SecurityManager

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Build 1.1_r1 (from source)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

java.lang
Class SecurityManager

java.lang.Object
  java.lang.SecurityManager

Direct Known Subclasses:: Logger.PrivateSecurityManager

public class SecurityManager
extends Object
extends Object

Provides security verification facilities for applications. SecurityManager contains a set of checkXXX methods which determine if it is safe to perform a specific operation such as establishing network connections, modifying files, and many more. In general, these methods simply return if they allow the application to perform the operation; if an operation is not allowed, then they throw a SecurityException. The only exception is checkTopLevelWindow(Object), which returns a boolean to indicate permission.

Since:: Android 1.0

Field Summary
`protected boolean`	`inCheck` Deprecated. Use `checkPermission(java.security.Permission)`

Constructor Summary
`SecurityManager()` Constructs a new `SecurityManager` instance.

Method Summary
`void`	`checkAccept(String host, int port)` Checks whether the calling thread is allowed to accept socket connections.
`void`	`checkAccess(Thread thread)` Checks whether the calling thread is allowed to modify the specified thread.
`void`	`checkAccess(ThreadGroup group)` Checks whether the calling thread is allowed to modify the specified thread group.
`void`	`checkAwtEventQueueAccess()` Checks whether the calling thread is allowed to access the AWT event queue.
`void`	`checkConnect(String host, int port)` Checks whether the calling thread is allowed to establish socket connections.
`void`	`checkConnect(String host, int port, Object context)` Checks whether the specified security context is allowed to establish socket connections.
`void`	`checkCreateClassLoader()` Checks whether the calling thread is allowed to create a class loader.
`void`	`checkDelete(String file)` Checks whether the calling thread is allowed to delete the file with the specified name, which should be passed in canonical form.
`void`	`checkExec(String cmd)` Checks whether the calling thread is allowed to execute the specified platform specific command.
`void`	`checkExit(int status)` Checks whether the calling thread is allowed to terminate the virtual machine.
`void`	`checkLink(String libName)` Checks whether the calling thread is allowed to load the specified native library.
`void`	`checkListen(int port)` Checks whether the calling thread is allowed to listen on the specified port.
`void`	`checkMemberAccess(Class<?> cls, int type)` Checks whether the calling thread is allowed to access members.
`void`	`checkMulticast(InetAddress maddr)` Checks whether the calling thread is allowed to use the specified IP multicast group address.
`void`	`checkMulticast(InetAddress maddr, byte ttl)` Deprecated. use `checkMulticast(java.net.InetAddress)`
`void`	`checkPackageAccess(String packageName)` Checks whether the calling thread is allowed to access the specified package.
`void`	`checkPackageDefinition(String packageName)` Checks whether the calling thread is allowed to define new classes in the specified package.
`void`	`checkPermission(Permission permission)` Checks whether the calling thread is allowed to access the resource being guarded by the specified permission object.
`void`	`checkPermission(Permission permission, Object context)` Checks whether the specified security context is allowed to access the resource being guarded by the specified permission object.
`void`	`checkPrintJobAccess()` Checks whether the calling thread is allowed to start a new print job.
`void`	`checkPropertiesAccess()` Checks whether the calling thread is allowed to access the system properties.
`void`	`checkPropertyAccess(String key)` Checks whether the calling thread is allowed to access a particular system property.
`void`	`checkRead(FileDescriptor fd)` Checks whether the calling thread is allowed to read from the file with the specified file descriptor.
`void`	`checkRead(String file)` Checks whether the calling thread is allowed to read from the file with the specified name, which should be passed in canonical form.
`void`	`checkRead(String file, Object context)` Checks whether the given security context is allowed to read from the file named by the argument, which should be passed in canonical form.
`void`	`checkSecurityAccess(String target)` Checks whether the calling thread is allowed to perform the security operation named by the target.
`void`	`checkSetFactory()` Checks whether the calling thread is allowed to set the net object factories.
`void`	`checkSystemClipboardAccess()` Checks whether the calling thread is allowed to access the system clipboard.
`boolean`	`checkTopLevelWindow(Object window)` Checks whether the calling thread is trusted to show the specified top level window.
`void`	`checkWrite(FileDescriptor fd)` Checks whether the calling thread is allowed to write to the file with the specified file descriptor.
`void`	`checkWrite(String file)` Checks whether the calling thread is allowed to write to the file with the specified name, which should be passed in canonical form.
`protected int`	`classDepth(String name)` Deprecated. Use `checkPermission(java.security.Permission)`.
`protected int`	`classLoaderDepth()` Deprecated. Use `checkPermission(java.security.Permission)`.
`protected ClassLoader`	`currentClassLoader()` Deprecated. Use `checkPermission(java.security.Permission)`.
`protected Class<?>`	`currentLoadedClass()` Deprecated. Use `checkPermission(java.security.Permission)`.
`protected Class[]`	`getClassContext()` Returns an array containing one entry for each method in the current execution stack.
`boolean`	`getInCheck()` Deprecated. Use `checkPermission(java.security.Permission)`.
`Object`	`getSecurityContext()` Returns an object which encapsulates the security state of the current point in the execution.
`ThreadGroup`	`getThreadGroup()` Returns the thread group which should be used to instantiate new threads.
`protected boolean`	`inClass(String name)` Deprecated. Use `checkPermission(java.security.Permission)`.
`protected boolean`	`inClassLoader()` Deprecated. Use `checkPermission(java.security.Permission)`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

