Source Code Cross Referenced for AWTPermission.java in  » 6.0-JDK-Core » AWT » java » awt » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Home
Java Source Code / Java Documentation
1.6.0 JDK Core
2.6.0 JDK Modules
3.6.0 JDK Modules com.sun
4.6.0 JDK Modules com.sun.java
5.6.0 JDK Modules sun
6.6.0 JDK Platform
7.Ajax
8.Apache Harmony Java SE
9.Aspect oriented
10.Authentication Authorization
11.Blogger System
12.Build
13.Byte Code
14.Cache
15.Chart
16.Chat
17.Code Analyzer
18.Collaboration
19.Content Management System
20.Database Client
21.Database DBMS
22.Database JDBC Connection Pool
23.Database ORM
24.Development
25.EJB Server
26.ERP CRM Financial
27.ESB
28.Forum
29.Game
30.GIS
31.Graphic 3D
32.Graphic Library
33.Groupware
34.HTML Parser
35.IDE
36.IDE Eclipse
37.IDE Netbeans
38.Installer
39.Internationalization Localization
40.Inversion of Control
41.Issue Tracking
42.J2EE
43.J2ME
44.JBoss
45.JMS
46.JMX
47.Library
48.Mail Clients
49.Music
50.Net
51.Parser
52.PDF
53.Portal
54.Profiler
55.Project Management
56.Report
57.RSS RDF
58.Rule Engine
59.Science
60.Scripting
61.Search Engine
62.Security
63.Sevlet Container
64.Source Control
65.Swing Library
66.Template Engine
67.Test Coverage
68.Testing
69.UML
70.Web Crawler
71.Web Framework
72.Web Mail
73.Web Server
74.Web Services
75.Web Services apache cxf 2.2.6
76.Web Services AXIS2
77.Wiki Engine
78.Workflow Engines
79.XML
80.XML UI
Java Source Code / Java Documentation » 6.0 JDK Core » AWT » java.awt 
Source Cross Referenced  Class Diagram Java Document (Java Doc) 


001        /*
002         * Copyright 1997-2005 Sun Microsystems, Inc.  All Rights Reserved.
003         * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
004         *
005         * This code is free software; you can redistribute it and/or modify it
006         * under the terms of the GNU General Public License version 2 only, as
007         * published by the Free Software Foundation.  Sun designates this
008         * particular file as subject to the "Classpath" exception as provided
009         * by Sun in the LICENSE file that accompanied this code.
010         *
011         * This code is distributed in the hope that it will be useful, but WITHOUT
012         * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
013         * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
014         * version 2 for more details (a copy is included in the LICENSE file that
015         * accompanied this code).
016         *
017         * You should have received a copy of the GNU General Public License version
018         * 2 along with this work; if not, write to the Free Software Foundation,
019         * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
020         *
021         * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
022         * CA 95054 USA or visit www.sun.com if you need additional information or
023         * have any questions.
024         */
025
026        package java.awt;
027
028        import java.security.BasicPermission;
029
030        /**
031         * This class is for AWT permissions.
032         * An <code>AWTPermission</code> contains a target name but
033         * no actions list; you either have the named permission
034         * or you don't.
035         *
036         * <P>
037         * The target name is the name of the AWT permission (see below). The naming
038         * convention follows the hierarchical property naming convention.
039         * Also, an asterisk could be used to represent all AWT permissions.
040         *
041         * <P>
042         * The following table lists all the possible <code>AWTPermission</code>
043         * target names, and for each provides a description of what the
044         * permission allows and a discussion of the risks of granting code
045         * the permission.
046         * <P>
047         *
048         * <table border=1 cellpadding=5 summary="AWTPermission target names, descriptions, and associated risks.">
049         * <tr>
050         * <th>Permission Target Name</th>
051         * <th>What the Permission Allows</th>
052         * <th>Risks of Allowing this Permission</th>
053         * </tr>
054         *
055         * <tr>
056         *   <td>accessClipboard</td>
057         *   <td>Posting and retrieval of information to and from the AWT clipboard</td>
058         *   <td>This would allow malfeasant code to share
059         * potentially sensitive or confidential information.</td>
060         * </tr>
061         *
062         * <tr>
063         *   <td>accessEventQueue</td>
064         *   <td>Access to the AWT event queue</td>
065         *   <td>After retrieving the AWT event queue,
066         * malicious code may peek at and even remove existing events
067         * from its event queue, as well as post bogus events which may purposefully
068         * cause the application or applet to misbehave in an insecure manner.</td>
069         * </tr>
070         *
071         * <tr>
072         *   <td>accessSystemTray</td>
073         *   <td>Access to the AWT SystemTray instance</td>
074         *   <td>This would allow malicious code to add tray icons to the system tray.
