diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 9e5b75ebcdc2..55b09190cae1 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -229,7 +229,7 @@ jobs: java: [ 17 ] include: - os: ubuntu-latest - java: 23 + java: 24-ea fail-fast: false steps: @@ -260,6 +260,7 @@ jobs: run: tar --zstd -xf build.tar.zst - name: platform/masterfs + if: ${{ matrix.java == '17' }} run: .github/retry.sh ant $OPTS -f platform/masterfs test - name: Commit Validation tests @@ -836,7 +837,7 @@ jobs: timeout-minutes: 50 strategy: matrix: - java: [ '17', '21', '23' ] + java: [ '17', '21', '24-ea' ] exclude: - java: ${{ github.event_name == 'pull_request' && 'nothing' || '21' }} fail-fast: false @@ -1443,10 +1444,10 @@ jobs: timeout-minutes: 60 strategy: matrix: - java: [ '17', '23' ] + java: [ '17', '24-ea' ] config: [ 'batch1', 'batch2' ] exclude: - - java: ${{ github.event_name == 'pull_request' && 'nothing' || '23' }} + - java: ${{ github.event_name == 'pull_request' && 'nothing' || '24-ea' }} fail-fast: false steps: @@ -1496,7 +1497,7 @@ jobs: timeout-minutes: 60 strategy: matrix: - java: [ '17', '21', '23' ] + java: [ '17', '21', '24-ea' ] exclude: - java: ${{ github.event_name == 'pull_request' && 'nothing' || '21' }} fail-fast: false diff --git a/nb/ide.launcher/netbeans.conf b/nb/ide.launcher/netbeans.conf index 8c44e0290777..c25759510b10 100644 --- a/nb/ide.launcher/netbeans.conf +++ b/nb/ide.launcher/netbeans.conf @@ -56,7 +56,7 @@ netbeans_default_cachedir="${DEFAULT_CACHEDIR_ROOT}/@@metabuild.RawVersion@@" # The automatically selected value can be overridden by specifying -J-Xmx # here or on the command line. # -netbeans_default_options="-J-XX:+UseStringDeduplication -J-Xss2m @@metabuild.logcli@@ -J-DTopSecurityManager.disable=true -J-Djava.lang.Runtime.level=FINE -J-Dapple.laf.useScreenMenuBar=true -J-Dapple.awt.application.appearance=system -J-Dsun.java2d.noddraw=true -J-Dsun.java2d.dpiaware=true -J-Dplugin.manager.check.updates=false -J-Dnetbeans.extbrowser.manual_chrome_plugin_install=yes @@metabuild.jms-flags@@ -J-XX:+IgnoreUnrecognizedVMOptions" +netbeans_default_options="-J-XX:+UseStringDeduplication -J-Xss2m @@metabuild.logcli@@ -J-Djava.lang.Runtime.level=FINE -J-Dapple.laf.useScreenMenuBar=true -J-Dapple.awt.application.appearance=system -J-Dsun.java2d.noddraw=true -J-Dsun.java2d.dpiaware=true -J-Dplugin.manager.check.updates=false -J-Dnetbeans.extbrowser.manual_chrome_plugin_install=yes @@metabuild.jms-flags@@ -J-XX:+IgnoreUnrecognizedVMOptions" # Default location of JDK: # (set by installer or commented out if launcher should decide) diff --git a/nbbuild/jdk.xml b/nbbuild/jdk.xml index 3109e3f032b4..298b1636a257 100644 --- a/nbbuild/jdk.xml +++ b/nbbuild/jdk.xml @@ -107,17 +107,6 @@ - - - - - - - - - - - @@ -229,17 +218,6 @@ - - - - - - - - - - - diff --git a/nbbuild/templates/common.xml b/nbbuild/templates/common.xml index 1b14cdd5f7e0..2cfef20611a1 100644 --- a/nbbuild/templates/common.xml +++ b/nbbuild/templates/common.xml @@ -765,7 +765,6 @@ - @@ -797,7 +796,6 @@ - @@ -871,7 +869,6 @@ - @@ -901,7 +898,6 @@ - @@ -931,7 +927,6 @@ - @@ -975,7 +970,6 @@ - @@ -1011,7 +1005,6 @@ - @@ -1049,7 +1042,6 @@ - @@ -1111,7 +1103,6 @@ - @@ -1143,7 +1134,6 @@ - @@ -1165,7 +1155,6 @@ - @@ -1187,7 +1176,6 @@ - @@ -1270,7 +1258,6 @@ - diff --git a/platform/core.execution/src/org/netbeans/core/execution/Install.java b/platform/core.execution/src/org/netbeans/core/execution/Install.java index f977bb0b8f5c..604ec91bb7aa 100644 --- a/platform/core.execution/src/org/netbeans/core/execution/Install.java +++ b/platform/core.execution/src/org/netbeans/core/execution/Install.java @@ -29,7 +29,6 @@ import java.awt.event.ActionListener; import java.awt.event.WindowAdapter; import java.awt.event.WindowEvent; -import java.beans.Introspector; import java.beans.PropertyChangeEvent; import java.beans.PropertyChangeListener; import java.util.ArrayList; @@ -50,7 +49,6 @@ import javax.swing.event.ListDataEvent; import javax.swing.event.ListDataListener; import javax.swing.text.DefaultEditorKit; -import org.netbeans.TopSecurityManager; import org.netbeans.core.ModuleActions; import org.netbeans.modules.progress.spi.Controller; import org.netbeans.modules.progress.spi.InternalHandle; @@ -61,7 +59,6 @@ import org.openide.explorer.ExplorerManager; import org.openide.explorer.ExplorerUtils; import org.openide.explorer.view.ListView; -import org.openide.modules.OnStart; import org.openide.modules.OnStop; import org.openide.nodes.AbstractNode; import org.openide.nodes.Children; @@ -77,27 +74,19 @@ import org.openide.util.actions.SystemAction; /** - * Registers security manager for execution. * Also shows Pending Tasks dialog at shutdown time. * Also adds/removes specific beaninfo and property editor search paths. * @author Jesse Glick */ -@OnStart -public class Install implements Runnable { +public class Install { private static final Logger LOG = Logger.getLogger(Install.class.getName()); - public @Override void run() { - TopSecurityManager.register(SecMan.DEFAULT); - } - @OnStop public static final class Down implements Runnable { public @Override void run() { showPendingTasks(); - - TopSecurityManager.unregister(SecMan.DEFAULT); } } diff --git a/platform/core.execution/src/org/netbeans/core/execution/SecMan.java b/platform/core.execution/src/org/netbeans/core/execution/SecMan.java deleted file mode 100644 index 95541adbe36f..000000000000 --- a/platform/core.execution/src/org/netbeans/core/execution/SecMan.java +++ /dev/null @@ -1,178 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.netbeans.core.execution; - -import java.security.