inCheck

@Deprecated
protected boolean inCheck

Deprecated. Use checkPermission(java.security.Permission)

Flag to indicate whether a security check is in progress.

Since:: Android 1.0

Constructor Detail

SecurityManager

public SecurityManager()

Constructs a new SecurityManager instance.

The RuntimePermission("createSecurityManager") is checked if a security manager is installed.

Since:: Android 1.0

Method Detail

checkAccept

public void checkAccept(String host,
                        int port)

Checks whether the calling thread is allowed to accept socket connections.

Parameters:: host - the address of the host that attempts to connect.; port - the port number to check.
Throws:: NullPointerException - if host is null.; SecurityException - if the calling thread is not allowed to accept socket connections from host through port.
Since:: Android 1.0

checkAccess

public void checkAccess(Thread thread)

Checks whether the calling thread is allowed to modify the specified thread.

Parameters:: thread - the thread to access.
Throws:: SecurityException - if the calling thread is not allowed to access thread.
Since:: Android 1.0

checkAccess

public void checkAccess(ThreadGroup group)

Checks whether the calling thread is allowed to modify the specified thread group.

Parameters:: group - the thread group to access.
Throws:: NullPointerException - if group is null.; SecurityException - if the calling thread is not allowed to access group.
Since:: Android 1.0

checkConnect

public void checkConnect(String host,
                         int port)

Checks whether the calling thread is allowed to establish socket connections. A -1 port indicates the caller is trying to resolve the hostname.

Parameters:: host - the address of the host to connect to.; port - the port number to check, or -1 for resolve.
Throws:: NullPointerException - if host is null.; SecurityException - if the calling thread is not allowed to connect to host through port.
Since:: Android 1.0

checkConnect

public void checkConnect(String host,
                         int port,
                         Object context)

Checks whether the specified security context is allowed to establish socket connections. A -1 port indicates the caller is trying to resolve the hostname.

Parameters:: host - the address of the host to connect to.; port - the port number to check, or -1 for resolve.; context - the security context to use for the check.
Throws:: NullPointerException - if host is null.; SecurityException - if context is not allowed to connect to host through port.
Since:: Android 1.0

checkCreateClassLoader

public void checkCreateClassLoader()

Checks whether the calling thread is allowed to create a class loader.

Throws:: SecurityException - if the calling thread is not allowed to create a class loader.
Since:: Android 1.0

checkDelete

public void checkDelete(String file)

Checks whether the calling thread is allowed to delete the file with the specified name, which should be passed in canonical form.

Parameters:: file - the name of the file to delete.
Throws:: SecurityException - if the calling thread is not allowed to delete file.
Since:: Android 1.0

checkExec

public void checkExec(String cmd)

Checks whether the calling thread is allowed to execute the specified platform specific command.

Parameters:: cmd - the command line to execute.
Throws:: SecurityException - if the calling thread is not allowed to execute cmd.
Since:: Android 1.0

checkExit

public void checkExit(int status)

Checks whether the calling thread is allowed to terminate the virtual machine.

Parameters:: status - the status that the virtual machine returns when it is terminated.
Throws:: SecurityException - if the calling thread is not allowed to terminate the virtual machine with status.
Since:: Android 1.0

checkLink

public void checkLink(String libName)

Checks whether the calling thread is allowed to load the specified native library.

Parameters:: libName - the name of the library to load.
Throws:: SecurityException - if the calling thread is not allowed to load libName.
Since:: Android 1.0

checkListen

public void checkListen(int port)

Checks whether the calling thread is allowed to listen on the specified port.

Parameters:: port - the port number to check.
Throws:: SecurityException - if the calling thread is not allowed listen on port.
Since:: Android 1.0

checkMemberAccess

public void checkMemberAccess(Class<?> cls,
                              int type)

Checks whether the calling thread is allowed to access members. The default is to allow access to public members (that is, java.lang.reflect.Member.PUBLIC) and to classes loaded by the same loader as the original caller (that is, the method that called the reflect API). Due to the nature of the check, overriding implementations cannot call super.checkMemberAccess() since the stack would no longer be of the expected shape.

