Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
PojavLauncherTeam
GitHub Repository: PojavLauncherTeam/mobile
 Path: blob/master/src/java.desktop/share/classes/java/awt/AWTPermission.java
41152 views
1
/*

2
 * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.

3
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

4
 *

5
 * This code is free software; you can redistribute it and/or modify it

6
 * under the terms of the GNU General Public License version 2 only, as

7
 * published by the Free Software Foundation.  Oracle designates this

8
 * particular file as subject to the "Classpath" exception as provided

9
 * by Oracle in the LICENSE file that accompanied this code.

10
 *

11
 * This code is distributed in the hope that it will be useful, but WITHOUT

12
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

13
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

14
 * version 2 for more details (a copy is included in the LICENSE file that

15
 * accompanied this code).

16
 *

17
 * You should have received a copy of the GNU General Public License version

18
 * 2 along with this work; if not, write to the Free Software Foundation,

19
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

20
 *

21
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

22
 * or visit www.oracle.com if you need additional information or have any

23
 * questions.

24
 */

25


26
package java.awt;

27


28
import java.io.Serial;

29
import java.security.BasicPermission;

30


31
/**

32
 * This class is for AWT permissions.

33
 * An {@code AWTPermission} contains a target name but

34
 * no actions list; you either have the named permission

35
 * or you don't.

36
 *

37
 * <P>

38
 * The target name is the name of the AWT permission (see below). The naming

39
 * convention follows the hierarchical property naming convention.

40
 * Also, an asterisk could be used to represent all AWT permissions.

41
 *

42
 * <P>

43
 * The following table lists all the possible {@code AWTPermission}

44
 * target names, and for each provides a description of what the

45
 * permission allows and a discussion of the risks of granting code

46
 * the permission.

47
 *

48
 * <table class="striped">

49
 * <caption>AWTPermission target names, descriptions, and associated risks

50
 * </caption>

51
 * <thead>

52
 *   <tr>

53
 *     <th scope="col">Permission Target Name

54
 *     <th scope="col">What the Permission Allows

55
 *     <th scope="col">Risks of Allowing this Permission

56
 * </thead>

57
 * <tbody>

58
 *   <tr>

59
 *     <th scope="row">accessClipboard

60
 *     <td>Posting and retrieval of information to and from the AWT clipboard

61
 *     <td>This would allow malfeasant code to share potentially sensitive or

62
 *     confidential information.

63
 *   <tr>

64
 *     <th scope="row">accessEventQueue

65
 *     <td>Access to the AWT event queue

66
 *     <td>After retrieving the AWT event queue, malicious code may peek at and

67
 *     even remove existing events from its event queue, as well as post bogus

68
 *     events which may purposefully cause the application or applet to

69
 *     misbehave in an insecure manner.

70
 *   <tr>

71
 *     <th scope="row">accessSystemTray

72
 *     <td>Access to the AWT SystemTray instance

73
 *     <td>This would allow malicious code to add tray icons to the system tray.

74
 *     First, such an icon may look like the icon of some known application

75
 *     (such as a firewall or anti-virus) and order a user to do something

76
 *     unsafe (with help of balloon messages). Second, the system tray may be

77
 *     glutted with tray icons so that no one could add a tray icon anymore.

78
 *   <tr>

79
 *     <th scope="row">createRobot

80
 *     <td>Create java.awt.Robot objects

81
 *     <td>The java.awt.Robot object allows code to generate native-level mouse

82
 *     and keyboard events as well as read the screen. It could allow malicious

83
 *     code to control the system, run other programs, read the display, and

84
 *     deny mouse and keyboard access to the user.

85
 *   <tr>

86
 *     <th scope="row">fullScreenExclusive

87
 *     <td>Enter full-screen exclusive mode

88
 *     <td>Entering full-screen exclusive mode allows direct access to low-level

89
 *     graphics card memory. This could be used to spoof the system, since the

90
 *     program is in direct control of rendering. Depending on the

91
 *     implementation, the security warning may not be shown for the windows

92
 *     used to enter the full-screen exclusive mode (assuming that the

93
 *     {@code fullScreenExclusive} permission has been granted to this

94
 *     application). Note that this behavior does not mean that the

95
 *     {@code showWindowWithoutWarningBanner} permission will be automatically

96
 *     granted to the application which has the {@code fullScreenExclusive}

97
 *     permission: non-full-screen windows will continue to be shown with the

98
 *     security warning.

99
 *   <tr>

100
 *     <th scope="row">listenToAllAWTEvents

101
 *     <td>Listen to all AWT events, system-wide

102
 *     <td>After adding an AWT event listener, malicious code may scan all AWT

103
 *     events dispatched in the system, allowing it to read all user input (such

104
 *     as passwords). Each AWT event listener is called from within the context

105
 *     of that event queue's EventDispatchThread, so if the accessEventQueue

106
 *     permission is also enabled, malicious code could modify the contents of

107
 *     AWT event queues system-wide, causing the application or applet to

108
 *     misbehave in an insecure manner.

