpadding=5 summary="Table shows permission target name, wh
  19. at the permission allows, and associated risks">
  20. * <tr>
  21. * <th>Permission Target Name</th>
  22. * <th>What the Permission Allows</th>
  23. * <th>Risks of Allowing this Permission</th>
  24. * </tr>
  25. *
  26. * <tr>
  27. * <td>control</td>
  28. * <td>Ability to control the runtime characteristics of the Java virtual
  29. * machine, for example, setting the -verbose:gc and -verbose:class flag,
  30. * setting the threshold of a memory pool, and enabling and disabling
  31. * the thread contention monitoring support.
  32. * </td>
  33. * <td>This allows an attacker to control the runtime characteristics
  34. * of the Java virtual machine and cause the system to misbehave.
  35. * </td>
  36. * </tr>
  37. * <tr>
  38. * <td>monitor</td>
  39. * <td>Ability to retrieve runtime information about
  40. * the Java virtual machine such as thread
  41. * stack trace, a list of all loaded class names, and input arguments
  42. * to the Java virtual machine.</td>
  43. * <td>This allows malicious code to monitor runtime information and
  44. * uncover vulnerabilities.</td>
  45. * </tr>
  46. *
  47. * </table>
  48. *
  49. * <p>
  50. * Programmers do not normally create ManagementPermission objects directly.
  51. * Instead they are created by the security policy code based on reading
  52. * the security policy file.
  53. *
  54. * @author Mandy Chung
  55. * @version 1.3, 12/19/03
  56. * @since 1.5
  57. *
  58. * @see java.security.BasicPermission
  59. * @see java.security.Permission
  60. * @see java.security.Permissions
  61. * @see java.security.PermissionCollection
  62. * @see java.lang.SecurityManager
  63. *
  64. */
  65. public final class ManagementPermission extends java.security.BasicPermission {
  66. /**
  67. * Constructs a ManagementPermission with the specified name.
  68. *
  69. * @param name Permission name. Must be either "monitor" or "control".
  70. * @throws IllegalArgumentException if the name argument is invalid.
  71. */
  72. public ManagementPermission(String name) {
  73. super(name);
  74. if (!name.equals("control") && !name.equals("monitor")) {
  75. throw new IllegalArgumentException("name: " + name);
  76. }
  77. }
  78. /**
  79. * Constructs a new ManagementPermission object.
  80. *
  81. * @param name Permission name. Must be either "monitor" or "control".
  82. * @param actions Must be either null or the empty string.
  83. * @throws IllegalArgumentException if arguments are invalid.
  84. */
  85. public ManagementPermission(String name, String actions)
  86. throws IllegalArgumentException {
  87. super(name);
  88. if (!name.equals("control") && !name.equals("monitor")) {
  89. throw new IllegalArgumentException("name: " + name);
  90. }
  91. if (actions != null && actions.length() > 0) {
  92. throw new IllegalArgumentException("actions: " + actions);
  93. }
  94. }
  95. }