Parameters:: cls - the class of which members are accessed.; type - the access type, either java.lang.reflect.Member.PUBLIC or java.lang.reflect.Member.DECLARED.
Throws:: SecurityException - if the calling thread is not allowed to access members of cls.
Since:: Android 1.0

checkMulticast

public void checkMulticast(InetAddress maddr)

Checks whether the calling thread is allowed to use the specified IP multicast group address.

Parameters:: maddr - the internet group address to use.
Throws:: SecurityException - if the calling thread is not allowed to use maddr.
Since:: Android 1.0

checkMulticast

@Deprecated
public void checkMulticast(InetAddress maddr,
                                      byte ttl)

Deprecated. use checkMulticast(java.net.InetAddress)

Checks whether the calling thread is allowed to use the specified IP multicast group address.

Parameters:: maddr - the internet group address to use.; ttl - the value in use for multicast send. This parameter is ignored.
Throws:: SecurityException - if the calling thread is not allowed to use maddr.
Since:: Android 1.0

checkPackageAccess

public void checkPackageAccess(String packageName)

Checks whether the calling thread is allowed to access the specified package.

Parameters:: packageName - the name of the package to access.
Throws:: SecurityException - if the calling thread is not allowed to access packageName.
Since:: Android 1.0

checkPackageDefinition

public void checkPackageDefinition(String packageName)

Checks whether the calling thread is allowed to define new classes in the specified package.

Parameters:: packageName - the name of the package to add a class to.
Throws:: SecurityException - if the calling thread is not allowed to add classes to packageName.
Since:: Android 1.0

checkPropertiesAccess

public void checkPropertiesAccess()

Checks whether the calling thread is allowed to access the system properties.

Throws:: SecurityException - if the calling thread is not allowed to access system properties.
Since:: Android 1.0

checkPropertyAccess

public void checkPropertyAccess(String key)

Checks whether the calling thread is allowed to access a particular system property.

Parameters:: key - the name of the property to access.
Throws:: SecurityException - if the calling thread is not allowed to access the key system property.
Since:: Android 1.0

checkRead

public void checkRead(FileDescriptor fd)

Checks whether the calling thread is allowed to read from the file with the specified file descriptor.

Parameters:: fd - the file descriptor of the file to read from.
Throws:: SecurityException - if the calling thread is not allowed to read from fd.
Since:: Android 1.0

checkRead

public void checkRead(String file)

Checks whether the calling thread is allowed to read from the file with the specified name, which should be passed in canonical form.

Parameters:: file - the name of the file or directory to read from.
Throws:: SecurityException - if the calling thread is not allowed to read from file.
Since:: Android 1.0

checkRead

public void checkRead(String file,
                      Object context)

Checks whether the given security context is allowed to read from the file named by the argument, which should be passed in canonical form.

Parameters:: file - the name of the file or directory to check.; context - the security context to use for the check.
Throws:: SecurityException - if context is not allowed to read from file.
Since:: Android 1.0

checkSecurityAccess

public void checkSecurityAccess(String target)

Checks whether the calling thread is allowed to perform the security operation named by the target.

Parameters:: target - the name of the operation to perform.
Throws:: SecurityException - if the calling thread is not allowed to perform target.
Since:: Android 1.0

checkSetFactory

public void checkSetFactory()

Checks whether the calling thread is allowed to set the net object factories.

Throws:: SecurityException - if the calling thread is not allowed to set the net object factories.
Since:: Android 1.0

checkTopLevelWindow

public boolean checkTopLevelWindow(Object window)

Checks whether the calling thread is trusted to show the specified top level window.

Parameters:: window - the window to show.
Returns:: true if the calling thread is allowed to show window; false otherwise.
Throws:: NullPointerException - if window is null.
Since:: Android 1.0

checkSystemClipboardAccess

public void checkSystemClipboardAccess()

Checks whether the calling thread is allowed to access the system clipboard.

Throws:: SecurityException - if the calling thread is not allowed to access the system clipboard.
Since:: Android 1.0

checkAwtEventQueueAccess

public void checkAwtEventQueueAccess()

Checks whether the calling thread is allowed to access the AWT event queue.

Throws:: SecurityException - if the calling thread is not allowed to access the AWT event queue.
Since:: Android 1.0

checkPrintJobAccess

public void checkPrintJobAccess()

Checks whether the calling thread is allowed to start a new print job.

Throws:: SecurityException - if the calling thread is not allowed to start a new print job.
Since:: Android 1.0

checkWrite

public void checkWrite(FileDescriptor fd)

Checks whether the calling thread is allowed to write to the file with the specified file descriptor.

Parameters:: fd - the file descriptor of the file to write to.
Throws:: SecurityException - if the calling thread is not allowed to write to fd.
Since:: Android 1.0

checkWrite

public void checkWrite(String file)

Checks whether the calling thread is allowed to write to the file with the specified name, which should be passed in canonical form.