*; - -import org.openide.execution.NbClassLoader; - -/** - * A security manager for execution. - * @author Jesse Glick - */ -public class SecMan extends SecurityManager { - - public static SecurityManager DEFAULT = new SecMan(); - - private static Class nbClassLoaderClass = NbClassLoader.class; - - /** thread group of executed classes */ - private ThreadGroup base; - - public SecMan() { - base = ExecutionEngine.base; - PrivilegedCheck.init(); - AccController.init(); - } - - @Override - public void checkExit(int status) throws SecurityException { - PrivilegedCheck.checkExit(status, this); - } - - final void checkExitImpl(int status, AccessControlContext acc) throws SecurityException { - IOPermissionCollection iopc; - iopc = AccController.getIOPermissionCollection(acc); - - if (iopc != null && iopc.grp != null) { - ExecutionEngine.getTaskIOs().free(iopc.grp, iopc.getIO()); // closes output - ExecutionEngine.closeGroup(iopc.grp); - stopTaskThreadGroup(iopc.grp); - throw new ExitSecurityException("Exit from within execution engine, normal"); // NOI18N - } - - ThreadGroup g = Thread.currentThread().getThreadGroup (); - if (g instanceof TaskThreadGroup) { - throw new ExitSecurityException("Exit from within execution engine, normal"); // NOI18N - } - - if (isNbClassLoader()) { - throw new ExitSecurityException("Exit from within user-loaded code"); // NOI18N - } - } - - @SuppressWarnings("deprecation") - private void stopTaskThreadGroup(TaskThreadGroup old) { - synchronized(old) { - int count = old.activeCount(); - int icurrent = -1; - Thread current = Thread.currentThread(); - Thread[] thrs = new Thread[count]; - old.enumerate(thrs, true); - for (int i = 0; i < thrs.length; i++) { - if (thrs[i] == null) break; - if (thrs[i] == current) icurrent = i; - else thrs[i].stop(); - } - if (icurrent != -1) thrs[icurrent].stop(); - //throw new ExitSecurityException(); - } - } - - @Override - public void checkPermission(Permission perm) { - checkPermission(perm, null); - } - - @Override - public void checkPermission(Permission perm, Object context) { - if ("showWindowWithoutWarningBanner".equals(perm.getName())) { // NOI18N - checkTopLevelWindow(context); - } - if (context instanceof AccessControlContext) { - super.checkPermission(perm, context); - } - } - - public boolean checkTopLevelWindow(Object window) { - IOPermissionCollection iopc = AccController.getIOPermissionCollection(); - if (iopc != null && iopc.grp != null && (window instanceof java.awt.Window)) { - ExecutionEngine.putWindow((java.awt.Window) window, iopc.grp); - } - return true; - } - - /** @return true iff an instance of the NbClassLoader class is on the stack - */ - protected boolean isNbClassLoader() { - Class[] ctx = getClassContext(); - ClassLoader cloader; - - for (int i = 0; i < ctx.length; i++) { - if ((nbClassLoaderClass.isInstance(ctx[i].getClassLoader())) && - (ctx[i].getProtectionDomain().getCodeSource() != null)) { - return true; - } - } - return false; - } - - /** mostly copied from TopSecurityManager */ - private static final class PrivilegedCheck implements PrivilegedExceptionAction { - private final int action; - private final SecMan sm; - - // exit - private int status; - private AccessControlContext acc; - - public PrivilegedCheck(int action, SecMan sm) { - this.action = action; - this.sm = sm; - - if (action == 0) { - acc = AccessController.getContext(); - } - } - - /** Just to preresolve the class and get it into the start class cache */ - static void init() { - } - - public Object run() throws Exception { - switch (action) { - case 0 : - sm.checkExitImpl(status, acc); - break; - default : - } - return null; - } - - static void checkExit(int status, SecMan sm) { - PrivilegedCheck pea = new PrivilegedCheck(0, sm); - pea.status = status; - check(pea); - } - - private static void check(PrivilegedCheck action) { - try { - AccessController.doPrivileged(action); - } catch (PrivilegedActionException e) { - Exception orig = e.getException(); - if (orig instanceof RuntimeException) { - throw ((RuntimeException) orig); - } - orig.printStackTrace(); - } - } - } - -} diff --git a/platform/core.startup/src/org/netbeans/core/startup/CLIOptions.java b/platform/core.startup/src/org/netbeans/core/startup/CLIOptions.java index 5bb932879977..417f0f7157be 100644 --- a/platform/core.startup/src/org/netbeans/core/startup/CLIOptions.java +++ b/platform/core.startup/src/org/netbeans/core/startup/CLIOptions.java @@ -326,13 +326,13 @@ private static void makedir (File f) { if (f.isFile ()) { Object[] arg = new Object[] {f}; System.err.println (NbBundle.getMessage (CLIOptions.class, "CTL_CannotCreate_text", arg)); - org.netbeans.TopSecurityManager.exit (6); + org.netbeans.NbExit.exit(6); } if (! f.exists ()) { if (! f.mkdirs ()) { Object[] arg = new Object[] {f}; System.err.println (NbBundle.getMessage (CLIOptions.class, "CTL_CannotCreateSysDir_text", arg)); - org.netbeans.TopSecurityManager.exit (7); + org.netbeans.NbExit.exit(7); } } } diff --git a/platform/core.startup/src/org/netbeans/core/startup/ModuleLifecycleManager.java b/platform/core.startup/src/org/netbeans/core/startup/ModuleLifecycleManager.java index e30cfdcc4698..f1526af0dc8a 100644 --- a/platform/core.startup/src/org/netbeans/core/startup/ModuleLifecycleManager.java +++ b/platform/core.startup/src/org/netbeans/core/startup/ModuleLifecycleManager.java @@ -23,7 +23,7 @@ import java.io.IOException; import