View Javadoc
1   /*
2    * Copyright (c) 1997, 2013, Oracle and/or its affiliates. All rights reserved.
3    * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4    *
5    * This code is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU General Public License version 2 only, as
7    * published by the Free Software Foundation.  Oracle designates this
8    * particular file as subject to the "Classpath" exception as provided
9    * by Oracle in the LICENSE file that accompanied this code.
10   *
11   * This code is distributed in the hope that it will be useful, but WITHOUT
12   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
13   * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
14   * version 2 for more details (a copy is included in the LICENSE file that
15   * accompanied this code).
16   *
17   * You should have received a copy of the GNU General Public License version
18   * 2 along with this work; if not, write to the Free Software Foundation,
19   * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
20   *
21   * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
22   * or visit www.oracle.com if you need additional information or have any
23   * questions.
24   */
25  
26  package java.awt;
27  
28  import java.security.BasicPermission;
29  
30  /**
31   * This class is for AWT permissions.
32   * An <code>AWTPermission</code> contains a target name but
33   * no actions list; you either have the named permission
34   * or you don't.
35   *
36   * <P>
37   * The target name is the name of the AWT permission (see below). The naming
38   * convention follows the hierarchical property naming convention.
39   * Also, an asterisk could be used to represent all AWT permissions.
40   *
41   * <P>
42   * The following table lists all the possible <code>AWTPermission</code>
43   * target names, and for each provides a description of what the
44   * permission allows and a discussion of the risks of granting code
45   * the permission.
46   *
47   * <table border=1 cellpadding=5 summary="AWTPermission target names, descriptions, and associated risks.">
48   * <tr>
49   * <th>Permission Target Name</th>
50   * <th>What the Permission Allows</th>
51   * <th>Risks of Allowing this Permission</th>
52   * </tr>
53   *
54   * <tr>
55   *   <td>accessClipboard</td>
56   *   <td>Posting and retrieval of information to and from the AWT clipboard</td>
57   *   <td>This would allow malfeasant code to share
58   * potentially sensitive or confidential information.</td>
59   * </tr>
60   *
61   * <tr>
62   *   <td>accessEventQueue</td>
63   *   <td>Access to the AWT event queue</td>
64   *   <td>After retrieving the AWT event queue,
65   * malicious code may peek at and even remove existing events
66   * from its event queue, as well as post bogus events which may purposefully
67   * cause the application or applet to misbehave in an insecure manner.</td>
68   * </tr>
69   *
70   * <tr>
71   *   <td>accessSystemTray</td>
72   *   <td>Access to the AWT SystemTray instance</td>
73   *   <td>This would allow malicious code to add tray icons to the system tray.
74   * First, such an icon may look like the icon of some known application
75   * (such as a firewall or anti-virus) and order a user to do something unsafe
76   * (with help of balloon messages). Second, the system tray may be glutted with
77   * tray icons so that no one could add a tray icon anymore.</td>
78   * </tr>
79   *
80   * <tr>
81   *   <td>createRobot</td>
82   *   <td>Create java.awt.Robot objects</td>
83   *   <td>The java.awt.Robot object allows code to generate native-level
84   * mouse and keyboard events as well as read the screen. It could allow
85   * malicious code to control the system, run other programs, read the
86   * display, and deny mouse and keyboard access to the user.</td>
87   * </tr>
88   *
89   * <tr>
90   *   <td>fullScreenExclusive</td>
91   *   <td>Enter full-screen exclusive mode</td>
92   *   <td>Entering full-screen exclusive mode allows direct access to
93   * low-level graphics card memory.  This could be used to spoof the
94   * system, since the program is in direct control of rendering. Depending on
95   * the implementation, the security warning may not be shown for the windows
96   * used to enter the full-screen exclusive mode (assuming that the {@code
97   * fullScreenExclusive} permission has been granted to this application). Note
98   * that this behavior does not mean that the {@code
99   * showWindowWithoutWarningBanner} permission will be automatically granted to
100  * the application which has the {@code fullScreenExclusive} permission:
101  * non-full-screen windows will continue to be shown with the security
102  * warning.</td>
103  * </tr>
104  *
105  * <tr>
106  *   <td>listenToAllAWTEvents</td>
107  *   <td>Listen to all AWT events, system-wide</td>
108  *   <td>After adding an AWT event listener,
109  * malicious code may scan all AWT events dispatched in the system,
110  * allowing it to read all user input (such as passwords).  Each
111  * AWT event listener is called from within the context of that
112  * event queue's EventDispatchThread, so if the accessEventQueue
113  * permission is also enabled, malicious code could modify the
114  * contents of AWT event queues system-wide, causing the application
115  * or applet to misbehave in an insecure manner.</td>
116  * </tr>
117  *
118  * <tr>
119  *   <td>readDisplayPixels</td>
120  *   <td>Readback of pixels from the display screen</td>
121  *   <td>Interfaces such as the java.awt.Composite interface or the
122  * java.awt.Robot class allow arbitrary code to examine pixels on the
123  * display enable malicious code to snoop on the activities of the user.</td>
124  * </tr>
125  *
126  * <tr>
127  *   <td>replaceKeyboardFocusManager</td>
128  *   <td>Sets the <code>KeyboardFocusManager</code> for
129  *       a particular thread.