Parameters:: file - the name of the file or directory to write to.
Throws:: SecurityException - if the calling thread is not allowed to write to file.
Since:: Android 1.0

getInCheck

@Deprecated
public boolean getInCheck()

Deprecated. Use checkPermission(java.security.Permission).

Indicates if this security manager is currently checking something.

Returns:: true if this security manager is executing a security check method; false otherwise.
Since:: Android 1.0

getClassContext

protected Class[] getClassContext()

Returns an array containing one entry for each method in the current execution stack. Each entry is the java.lang.Class which represents the class in which the method is defined.

Returns:: all classes in the execution stack.
Since:: Android 1.0

currentClassLoader

@Deprecated
protected ClassLoader currentClassLoader()

Deprecated. Use checkPermission(java.security.Permission).

Returns the class loader of the first class in the execution stack whose class loader is not a system class loader.

Returns:: the most recent non-system class loader.
Since:: Android 1.0

classLoaderDepth

@Deprecated
protected int classLoaderDepth()

Deprecated. Use checkPermission(java.security.Permission).

Returns the index in the call stack of the first class whose class loader is not a system class loader.

Returns:: the frame index of the first method whose class was loaded by a non-system class loader.
Since:: Android 1.0

currentLoadedClass

@Deprecated
protected Class<?> currentLoadedClass()

Deprecated. Use checkPermission(java.security.Permission).

Returns the first class in the call stack that was loaded by a class loader which is not a system class loader.

Returns:: the most recent class loaded by a non-system class loader.
Since:: Android 1.0

classDepth

@Deprecated
protected int classDepth(String name)

Deprecated. Use checkPermission(java.security.Permission).

Returns the index in the call stack of the first method which is contained in the class with the specified name. Returns -1 if no methods from this class are in the stack.

Parameters:: name - the name of the class to look for.
Returns:: the frame index of the first method found is contained in the class identified by name.
Since:: Android 1.0

inClass

@Deprecated
protected boolean inClass(String name)

Deprecated. Use checkPermission(java.security.Permission).

Indicates whether there is a method in the call stack from the class with the specified name.

Parameters:: name - the name of the class to look for.
Returns:: true if a method from the class identified by name is executing; false otherwise.
Since:: Android 1.0

inClassLoader

@Deprecated
protected boolean inClassLoader()

Deprecated. Use checkPermission(java.security.Permission)

Indicates whether there is a method in the call stack from a class which was defined by a non-system class loader.

Returns:: true if a method from a class that was defined by a non-system class loader is executing; false otherwise.
Since:: Android 1.0

getThreadGroup

public ThreadGroup getThreadGroup()

Returns the thread group which should be used to instantiate new threads. By default, this is the same as the thread group of the thread running this method.

Returns:: ThreadGroup the thread group to create new threads in.
Since:: Android 1.0

getSecurityContext

public Object getSecurityContext()

Returns an object which encapsulates the security state of the current point in the execution. In the Android reference implementation, this is an AccessControlContext.

Returns:: an object that encapsulates information about the current execution environment.
Since:: Android 1.0

checkPermission

public void checkPermission(Permission permission)

Checks whether the calling thread is allowed to access the resource being guarded by the specified permission object.

Parameters:: permission - the permission to check.
Throws:: SecurityException - if the requested permission is denied according to the current security policy.
Since:: Android 1.0

checkPermission

public void checkPermission(Permission permission,
                            Object context)

Checks whether the specified security context is allowed to access the resource being guarded by the specified permission object.

Parameters:: permission - the permission to check.; context - the security context for which to check permission.
Throws:: SecurityException - if context is not an instance of AccessControlContext or if the requested permission is denied for context according to the current security policy.
Since:: Android 1.0

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Build 1.1_r1 (from source)

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Please submit a feedback, bug or feature

java.lang Class SecurityManager

inCheck

SecurityManager

checkAccept

checkAccess

checkAccess

checkConnect

checkConnect

checkCreateClassLoader

checkDelete

checkExec

checkExit

checkLink

checkListen

checkMemberAccess

checkMulticast

checkMulticast

checkPackageAccess

checkPackageDefinition

checkPropertiesAccess

checkPropertyAccess

checkRead

checkRead

checkRead

checkSecurityAccess

checkSetFactory

checkTopLevelWindow

checkSystemClipboardAccess

checkAwtEventQueueAccess

checkPrintJobAccess

checkWrite

checkWrite

getInCheck

getClassContext

currentClassLoader

classLoaderDepth

currentLoadedClass

classDepth

inClass

inClassLoader

getThreadGroup

getSecurityContext

checkPermission

checkPermission

java.lang
Class SecurityManager