java.util.concurrent.atomic.AtomicBoolean; import org.netbeans.CLIHandler; -import org.netbeans.TopSecurityManager; +import org.netbeans.NbExit; import org.netbeans.core.startup.layers.SessionManager; import org.openide.LifecycleManager; import org.openide.modules.Places; @@ -38,13 +38,6 @@ @ServiceProvider(service=LifecycleManager.class) public class ModuleLifecycleManager extends LifecycleManager { public ModuleLifecycleManager() { - Runtime.getRuntime().addShutdownHook(new Thread("close modules") { // NOI18N - public @Override void run() { - if (System.getSecurityManager() instanceof TopSecurityManager) { - LifecycleManager.getDefault().exit(); - } - } - }); } public void saveAll() { @@ -80,7 +73,7 @@ public void run() { Exceptions.printStackTrace(t); } if (System.getProperty("netbeans.close.no.exit") == null) { - TopSecurityManager.exit(status); + NbExit.exit(status); } } } @@ -97,7 +90,7 @@ public void run() { * do not support restart and may throw an exception to indicate that */ static void markReadyForRestart() throws UnsupportedOperationException { - String classLoaderName = TopSecurityManager.class.getClassLoader().getClass().getName(); + String classLoaderName = NbExit.class.getClassLoader().getClass().getName(); if (!classLoaderName.endsWith(".Launcher$AppClassLoader") && !classLoaderName.endsWith(".ClassLoaders$AppClassLoader")) { // NOI18N throw new UnsupportedOperationException("not running in regular module system, cannot restart"); // NOI18N } diff --git a/platform/core.startup/src/org/netbeans/core/startup/TopLogging.java b/platform/core.startup/src/org/netbeans/core/startup/TopLogging.java index 8c81e05e8de3..60cd583ebab8 100644 --- a/platform/core.startup/src/org/netbeans/core/startup/TopLogging.java +++ b/platform/core.startup/src/org/netbeans/core/startup/TopLogging.java @@ -55,7 +55,7 @@ import java.util.regex.Matcher; import java.util.regex.Pattern; import java.util.stream.Collectors; -import org.netbeans.TopSecurityManager; +import org.netbeans.NbExit; import org.netbeans.core.startup.logging.NbLogging; import org.openide.filesystems.FileUtil; import org.openide.modules.Places; @@ -429,7 +429,7 @@ static void close() { } static void exit(int exit) { flush(false); - TopSecurityManager.exit(exit); + NbExit.exit(exit); } static void exit(int exit, Throwable t) { diff --git a/platform/core.startup/src/org/netbeans/core/startup/TopThreadGroup.java b/platform/core.startup/src/org/netbeans/core/startup/TopThreadGroup.java index dd50ec01ead4..023250faba40 100644 --- a/platform/core.startup/src/org/netbeans/core/startup/TopThreadGroup.java +++ b/platform/core.startup/src/org/netbeans/core/startup/TopThreadGroup.java @@ -20,7 +20,6 @@ package org.netbeans.core.startup; import java.lang.Thread.UncaughtExceptionHandler; -import org.netbeans.TopSecurityManager; import org.openide.util.Exceptions; /** The ThreadGroup for catching uncaught exceptions in Corona. diff --git a/platform/o.n.bootstrap/nbproject/org-netbeans-bootstrap.sig b/platform/o.n.bootstrap/nbproject/org-netbeans-bootstrap.sig index 69096750b838..5537e2d6d28f 100644 --- a/platform/o.n.bootstrap/nbproject/org-netbeans-bootstrap.sig +++ b/platform/o.n.bootstrap/nbproject/org-netbeans-bootstrap.sig @@ -36,8 +36,9 @@ CLSS public abstract interface java.io.Serializable CLSS public abstract java.lang.ClassLoader cons protected init() cons protected init(java.lang.ClassLoader) +cons protected init(java.lang.String,java.lang.ClassLoader) meth protected final java.lang.Class defineClass(byte[],int,int) - anno 0 java.lang.Deprecated() + anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="1.1") meth protected final java.lang.Class defineClass(java.lang.String,byte[],int,int) meth protected final java.lang.Class defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain) meth protected final java.lang.Class defineClass(java.lang.String,java.nio.ByteBuffer,java.security.ProtectionDomain) @@ -46,21 +47,31 @@ meth protected final java.lang.Class findSystemClass(java.lang.String) throws meth protected final void resolveClass(java.lang.Class) meth protected final void setSigners(java.lang.Class,java.lang.Object[]) meth protected java.lang.Class findClass(java.lang.String) throws java.lang.ClassNotFoundException +meth protected java.lang.Class findClass(java.lang.String,java.lang.String) meth protected java.lang.Class loadClass(java.lang.String,boolean) throws java.lang.ClassNotFoundException meth protected java.lang.Object getClassLoadingLock(java.lang.String) meth protected java.lang.Package definePackage(java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.net.URL) meth protected java.lang.Package getPackage(java.lang.String) + anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="9") meth protected java.lang.Package[] getPackages() meth protected java.lang.String findLibrary(java.lang.String) meth protected java.net.URL findResource(java.lang.String) +meth protected java.net.URL findResource(java.lang.String,java.lang.String) throws java.io.IOException meth protected java.util.Enumeration findResources(java.lang.String) throws java.io.IOException meth protected static boolean registerAsParallelCapable() +meth public final boolean isRegisteredAsParallelCapable() meth public final java.lang.ClassLoader getParent() +meth public final java.lang.Module getUnnamedModule() +meth public final java.lang.Package getDefinedPackage(java.lang.String) +meth public final java.lang.Package[] getDefinedPackages() meth public java.io.InputStream