130  *   <td>When <code>SecurityManager</code> is installed, the invoking
131  *       thread must be granted this permission in order to replace
132  *       the current <code>KeyboardFocusManager</code>.  If permission
133  *       is not granted, a <code>SecurityException</code> will be thrown.
134  * </tr>
135  *
136  * <tr>
137  *   <td>setAppletStub</td>
138  *   <td>Setting the stub which implements Applet container services</td>
139  *   <td>Malicious code could set an applet's stub and result in unexpected
140  * behavior or denial of service to an applet.</td>
141  * </tr>
142  *
143  * <tr>
144  *   <td>setWindowAlwaysOnTop</td>
145  *   <td>Setting always-on-top property of the window: {@link Window#setAlwaysOnTop}</td>
146  *   <td>The malicious window might make itself look and behave like a real full desktop, so that
147  * information entered by the unsuspecting user is captured and subsequently misused </td>
148  * </tr>
149  *
150  * <tr>
151  *   <td>showWindowWithoutWarningBanner</td>
152  *   <td>Display of a window without also displaying a banner warning
153  * that the window was created by an applet</td>
154  *   <td>Without this warning,
155  * an applet may pop up windows without the user knowing that they
156  * belong to an applet.  Since users may make security-sensitive
157  * decisions based on whether or not the window belongs to an applet
158  * (entering a username and password into a dialog box, for example),
159  * disabling this warning banner may allow applets to trick the user
160  * into entering such information.</td>
161  * </tr>
162  *
163  * <tr>
164  *   <td>toolkitModality</td>
165  *   <td>Creating {@link Dialog.ModalityType#TOOLKIT_MODAL TOOLKIT_MODAL} dialogs
166  *       and setting the {@link Dialog.ModalExclusionType#TOOLKIT_EXCLUDE
167  *       TOOLKIT_EXCLUDE} window property.</td>
168  *   <td>When a toolkit-modal dialog is shown from an applet, it blocks all other
169  * applets in the browser. When launching applications from Java Web Start,
170  * its windows (such as the security dialog) may also be blocked by toolkit-modal
171  * dialogs, shown from these applications.</td>
172  * </tr>
173  *
174  * <tr>
175  *   <td>watchMousePointer</td>
176  *   <td>Getting the information about the mouse pointer position at any
177  * time</td>
178  *   <td>Constantly watching the mouse pointer,
179  * an applet can make guesses about what the user is doing, i.e. moving
180  * the mouse to the lower left corner of the screen most likely means that
181  * the user is about to launch an application. If a virtual keypad is used
182  * so that keyboard is emulated using the mouse, an applet may guess what
183  * is being typed.</td>
184  * </tr>
185  * </table>
186  *
187  * @see java.security.BasicPermission
188  * @see java.security.Permission
189  * @see java.security.Permissions
190  * @see java.security.PermissionCollection
191  * @see java.lang.SecurityManager
192  *
193  *
194  * @author Marianne Mueller
195  * @author Roland Schemers
196  */
197 
198 public final class AWTPermission extends BasicPermission {
199 
200     /** use serialVersionUID from the Java 2 platform for interoperability */
201     private static final long serialVersionUID = 8890392402588814465L;
202 
203     /**
204      * Creates a new <code>AWTPermission</code> with the specified name.
205      * The name is the symbolic name of the <code>AWTPermission</code>,
206      * such as "topLevelWindow", "systemClipboard", etc. An asterisk
207      * may be used to indicate all AWT permissions.
208      *
209      * @param name the name of the AWTPermission
210      *
211      * @throws NullPointerException if <code>name</code> is <code>null</code>.
212      * @throws IllegalArgumentException if <code>name</code> is empty.
213      */
214 
215     public AWTPermission(String name)
216     {
217         super(name);
218     }
219 
220     /**
221      * Creates a new <code>AWTPermission</code> object with the specified name.
222      * The name is the symbolic name of the <code>AWTPermission</code>, and the
223      * actions string is currently unused and should be <code>null</code>.
224      *
225      * @param name the name of the <code>AWTPermission</code>
226      * @param actions should be <code>null</code>
227      *
228      * @throws NullPointerException if <code>name</code> is <code>null</code>.
229      * @throws IllegalArgumentException if <code>name</code> is empty.
230      */
231 
232     public AWTPermission(String name, String actions)
233     {
234         super(name, actions);
235     }
236 }