ohair@286: /* ohair@286: * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. ohair@286: * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. ohair@286: * ohair@286: * This code is free software; you can redistribute it and/or modify it ohair@286: * under the terms of the GNU General Public License version 2 only, as ohair@286: * published by the Free Software Foundation. Oracle designates this ohair@286: * particular file as subject to the "Classpath" exception as provided ohair@286: * by Oracle in the LICENSE file that accompanied this code. ohair@286: * ohair@286: * This code is distributed in the hope that it will be useful, but WITHOUT ohair@286: * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or ohair@286: * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License ohair@286: * version 2 for more details (a copy is included in the LICENSE file that ohair@286: * accompanied this code). ohair@286: * ohair@286: * You should have received a copy of the GNU General Public License version ohair@286: * 2 along with this work; if not, write to the Free Software Foundation, ohair@286: * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. ohair@286: * ohair@286: * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA ohair@286: * or visit www.oracle.com if you need additional information or have any ohair@286: * questions. ohair@286: */ ohair@286: ohair@286: package javax.xml.bind; ohair@286: ohair@286: import java.security.BasicPermission; ohair@286: ohair@286: /** ohair@286: * This class is for JAXB permissions. A {@code JAXBPermission} ohair@286: * contains a name (also referred to as a "target name") but ohair@286: * no actions list; you either have the named permission ohair@286: * or you don't. ohair@286: * ohair@286: *

ohair@286: * The target name is the name of the JAXB permission (see below). ohair@286: * ohair@286: *

ohair@286: * The following table lists all the possible {@code JAXBPermission} target names, ohair@286: * and for each provides a description of what the permission allows ohair@286: * and a discussion of the risks of granting code the permission. ohair@286: *

ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: * ohair@286: *
Permission Target NameWhat the Permission AllowsRisks of Allowing this Permission
setDatatypeConverter ohair@286: * Allows the code to set VM-wide {@link DatatypeConverterInterface} ohair@286: * via {@link DatatypeConverter#setDatatypeConverter(DatatypeConverterInterface) the setDatatypeConverter method} ohair@286: * that all the methods on {@link DatatypeConverter} uses. ohair@286: * ohair@286: * Malicious code can set {@link DatatypeConverterInterface}, which has ohair@286: * VM-wide singleton semantics, before a genuine JAXB implementation sets one. ohair@286: * This allows malicious code to gain access to objects that it may otherwise alanb@368: * not have access to, such as {@link java.awt.Frame#getFrames()} that belongs to ohair@286: * another application running in the same JVM. ohair@286: *
ohair@286: * ohair@286: * @see java.security.BasicPermission ohair@286: * @see java.security.Permission ohair@286: * @see java.security.Permissions ohair@286: * @see java.security.PermissionCollection ohair@286: * @see java.lang.SecurityManager ohair@286: * ohair@286: * @author Joe Fialli ohair@286: * @since JAXB 2.2 ohair@286: */ ohair@286: ohair@286: /* code was borrowed originally from java.lang.RuntimePermission. */ ohair@286: public final class JAXBPermission extends BasicPermission { ohair@286: /** ohair@286: * Creates a new JAXBPermission with the specified name. ohair@286: * ohair@286: * @param name ohair@286: * The name of the JAXBPermission. As of 2.2 only "setDatatypeConverter" ohair@286: * is defined. ohair@286: */ ohair@286: public JAXBPermission(String name) { ohair@286: super(name); ohair@286: } ohair@286: ohair@286: private static final long serialVersionUID = 1L; ohair@286: }