getResourceAsStream(java.lang.String) meth public java.lang.Class loadClass(java.lang.String) throws java.lang.ClassNotFoundException +meth public java.lang.String getName() meth public java.net.URL getResource(java.lang.String) meth public java.util.Enumeration getResources(java.lang.String) throws java.io.IOException +meth public java.util.stream.Stream resources(java.lang.String) meth public static java.io.InputStream getSystemResourceAsStream(java.lang.String) +meth public static java.lang.ClassLoader getPlatformClassLoader() meth public static java.lang.ClassLoader getSystemClassLoader() meth public static java.net.URL getSystemResource(java.lang.String) meth public static java.util.Enumeration getSystemResources(java.lang.String) throws java.io.IOException @@ -82,6 +93,7 @@ CLSS public java.lang.Object cons public init() meth protected java.lang.Object clone() throws java.lang.CloneNotSupportedException meth protected void finalize() throws java.lang.Throwable + anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="9") meth public boolean equals(java.lang.Object) meth public final java.lang.Class getClass() meth public final void notify() @@ -92,65 +104,6 @@ meth public final void wait(long,int) throws java.lang.InterruptedException meth public int hashCode() meth public java.lang.String toString() -CLSS public java.lang.SecurityManager -cons public init() -fld protected boolean inCheck - anno 0 java.lang.Deprecated() -meth protected boolean inClass(java.lang.String) - anno 0 java.lang.Deprecated() -meth protected boolean inClassLoader() - anno 0 java.lang.Deprecated() -meth protected int classDepth(java.lang.String) - anno 0 java.lang.Deprecated() -meth protected int classLoaderDepth() - anno 0 java.lang.Deprecated() -meth protected java.lang.Class currentLoadedClass() - anno 0 java.lang.Deprecated() -meth protected java.lang.ClassLoader currentClassLoader() - anno 0 java.lang.Deprecated() -meth protected java.lang.Class[] getClassContext() -meth public boolean checkTopLevelWindow(java.lang.Object) - anno 0 java.lang.Deprecated() -meth public boolean getInCheck() - anno 0 java.lang.Deprecated() -meth public java.lang.Object getSecurityContext() -meth public java.lang.ThreadGroup getThreadGroup() -meth public void checkAccept(java.lang.String,int) -meth public void checkAccess(java.lang.Thread) -meth public void checkAccess(java.lang.ThreadGroup) -meth public void checkAwtEventQueueAccess() - anno 0 java.lang.Deprecated() -meth public void checkConnect(java.lang.String,int) -meth public void checkConnect(java.lang.String,int,java.lang.Object) -meth public void checkCreateClassLoader() -meth public void checkDelete(java.lang.String) -meth public void checkExec(java.lang.String) -meth public void checkExit(int) -meth public void checkLink(java.lang.String) -meth public void checkListen(int) -meth public void checkMemberAccess(java.lang.Class,int) - anno 0 java.lang.Deprecated() -meth public void checkMulticast(java.net.InetAddress) -meth public void checkMulticast(java.net.InetAddress,byte) - anno 0 java.lang.Deprecated() -meth public void checkPackageAccess(java.lang.String) -meth public void checkPackageDefinition(java.lang.String) -meth public void checkPermission(java.security.Permission) -meth public void checkPermission(java.security.Permission,java.lang.Object) -meth public void checkPrintJobAccess() -meth public void checkPropertiesAccess() -meth public void checkPropertyAccess(java.lang.String) -meth public void checkRead(java.io.FileDescriptor) -meth public void checkRead(java.lang.String) -meth public void checkRead(java.lang.String,java.lang.Object) -meth public void checkSecurityAccess(java.lang.String) -meth public void checkSetFactory() -meth public void checkSystemClipboardAccess() - anno 0 java.lang.Deprecated() -meth public void checkWrite(java.io.FileDescriptor) -meth public void checkWrite(java.lang.String) -supr java.lang.Object - CLSS public java.lang.Throwable cons protected init(java.lang.String,java.lang.Throwable,boolean,boolean) cons public init() @@ -395,7 +348,7 @@ fld public final static java.lang.String PROP_MODULES = "modules" meth public boolean hasToEnableCompatModules(java.util.Set) meth public boolean isOrWillEnable(org.netbeans.Module) meth public boolean shouldDelegateResource(org.netbeans.Module,org.netbeans.Module,java.lang.String) - anno 0 java.lang.Deprecated() + anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="") meth public boolean shouldDelegateResource(org.netbeans.Module,org.netbeans.Module,java.lang.String,java.lang.ClassLoader) meth public boolean shutDown() meth public boolean shutDown(java.lang.Runnable) @@ -414,12 +367,12 @@ meth public java.util.Collection getAttachedFragments(org.n meth public java.util.List simulateDisable(java.util.Set) meth public java.util.List simulateEnable(java.util.Set) meth public java.util.Set getModuleInterdependencies(org.netbeans.Module,boolean,boolean) - anno 0 java.lang.Deprecated() + anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="") meth public java.util.Set getModuleInterdependencies(org.netbeans.Module,boolean,boolean,boolean) meth public java.util.Set getModules() meth public java.util.concurrent.Future shutDownAsync(java.lang.Runnable) meth public org.netbeans.Module create(java.io.File,java.lang.Object,boolean,boolean) throws java.io.IOException,org.netbeans.DuplicateException - anno 0 java.lang.Deprecated() + anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="") meth public org.netbeans.Module