diff -r 000000000000 -r b1a7da25b547 test/script/sandbox/doprivileged.js --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/test/script/sandbox/doprivileged.js Wed Apr 27 01:36:41 2016 +0800 @@ -0,0 +1,58 @@ +/* + * Copyright (c) 2010, 2013, Oracle and/or its affiliates. All rights reserved. + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. + * + * This code is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * version 2 for more details (a copy is included in the LICENSE file that + * accompanied this code). + * + * You should have received a copy of the GNU General Public License version + * 2 along with this work; if not, write to the Free Software Foundation, + * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. + * + * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA + * or visit www.oracle.com if you need additional information or have any + * questions. + */ + +/** + * doPrivileged checks. + * + * @test + * @security + */ + +function check(e) { + if (e instanceof java.lang.SecurityException) { + print(e); + } else { + fail("expected SecurityException, got " + e); + } +} + +var AccessController = java.security.AccessController; +var PrivilegedAction = java.security.PrivilegedAction; + +AccessController.doPrivileged(new PrivilegedAction() { + run: function() { + // try something sensitive + try { + java.lang.System.exit(0); + } catch(e) { + check(e); + } + + try { + var prop = java.lang.System.getProperty("user.dir"); + fail("can get user.dir " + prop); + } catch(e) { + print(e); + } + } +});