Java Doc for AWTPermission.java in  » 6.0-JDK-Core » AWT » java » awt » Java Source Code / Java DocumentationJava Source Code and Java Documentation

Home
Java Source Code / Java Documentation
1.6.0 JDK Core
2.6.0 JDK Modules
3.6.0 JDK Modules com.sun
4.6.0 JDK Modules com.sun.java
5.6.0 JDK Modules sun
6.6.0 JDK Platform
7.Ajax
8.Apache Harmony Java SE
9.Aspect oriented
10.Authentication Authorization
11.Blogger System
12.Build
13.Byte Code
14.Cache
15.Chart
16.Chat
17.Code Analyzer
18.Collaboration
19.Content Management System
20.Database Client
21.Database DBMS
22.Database JDBC Connection Pool
23.Database ORM
24.Development
25.EJB Server
26.ERP CRM Financial
27.ESB
28.Forum
29.Game
30.GIS
31.Graphic 3D
32.Graphic Library
33.Groupware
34.HTML Parser
35.IDE
36.IDE Eclipse
37.IDE Netbeans
38.Installer
39.Internationalization Localization
40.Inversion of Control
41.Issue Tracking
42.J2EE
43.J2ME
44.JBoss
45.JMS
46.JMX
47.Library
48.Mail Clients
49.Music
50.Net
51.Parser
52.PDF
53.Portal
54.Profiler
55.Project Management
56.Report
57.RSS RDF
58.Rule Engine
59.Science
60.Scripting
61.Search Engine
62.Security
63.Sevlet Container
64.Source Control
65.Swing Library
66.Template Engine
67.Test Coverage
68.Testing
69.UML
70.Web Crawler
71.Web Framework
72.Web Mail
73.Web Server
74.Web Services
75.Web Services apache cxf 2.2.6
76.Web Services AXIS2
77.Wiki Engine
78.Workflow Engines
79.XML
80.XML UI
Java Source Code / Java Documentation » 6.0 JDK Core » AWT » java.awt 
Source Cross Reference  Class Diagram Java Document (Java Doc) 


java.security.BasicPermission
   java.awt.AWTPermission

AWTPermission
final public class AWTPermission extends BasicPermission (Code)
This class is for AWT permissions. An AWTPermission contains a target name but no actions list; you either have the named permission or you don't.

The target name is the name of the AWT permission (see below). The naming convention follows the hierarchical property naming convention. Also, an asterisk could be used to represent all AWT permissions.

The following table lists all the possible AWTPermission target names, and for each provides a description of what the permission allows and a discussion of the risks of granting code the permission.