109
 *   <tr>

110
 *     <th scope="row">readDisplayPixels

111
 *     <td>Readback of pixels from the display screen

112
 *     <td>Interfaces such as the java.awt.Composite interface or the

113
 *     java.awt.Robot class allow arbitrary code to examine pixels on the

114
 *     display enable malicious code to snoop on the activities of the user.

115
 *   <tr>

116
 *     <th scope="row">replaceKeyboardFocusManager

117
 *     <td>Sets the {@code KeyboardFocusManager} for a particular thread.

118
 *     <td>When {@code SecurityManager} is installed, the invoking thread must

119
 *     be granted this permission in order to replace the current

120
 *     {@code KeyboardFocusManager}. If permission is not granted, a

121
 *     {@code SecurityException} will be thrown.

122
 *   <tr>

123
 *     <th scope="row">setAppletStub

124
 *     <td>Setting the stub which implements Applet container services

125
 *     <td>Malicious code could set an applet's stub and result in unexpected

126
 *     behavior or denial of service to an applet.

127
 *   <tr>

128
 *     <th scope="row">setWindowAlwaysOnTop

129
 *     <td>Setting always-on-top property of the window:

130
 *     {@link Window#setAlwaysOnTop}

131
 *     <td>The malicious window might make itself look and behave like a real

132
 *     full desktop, so that information entered by the unsuspecting user is

133
 *     captured and subsequently misused

134
 *   <tr>

135
 *     <th scope="row">showWindowWithoutWarningBanner

136
 *     <td>Display of a window without also displaying a banner warning that the

137
 *     window was created by an applet

138
 *     <td>Without this warning, an applet may pop up windows without the user

139
 *     knowing that they belong to an applet. Since users may make

140
 *     security-sensitive decisions based on whether or not the window belongs

141
 *     to an applet (entering a username and password into a dialog box, for

142
 *     example), disabling this warning banner may allow applets to trick the

143
 *     user into entering such information.

144
 *   <tr>

145
 *     <th scope="row">toolkitModality

146
 *     <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL}

147
 *     dialogs and setting the

148
 *     {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE TOOLKIT_EXCLUDE} window

149
 *     property.

150
 *     <td>When a toolkit-modal dialog is shown from an applet, it blocks all

151
 *     other applets in the browser. When launching applications from Java Web

152
 *     Start, its windows (such as the security dialog) may also be blocked by

153
 *     toolkit-modal dialogs, shown from these applications.

154
 *   <tr>

155
 *     <th scope="row">watchMousePointer

156
 *     <td>Getting the information about the mouse pointer position at any time

157
 *     <td>Constantly watching the mouse pointer, an applet can make guesses

158
 *     about what the user is doing, i.e. moving the mouse to the lower left

159
 *     corner of the screen most likely means that the user is about to launch

160
 *     an application. If a virtual keypad is used so that keyboard is emulated

161
 *     using the mouse, an applet may guess what is being typed.

162
 * </tbody>

163
 * </table>

164
 *

165
 * @see java.security.BasicPermission

166
 * @see java.security.Permission

167
 * @see java.security.Permissions

168
 * @see java.security.PermissionCollection

169
 * @see java.lang.SecurityManager

170
 *

171
 * @author Marianne Mueller

172
 * @author Roland Schemers

173
 */

174
public final class AWTPermission extends BasicPermission {

175


176
    /**

177
     * Use serialVersionUID from JDK 1.2 for interoperability.

178
     */

179
    @Serial

180
    private static final long serialVersionUID = 8890392402588814465L;

181


182
    /**

183
     * Creates a new {@code AWTPermission} with the specified name.

184
     * The name is the symbolic name of the {@code AWTPermission},

185
     * such as "topLevelWindow", "systemClipboard", etc. An asterisk

186
     * may be used to indicate all AWT permissions.

187
     *

188
     * @param name the name of the AWTPermission

189
     *

190
     * @throws NullPointerException if {@code name} is {@code null}.

191
     * @throws IllegalArgumentException if {@code name} is empty.

192
     */

193


194
    public AWTPermission(String name)

195
    {

196
        super(name);

197
    }

198


199
    /**

200
     * Creates a new {@code AWTPermission} object with the specified name.

201
     * The name is the symbolic name of the {@code AWTPermission}, and the

202
     * actions string is currently unused and should be {@code null}.

203
     *

204
     * @param name the name of the {@code AWTPermission}

205
     * @param actions should be {@code null}

206
     *

207
     * @throws NullPointerException if {@code name} is {@code null}.

208
     * @throws IllegalArgumentException if {@code name} is empty.

209
     */

210


211
    public AWTPermission(String name, String actions)

212
    {

213
        super(name, actions);

214
    }

215
}

216


217