create(java.io.File,java.lang.Object,boolean,boolean,boolean) throws java.io.IOException,org.netbeans.DuplicateException meth public org.netbeans.Module createBundle(java.io.File,java.lang.Object,boolean,boolean,boolean,int) throws java.io.IOException,org.netbeans.DuplicateException meth public org.netbeans.Module createFixed(java.util.jar.Manifest,java.lang.Object,java.lang.ClassLoader) throws org.netbeans.DuplicateException,org.netbeans.InvalidException @@ -534,30 +487,6 @@ CLSS public abstract interface static org.netbeans.Stamps$Updater meth public abstract void cacheReady() meth public abstract void flushCaches(java.io.DataOutputStream) throws java.io.IOException -CLSS public org.netbeans.TopSecurityManager -cons public init() -meth public boolean checkTopLevelWindow(java.lang.Object) -meth public final void checkPropertyAccess(java.lang.String) -meth public static void exit(int) -meth public static void install() -meth public static void makeSwingUseSpecialClipboard(java.awt.datatransfer.Clipboard) -meth public static void register(java.lang.SecurityManager) -meth public static void unregister(java.lang.SecurityManager) -meth public void checkConnect(java.lang.String,int) -meth public void checkConnect(java.lang.String,int,java.lang.Object) -meth public void checkDelete(java.lang.String) -meth public void checkExit(int) -meth public void checkMemberAccess(java.lang.Class,int) -meth public void checkPermission(java.security.Permission) -meth public void checkPermission(java.security.Permission,java.lang.Object) -meth public void checkRead(java.io.FileDescriptor) -meth public void checkRead(java.lang.String) -meth public void checkWrite(java.io.FileDescriptor) -meth public void checkWrite(java.lang.String) -supr java.lang.SecurityManager -hfds CLIPBOARD_FORBIDDEN,LOG,URLClass,accessControllerClass,allPermission,awtPermissionClass,callerWhiteList,check,classLoaderClass,delegates,fsSecManager,officialExit,runtimePermissionClass,urlField,warnedClassesNDE,warnedClassesNH,warnedSunMisc -hcls PrivilegedCheck - CLSS public final org.netbeans.Util fld public final static java.util.logging.Logger err innr public abstract interface static ModuleProvider diff --git a/platform/o.n.bootstrap/nbproject/project.properties b/platform/o.n.bootstrap/nbproject/project.properties index ab3c7de76b9c..07ffd35a1e93 100644 --- a/platform/o.n.bootstrap/nbproject/project.properties +++ b/platform/o.n.bootstrap/nbproject/project.properties @@ -16,7 +16,7 @@ # under the License. javac.compilerargs=-Xlint:all -Xlint:-serial -Xlint:-processing -javac.source=1.8 +javac.release=11 module.jar.dir=lib module.jar.basename=boot.jar release.launcher/unix/nbexec=lib/nbexec diff --git a/platform/o.n.bootstrap/src/allow.java b/platform/o.n.bootstrap/src/allow.java deleted file mode 100644 index 62db45b997f6..000000000000 --- a/platform/o.n.bootstrap/src/allow.java +++ /dev/null @@ -1,193 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -import java.io.FileDescriptor; -import java.net.InetAddress; -import java.security.Permission; -import java.util.concurrent.atomic.AtomicBoolean; - -/** - * - */ -public class allow extends SecurityManager { - - @Override - public void checkAccept(String host, int port) { - uninstall(); - } - - @Override - public void checkAccess(Thread t) { - uninstall(); - } - - @Override - public void checkAccess(ThreadGroup g) { - uninstall(); - } - - @Override - public void checkAwtEventQueueAccess() { - uninstall(); - } - - @Override - public void checkConnect(String host, int port) { - uninstall(); - } - - @Override - public void checkConnect(String host, int port, Object context) { - uninstall(); - } - - @Override - public void checkCreateClassLoader() { - uninstall(); - } - - @Override - public void checkDelete(String file) { - uninstall(); - } - - @Override - public void checkExec(String cmd) { - uninstall(); - } - - @Override - public void checkExit(int status) { - uninstall(); - } - - @Override - public void checkLink(String lib) { - uninstall(); - } - - @Override - public void checkListen(int port) { - uninstall(); - } - - @Override - public void checkMemberAccess(Class clazz, int which) { - uninstall(); - } - - @Override - public void checkMulticast(InetAddress maddr) { - uninstall(); - } - - @Override - public void checkMulticast(InetAddress maddr, byte ttl) { - uninstall(); - } - - @Override - public void checkPackageAccess(String pkg) { - uninstall(); - } - - @Override - public void checkPackageDefinition(String pkg) { - uninstall(); - } - - @Override - public void checkPermission(Permission perm) { - uninstall(); - } - - @Override - public void checkPermission(Permission perm, Object context) { - uninstall(); - } - - @Override - public void checkPrintJobAccess() { - uninstall(); - } - - @Override - public void checkPropertiesAccess() { - uninstall(); - } - - @Override - public void checkPropertyAccess(String key) { - uninstall(); - } - - @Override - public void checkRead(FileDescriptor fd) { - uninstall(); - } - - @Override - public void checkRead(String file) { - uninstall(); - } - - @Override - public void checkRead(String file, Object context) { - uninstall(); - } - - @Override - public void checkSecurityAccess(String target) { - uninstall(); - } - - @Override - public void checkSetFactory() { - uninstall(); - } - - @Override - public void checkSystemClipboardAccess() { - uninstall(); - } - - @Override - public boolean checkTopLevelWindow(Object window) { - uninstall(); - return true; - } - - @Override - public void