Permission Target Name What the Permission Allows Risks of Allowing this Permission
accessClipboard Posting and retrieval of information to and from the AWT clipboard This would allow malfeasant code to share potentially sensitive or confidential information.
accessEventQueue Access to the AWT event queue After retrieving the AWT event queue, malicious code may peek at and even remove existing events from its event queue, as well as post bogus events which may purposefully cause the application or applet to misbehave in an insecure manner.
accessSystemTray Access to the AWT SystemTray instance This would allow malicious code to add tray icons to the system tray. First, such an icon may look like the icon of some known application (such as a firewall or anti-virus) and order a user to do something unsafe (with help of balloon messages). Second, the system tray may be glutted with tray icons so that no one could add a tray icon anymore.
createRobot Create java.awt.Robot objects The java.awt.Robot object allows code to generate native-level mouse and keyboard events as well as read the screen. It could allow malicious code to control the system, run other programs, read the display, and deny mouse and keyboard access to the user.
fullScreenExclusive Enter full-screen exclusive mode Entering full-screen exclusive mode allows direct access to low-level graphics card memory. This could be used to spoof the system, since the program is in direct control of rendering.
listenToAllAWTEvents Listen to all AWT events, system-wide After adding an AWT event listener, malicious code may scan all AWT events dispatched in the system, allowing it to read all user input (such as passwords). Each AWT event listener is called from within the context of that event queue's EventDispatchThread, so if the accessEventQueue permission is also enabled, malicious code could modify the contents of AWT event queues system-wide, causing the application or applet to misbehave in an insecure manner.
readDisplayPixels Readback of pixels from the display screen Interfaces such as the java.awt.Composite interface or the java.awt.Robot class allow arbitrary code to examine pixels on the display enable malicious code to snoop on the activities of the user.
replaceKeyboardFocusManager Sets the KeyboardFocusManager for a particular thread. When SecurityManager is installed, the invoking thread must be granted this permission in order to replace the current KeyboardFocusManager. If permission is not granted, a SecurityException will be thrown.
setAppletStub Setting the stub which implements Applet container services Malicious code could set an applet's stub and result in unexpected behavior or denial of service to an applet.
setWindowAlwaysOnTop Setting always-on-top property of the window: Window.setAlwaysOnTop The malicious window might make itself look and behave like a real full desktop, so that information entered by the unsuspecting user is captured and subsequently misused
showWindowWithoutWarningBanner Display of a window without also displaying a banner warning that the window was created by an applet Without this warning, an applet may pop up windows without the user knowing that they belong to an applet. Since users may make security-sensitive decisions based on whether or not the window belongs to an applet (entering a username and password into a dialog box, for example), disabling this warning banner may allow applets to trick the user into entering such information.
toolkitModality Creating Dialog.ModalityType.TOOLKIT_MODAL TOOLKIT_MODAL dialogs and setting the Dialog.ModalExclusionType.TOOLKIT_EXCLUDETOOLKIT_EXCLUDE window property. When a toolkit-modal dialog is shown from an applet, it blocks all other applets in the browser. When launching applications from Java Web Start, its windows (such as the security dialog) may also be blocked by toolkit-modal dialogs, shown from these applications.
watchMousePointer Getting the information about the mouse pointer position at any time Constantly watching the mouse pointer, an applet can make guesses about what the user is doing, i.e. moving the mouse to the lower left corner of the screen most likely means that the user is about to launch an application. If a virtual keypad is used so that keyboard is emulated using the mouse, an applet may guess what is being typed.

See Also:   java.security.BasicPermission
See Also:   java.security.Permission
See Also:   java.security.Permissions
See Also:   java.security.PermissionCollection
See Also:   java.lang.SecurityManager
version:
   1.38, 05/05/07
author:
   Marianne Mueller
author:
   Roland Schemers




Constructor Summary
public  AWTPermission(String name)
     Creates a new AWTPermission with the specified name. The name is the symbolic name of the AWTPermission, such as "topLevelWindow", "systemClipboard", etc.
public  AWTPermission(String name, String actions)
     Creates a new AWTPermission object with the specified name.



Constructor Detail
AWTPermission
public AWTPermission(String name)(Code)
Creates a new AWTPermission with the specified name. The name is the symbolic name of the AWTPermission, such as "topLevelWindow", "systemClipboard", etc. An asterisk may be used to indicate all AWT permissions.
Parameters:
  name - the name of the AWTPermission
throws:
  NullPointerException - if name is null.
throws:
  IllegalArgumentException - if name is empty.



AWTPermission
public AWTPermission(String name, String actions)(Code)
Creates a new AWTPermission object with the specified name. The name is the symbolic name of the AWTPermission, and the actions string is currently unused and should be null.
Parameters:
  name - the name of the AWTPermission
Parameters:
  actions - should be null
throws:
  NullPointerException - if name is null.
throws:
  IllegalArgumentException - if name is empty.




Methods inherited from java.security.BasicPermission
public boolean equals(Object obj)(Code)(Java Doc)
public String getActions()(Code)(Java Doc)
public int hashCode()(Code)(Java Doc)
public boolean implies(Permission p)(Code)(Java Doc)
public PermissionCollection newPermissionCollection()(Code)(Java Doc)

www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.