075         * First, such an icon may look like the icon of some known application
076         * (such as a firewall or anti-virus) and order a user to do something unsafe
077         * (with help of balloon messages). Second, the system tray may be glutted with
078         * tray icons so that no one could add a tray icon anymore.</td>
079         * </tr>
080         *
081         * <tr>
082         *   <td>createRobot</td>
083         *   <td>Create java.awt.Robot objects</td>
084         *   <td>The java.awt.Robot object allows code to generate native-level
085         * mouse and keyboard events as well as read the screen. It could allow
086         * malicious code to control the system, run other programs, read the
087         * display, and deny mouse and keyboard access to the user.</td>
088         * </tr>
089         *
090         * <tr>
091         *   <td>fullScreenExclusive</td>
092         *   <td>Enter full-screen exclusive mode</td>
093         *   <td>Entering full-screen exclusive mode allows direct access to
094         * low-level graphics card memory.  This could be used to spoof the
095         * system, since the program is in direct control of rendering.</td>
096         * </tr>
097         *
098         * <tr>
099         *   <td>listenToAllAWTEvents</td>
100         *   <td>Listen to all AWT events, system-wide</td>
101         *   <td>After adding an AWT event listener,
102         * malicious code may scan all AWT events dispatched in the system,
103         * allowing it to read all user input (such as passwords).  Each
104         * AWT event listener is called from within the context of that
105         * event queue's EventDispatchThread, so if the accessEventQueue
106         * permission is also enabled, malicious code could modify the
107         * contents of AWT event queues system-wide, causing the application
108         * or applet to misbehave in an insecure manner.</td>
109         * </tr>
110         *
111         * <tr>
112         *   <td>readDisplayPixels</td>
113         *   <td>Readback of pixels from the display screen</td>
114         *   <td>Interfaces such as the java.awt.Composite interface or the 
115         * java.awt.Robot class allow arbitrary code to examine pixels on the 
116         * display enable malicious code to snoop on the activities of the user.</td>
117         * </tr>
118         *
119         * <tr>
120         *   <td>replaceKeyboardFocusManager</td>
121         *   <td>Sets the <code>KeyboardFocusManager</code> for
122         *       a particular thread.
123         *   <td>When <code>SecurityManager</code> is installed, the invoking
124         *       thread must be granted this permission in order to replace
125         *       the current <code>KeyboardFocusManager</code>.  If permission
126         *       is not granted, a <code>SecurityException</code> will be thrown.
127         * </tr>
128         *
129         * <tr>
130         *   <td>setAppletStub</td>
131         *   <td>Setting the stub which implements Applet container services</td>
132         *   <td>Malicious code could set an applet's stub and result in unexpected
133         * behavior or denial of service to an applet.</td>
134         * </tr>
135         *
136         * <tr>
137         *   <td>setWindowAlwaysOnTop</td>
138         *   <td>Setting always-on-top property of the window: {@link Window#setAlwaysOnTop}</td>
139         *   <td>The malicious window might make itself look and behave like a real full desktop, so that
140         * information entered by the unsuspecting user is captured and subsequently misused </td> 
141         * </tr>
142         *
143         * <tr>
144         *   <td>showWindowWithoutWarningBanner</td>
145         *   <td>Display of a window without also displaying a banner warning
146         * that the window was created by an applet</td>
147         *   <td>Without this warning,
148         * an applet may pop up windows without the user knowing that they
149         * belong to an applet.  Since users may make security-sensitive
150         * decisions based on whether or not the window belongs to an applet
151         * (entering a username and password into a dialog box, for example),
152         * disabling this warning banner may allow applets to trick the user
153         * into entering such information.</td>
154         * </tr>
155         *
156         * <tr>
157         *   <td>toolkitModality</td>
158         *   <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
159         *       and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
160         *       TOOLKIT_EXCLUDE} window property.</td>
161         *   <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
162         * applets in the browser. When launching applications from Java Web Start,
163         * its windows (such as the security dialog) may also be blocked by toolkit-modal
164         * dialogs, shown from these applications.</td>
165         * </tr>
166         *
167         * <tr>
168         *   <td>watchMousePointer</td>
169         *   <td>Getting the information about the mouse pointer position at any
170         * time</td>
171         *   <td>Constantly watching the mouse pointer,
172         * an applet can make guesses about what the user is doing, i.e. moving
173         * the mouse to the lower left corner of the screen most likely means that
174         * the user is about to launch an application. If a virtual keypad is used
175         * so that keyboard is emulated using the mouse, an applet may guess what
176         * is being typed.</td>
177         * </tr>
178         * </table>
179         * 
180         * @see java.security.BasicPermission
181         * @see java.security.Permission
182         * @see java.security.Permissions
183         * @see java.security.PermissionCollection
184         * @see java.lang.SecurityManager
185         *
186         * @version 	1.38, 05/05/07
187         *
188         * @author Marianne Mueller
189         * @author Roland Schemers
190         */
191
192        public final class AWTPermission extends BasicPermission {
193
194            /** use serialVersionUID from the Java 2 platform for interoperability */
195            private static final long serialVersionUID = 8890392402588814465L;
196
197            /**
198             * Creates a new <code>AWTPermission</code> with the specified name.
199             * The name is the symbolic name of the <code>AWTPermission</code>,
200             * such as "topLevelWindow", "systemClipboard", etc. An asterisk
201             * may be used to indicate all AWT permissions.
202             *
203             * @param name the name of the AWTPermission
204             *
205             * @throws NullPointerException if <code>name</code> is <code>null</code>.
206             * @throws IllegalArgumentException if <code>name</code> is empty.
207             */
208
209            public AWTPermission(String name) {
210                super (name);
211            }
212
213            /**
214             * Creates a new <code>AWTPermission</code> object with the specified name.
215             * The name is the symbolic name of the <code>AWTPermission</code>, and the
216             * actions string is currently unused and should be <code>null</code>.
217             *
218             * @param name the name of the <code>AWTPermission</code>
219             * @param actions should be <code>null</code>
220             *
221             * @throws NullPointerException if <code>name</code> is <code>null</code>.
222             * @throws IllegalArgumentException if <code>name</code> is empty.
223             */
224
225            public AWTPermission(String name, String actions) {
226                super(name, actions);
227            }
228        }
www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.