001: package org.tanukisoftware.wrapper.security;
002:
003: /*
004: * Copyright (c) 1999, 2006 Tanuki Software Inc.
005: *
006: * Permission is hereby granted, free of charge, to any person
007: * obtaining a copy of the Java Service Wrapper and associated
008: * documentation files (the "Software"), to deal in the Software
009: * without restriction, including without limitation the rights
010: * to use, copy, modify, merge, publish, distribute, sub-license,
011: * and/or sell copies of the Software, and to permit persons to
012: * whom the Software is furnished to do so, subject to the
013: * following conditions:
014: *
015: * The above copyright notice and this permission notice shall be
016: * included in all copies or substantial portions of the Software.
017: *
018: * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
019: * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
020: * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
021: * NON-INFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
022: * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
023: * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
024: * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
025: * OTHER DEALINGS IN THE SOFTWARE.
026: */
027:
028: import java.security.BasicPermission;
029:
030: /**
031: * WrapperPermissions are used to control access to the various methods of the
032: * WrapperManager class.
033: *
034: * <table border=1 cellpadding=5 summary="permission target name,
035: * what the target allows,and associated risks">
036: * <tr>
037: * <th>Permission Target Name</th>
038: * <th>What the Permission Allows</th>
039: * <th>Risks of Allowing this Permission</th>
040: * </tr>
041: *
042: * <tr>
043: * <td>restart</td>
044: * <td>Restart the JVM</td>
045: * <td>
046: * This is an extremely dangerous permission to grant.
047: * Malicious applications can restart the JVM as a denial of service
048: * attack.
049: * </td>
050: * </tr>
051: *
052: * <tr>
053: * <td>stop</td>
054: * <td>Stop the JVM</td>
055: * <td>
056: * This is an extremely dangerous permission to grant.
057: * Malicious applications can stop the JVM as a denial of service
058: * attack.
059: * </td>
060: * </tr>
061: *
062: * <tr>
063: * <td>stopImmediate</td>
064: * <td>Stop the JVM immediately without running the shutdown hooks</td>
065: * <td>
066: * This is an extremely dangerous permission to grant.
067: * Malicious applications can stop the JVM as a denial of service
068: * attack.
069: * </td>
070: * </tr>
071: *
072: * <tr>
073: * <td>signalStarting</td>
074: * <td>Control the starting timeouts.</td>
075: * <td>
076: * Malicious code could set this to unrealistically small values as the application
077: * is starting, thus causing startup failures.
078: * </td>
079: * </tr>
080: *
081: * <tr>
082: * <td>signalStopping</td>
083: * <td>Control the stopping timeouts.</td>
084: * <td>
085: * Malicious code could set this to unrealistically small values as the application
086: * is stopping, thus causing the application to fail to shutdown cleanly.
087: * </td>
088: * </tr>
089: *
090: * <tr>
091: * <td>signalStopped</td>
092: * <td>Control when the Wrapper is told that the Application has stopped.</td>
093: * <td>
094: * Malicious code could call this before the application is actually stopped,
095: * thus causing the application to fail to shutdown cleanly.
096: * </td>
097: * </tr>
098: *
099: * <tr>
100: * <td>log</td>
101: * <td>Sends log output to the Wrapper over the back end socket at a specific log level.</td>
102: * <td>
103: * Malicious code could send very large quanities of log output which could affect
104: * the performance of the Wrapper.
105: * </td>
106: * </tr>
107: *
108: * <tr>
109: * <td>listServices</td>
110: * <td>Requests the status of all services currently installed on the system.</td>
111: * <td>
112: * Malicious code could use this information to find other weaknesses in the system.
113: * </td>
114: * </tr>
115: * </table>
116:
117: addWrapperEventListener service,core
118: removeWrapperEventListener
119: setConsoleTitle
120: getUser
121: getInteractiveUser
122: getProperties
123: getWrapperPID
124: getJavaPID
125: requestThreadDump
126: test.appearHung
127: test.accessViolation
128: test.accessViolationNative
129:
130: *
131: * @author Leif Mortenson <leif@tanukisoftware.com>
132: */
133: public class WrapperPermission extends BasicPermission {
134: /*---------------------------------------------------------------
135: * Constructors
136: *-------------------------------------------------------------*/
137: /**
138: * Creates a new WrapperPermission with the specified name.
139: * The name is the symbolic name of the WrapperPermission, such as "stop",
140: * "restart", etc. An asterisk may appear at the end of the name, following
141: * a ".", or by itself, to signify a wildcard match.
142: *
143: * @param name the name of the WrapperPermission.
144: */
145: public WrapperPermission(String name) {
146: super (name);
147: }
148:
149: public WrapperPermission(String name, String actions) {
150: super(name, actions);
151: }
152: }
|