checkWrite(FileDescriptor fd) { - uninstall(); - } - - @Override - public void checkWrite(String file) { - uninstall(); - } - - private final AtomicBoolean uninstalling = new AtomicBoolean(); - - private void uninstall() { - if (uninstalling.compareAndSet(false, true)) { - System.setSecurityManager(null); - } - } -} diff --git a/platform/o.n.bootstrap/src/org/netbeans/MainImpl.java b/platform/o.n.bootstrap/src/org/netbeans/MainImpl.java index 2dc5ba137bc2..8d4b0afd45e9 100644 --- a/platform/o.n.bootstrap/src/org/netbeans/MainImpl.java +++ b/platform/o.n.bootstrap/src/org/netbeans/MainImpl.java @@ -246,7 +246,7 @@ public static void finishInitialization() { if (r == Integer.MIN_VALUE) { r = 0; } - TopSecurityManager.exit(r); + NbExit.exit(r); } } diff --git a/platform/o.n.bootstrap/src/org/netbeans/ModuleManager.java b/platform/o.n.bootstrap/src/org/netbeans/ModuleManager.java index 76eac2962833..615b59c6069e 100644 --- a/platform/o.n.bootstrap/src/org/netbeans/ModuleManager.java +++ b/platform/o.n.bootstrap/src/org/netbeans/ModuleManager.java @@ -744,7 +744,7 @@ protected synchronized Class loadClass(String name, boolean resolve) throws C ProxyClassLoader priviledged = null; NetigsoLoader osgi = null; if (!name.startsWith("java.")) { // NOI18N - Class[] stack = TopSecurityManager.getStack(); + List> stack = Util.getStack(); for (Class c: stack) { ClassLoader l = c.getClassLoader(); if (l == this) { @@ -2407,7 +2407,7 @@ public Future shutDownAsync(Runnable midHook) { Util.err.warning("Cyclic module dependencies, will not shut down cleanly: " + deps); // NOI18N return new TaskFuture(true, Task.EMPTY); } - if (!TopSecurityManager.officialExit && !installer.closing(sortedModules)) { + if (!NbExit.isExiting() && !installer.closing(sortedModules)) { return new TaskFuture(false, Task.EMPTY); } if (midHook != null) { diff --git a/platform/o.n.bootstrap/src/org/netbeans/NbExit.java b/platform/o.n.bootstrap/src/org/netbeans/NbExit.java new file mode 100644 index 000000000000..45eb0793869a --- /dev/null +++ b/platform/o.n.bootstrap/src/org/netbeans/NbExit.java @@ -0,0 +1,45 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.netbeans; + +import java.util.concurrent.atomic.AtomicBoolean; + +public class NbExit { + + private static final AtomicBoolean officialExit = new AtomicBoolean(false); + + /** + * Calls {@link System#exit(int)} exactly once and won't block when called + * from another thread (e.g shutdown hook) again. + */ + public static void exit(int status) { + if (officialExit.get()) { + return; // already inside a shutdown hook + } + if (officialExit.compareAndSet(false, true)) { + System.exit(status); + } + } + + public static boolean isExiting() { + return officialExit.get(); + } + +} diff --git a/platform/o.n.bootstrap/src/org/netbeans/NetigsoHandle.java b/platform/o.n.bootstrap/src/org/netbeans/NetigsoHandle.java index 3c050822730d..ed989b1900bb 100644 --- a/platform/o.n.bootstrap/src/org/netbeans/NetigsoHandle.java +++ b/platform/o.n.bootstrap/src/org/netbeans/NetigsoHandle.java @@ -198,14 +198,14 @@ final ClassLoader findFallbackLoader() { ClassLoader frameworkLoader = f.findFrameworkClassLoader(); - Class[] stack = TopSecurityManager.getStack(); - for (int i = 0; i < stack.length; i++) { - ClassLoader sl = stack[i].getClassLoader(); + List> stack = Util.getStack(); + for (Class frame : stack) { + ClassLoader sl = frame.getClassLoader(); if (sl == null) { continue; } if (sl.getClass().getClassLoader() == frameworkLoader) { - return stack[i].getClassLoader(); + return frame.getClassLoader(); } } return null; diff --git a/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java b/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java deleted file mode 100644 index babb04da60ef..000000000000 --- a/platform/o.n.bootstrap/src/org/netbeans/TopSecurityManager.java +++ /dev/null @@ -1,813 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.netbeans; - -import java.awt.AWTPermission; -import java.io.FileDescriptor; -import java.lang.reflect.Field; -import java.lang.reflect.Method; -import java.net.InetAddress; -import java.net.URL; -import java.net.UnknownHostException; -import java.security.AccessControlContext; -import java.security.AccessController; -import java.security.AllPermission; -import java.security.CodeSource; -import java.security.Permission; -import java.security.PrivilegedActionException; -import java.security.PrivilegedExceptionAction; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.Iterator; -import java.util.List; -import java.util.Set; -import java.util.logging.Level; -import java.util.logging.Logger; -import java.util.logging.LoggingPermission; -import org.openide.util.Lookup; -import org.openide.util.WeakSet; - -/** NetBeans security manager implementation. -* @author Ales Novak, Jesse Glick -*/ -public class TopSecurityManager extends SecurityManager { - private static final boolean check = !Boolean.getBoolean("netbeans.security.nocheck"); // NOI18N - private static final Logger LOG = Logger.getLogger(TopSecurityManager.class.getName()); - - private Permission allPermission; - - /* JVMPI sometimes deadlocks sync getForeignClassLoader - and Class.forName - */ - private static final Class classLoaderClass = ClassLoader.class; - private static final Class URLClass = URL.class; - private static final Class runtimePermissionClass = RuntimePermission.class; - private static final Class accessControllerClass = AccessController.class; - private static final Class awtPermissionClass = AWTPermission.class; - private static SecurityManager fsSecManager; - - private static final List delegates = new ArrayList(); - /** Register a delegate security manager that can handle some checks for us. - * Currently only checkExit and checkTopLevelWindow are supported. - * @param sm the delegate to register - * @throws SecurityException without RuntimePermission "TopSecurityManager.register" - */ - public static void register(SecurityManager sm) throws SecurityException { -/* if (check) { - try { - AccessController.checkPermission(new RuntimePermission("TopSecurityManager.register")); // NOI18N - } catch (SecurityException se) { - // Something is probably wrong; debug it better. - ProtectionDomain pd = sm.getClass().getProtectionDomain(); - CodeSource cs = pd.getCodeSource(); - System.err.println("Code source of attempted secman: " + (cs != null ? cs.getLocation().toExternalForm() : "")); // NOI18N - System.err.println("Its permissions: " + pd); // NOI18N - throw se; - } - } -*/ - synchronized (delegates) { - if (delegates.contains(sm)) throw new SecurityException(); - delegates.add(sm); - if (fsSecManager == null) { - for (Lookup.Item item : Lookup.getDefault().lookupResult(SecurityManager.class).allItems()) { - if (item != null && "org.netbeans.modules.masterfs.filebasedfs.utils.FileChangedManager".equals(item.getId())) {//NOI18N - fsSecManager = item.getInstance(); - break; - } - } - assert fsSecManager != null; - } - } - } - /** Unregister a delegate security manager. - * @param sm the delegate to unregister - * @throws SecurityException without RuntimePermission "TopSecurityManager.unregister" - */ - public static void unregister(SecurityManager sm) throws SecurityException { -/* if (check) { - AccessController.checkPermission(new RuntimePermission("TopSecurityManager.unregister")); // NOI18N - } -*/ - synchronized (delegates) { - if (!delegates.contains(sm)) throw new SecurityException(); - delegates.remove(sm); - } - } - - /** - * constructs new TopSecurityManager - */ - public TopSecurityManager () { - allPermission = new AllPermission(); - } - - public @Override void checkExit(int status) throws SecurityException { - if (! check) { - return; - } - - synchronized (delegates) { - Iterator it = delegates.iterator(); - while (it.hasNext()) { - it.next().checkExit(status); - } - } - - PrivilegedCheck.checkExit(status, this); - } - - SecurityManager getSecurityManager() { - if (fsSecManager == null) { - synchronized (delegates) { - return fsSecManager; - } - } - return fsSecManager; - } - - private void notifyDelete(String file) { - SecurityManager s = getSecurityManager(); - if (s != null) { - s.checkDelete(file); - } - } - - private void notifyRead(String file) { - SecurityManager s = getSecurityManager(); - if (s != null) { - s.checkRead(file); - } - } - - private void notifyWrite(String file) { - SecurityManager s = getSecurityManager(); - if (s != null) { - s.checkWrite(file); - } - } - - static boolean officialExit = false; - static Class[] getStack() { - SecurityManager s = System.getSecurityManager(); - TopSecurityManager t; - if (s instanceof TopSecurityManager) { - t = (TopSecurityManager)s; - } else { - t = new TopSecurityManager(); - } - return t.getClassContext(); - } - - /** Can be called from core classes to exit the system. - * Direct calls to System.exit will not be honored, for safety. - * @param status the status code to exit with - * @see "#20751" - */ - public static void exit(int status) { - if (officialExit) { - return; // already inside a shutdown hook - } - officialExit = true; - System.exit(status); - } - - final void checkExitImpl(int status, AccessControlContext acc) throws SecurityException { - if (!officialExit) { - throw new ExitSecurityException("Illegal attempt to exit early"); // NOI18N - } - - super.checkExit(status); - } - - @SuppressWarnings("deprecation") - public boolean checkTopLevelWindow(Object window) { - return checkTopLevelWindow(new AWTPermission("showWindowWithoutWarningBanner"), window); // NOI18N - } - - private boolean checkTopLevelWindow(Permission windowPermission, Object window) { - synchronized (delegates) { - for (SecurityManager sm : delegates) { - sm.checkPermission(windowPermission, window); - } - } - return true; - } - - /* XXX probably unnecessary: - // Hack against permissions of Launcher$AppLoader. - public void checkPackageAccess(String pckg) { - if (pckg == null) return; - if (pckg.startsWith("sun.")) { // NOI18N - if (inClazz("sun.misc.Launcher") || inClazz("java.lang.Class")) { // NOI18N - return; - } - } - super.checkPackageAccess(pckg); - } - - private boolean inClazz(String s) { - Class[] classes = getClassContext(); - int i = 0; - for (; (i < classes.length) && (classes[i] == TopSecurityManager.class); i++); - if (i == classes.length) { - return false; - } - return classes[i].getName().startsWith(s); - } - */ - - /** Performance - all props accessible */ - public @Override final void checkPropertyAccess(String x) { - if ("netbeans.debug.exceptions".equals(x)) { // NOI18N - // Get rid of this old system property. - for (Class c : getClassContext()) { - if (c != TopSecurityManager.class && - c != System.class && - c != Boolean.class) { - String n = c.getName(); - synchronized (warnedClassesNDE) { - if (warnedClassesNDE.add(n)) { - LOG.log(Level.WARNING, "use of system property netbeans.debug.exceptions has been obsoleted in favor of java.util.logging.Logger at {0}", findCallStackLine(n)); - } - } - break; - } - } - } - if ("netbeans.home".equals(x) || "netbeans.user".equals(x)) { // NOI18N - // Control access to this system property. - for (Class c : getClassContext()) { - if (c != TopSecurityManager.class && - c != System.class && - c != Boolean.class) { - String n = c.getName(); - boolean log; - synchronized (warnedClassesNH) { - log = warnedClassesNH.add(n); - } - if (log) { - LOG.log(Level.WARNING, "use of system property {0} has been obsoleted in favor of InstalledFileLocator/Places at {1}", new Object[] {x, findCallStackLine(n)}); - } - break; - } - } - } - } - private static String findCallStackLine(String callerClazz) { - for (StackTraceElement line : Thread.currentThread().getStackTrace()) { - if (line.getClassName().equals(callerClazz)) { - return line.toString(); - } - } - return callerClazz; - } - private final Set warnedClassesNDE = new HashSet(25); - private static final Set warnedClassesNH = new HashSet(25); - static { - // XXX cleaner would be to use @SuppressWarnings, but that has Retention(SOURCE), and not all these can use org.netbeans.api.annotations.common - warnedClassesNH.add("org.openide.modules.Places"); - warnedClassesNH.add("org.netbeans.MainImpl"); // NOI18N - warnedClassesNH.add("org.netbeans.MainImpl$BootClassLoader"); - warnedClassesNH.add("org.netbeans.CLIHandler"); - warnedClassesNH.add("org.netbeans.Stamps"); // NOI18N - warnedClassesNH.add("org.netbeans.Clusters"); // NOI18N - warnedClassesNH.add("org.netbeans.core.startup.InstalledFileLocatorImpl"); // NOI18N - warnedClassesNH.add("org.netbeans.core.startup.CLIOptions"); - warnedClassesNH.add("org.netbeans.core.startup.preferences.RelPaths"); - warnedClassesNH.add("org.netbeans.core.startup.layers.BinaryFS"); - warnedClassesNH.add("org.netbeans.modules.netbinox.NetbinoxFactory"); - warnedClassesNH.add("org.netbeans.updater.UpdateTracking"); // NOI18N - warnedClassesNH.add("org.netbeans.core.ui.ProductInformationPanel"); // #47429; NOI18N - warnedClassesNH.add("org.netbeans.lib.uihandler.LogFormatter"); - warnedClassesNH.add("org.netbeans.modules.project.libraries.LibrariesStorage"); - warnedClassesNH.add("org.netbeans.modules.j2ee.sun.ide.j2ee.PluginProperties"); // AS bundle is not in any cluster - warnedClassesNH.add("org.netbeans.modules.apisupport.project.universe.NbPlatform"); // defaultPlatformLocation - } - - /* ----------------- private methods ------------- */ - - /** - * The method is empty. This is not "secure", but on the other hand, - * it reduces performance penalty of startup about 10% - */ - public @Override void checkRead(String file) { - notifyRead(file); - } - - public @Override void checkRead(FileDescriptor fd) { - } - - - public @Override void checkWrite(FileDescriptor fd) { - } - - /** The method has awful performance in super class */ - public @Override void checkDelete(String file) { - notifyDelete(file); - try { - checkPermission(allPermission); - return; - } catch (SecurityException e) { - super.checkDelete(file); - } - } - - /** The method has awful performance in super class */ - public @Override void checkWrite(String file) { - notifyWrite(file); - try { - checkPermission(allPermission); - return; - } catch (SecurityException e) { - super.checkWrite(file); - } - } - - /** Checks connect */ - public @Override void checkConnect(String host, int port) { - if (! check) { - return; - } - - try { - checkPermission(allPermission); - return; - } catch (SecurityException e) { - } - - try { - super.checkConnect(host, port); - return; - } catch (SecurityException e) { - } - - PrivilegedCheck.checkConnect(host, port, this); - } - - final void checkConnectImpl(String host, int port) { - Class insecure = getInsecureClass(); - if (insecure != null) { - URL ctx = getClassURL(insecure); - if (ctx != null) { - try { - String fromHost = ctx.getHost(); - InetAddress ia2 = InetAddress.getByName(host); - InetAddress ia3 = InetAddress.getByName(fromHost); - if (ia2.equals(ia3)) { - return; - } - } catch (UnknownHostException e) { // ignore - e.printStackTrace(); - } - } - throw new SecurityException(); - } - } - - public @Override void checkConnect(String s, int port, Object context) { - checkConnect(s, port); - } - - private final Set> warnedSunMisc = new WeakSet<>(); - private final Set callerWhiteList = createCallerWhiteList(); - @SuppressWarnings("deprecation") - public void checkMemberAccess(Class clazz, int which) { - final String n = clazz.getName(); - if (n.startsWith("sun.misc")) { // NOI18N - Class caller = null; - Class[] arr = getClassContext(); - for (int i = 0; i < arr.length; i++) { - if (arr[i] == TopSecurityManager.class) { - continue; - } - if (arr[i] != Class.class) { - caller = arr[i]; - break; - } - } - StringBuilder msg = new StringBuilder(); - msg.append("Dangerous reflection access to ").append(n).append(" by ").append(caller).append(" detected!"); - if (caller != null && caller.getProtectionDomain() != null) { - CodeSource cs = caller.getProtectionDomain().getCodeSource(); - msg.append("\ncode location: ").append(cs == null ? "null" : cs.getLocation()); - } - if (caller != null && isDangerous(caller.getName(), n)) { - throw new SecurityException(msg.toString()); - } - Level l; - if (caller != null && callerWhiteList.contains(caller.getName())) { - l = Level.FINEST; - } else { - l = Level.FINE; - assert (l = Level.INFO) != null; - } - if (!warnedSunMisc.add(caller)) { - LOG.log(l, msg.toString()); - return; - } - Exception ex = new Exception(msg.toString()); // NOI18N - LOG.log(l, null, ex); - } - } - - /** - * Create list of safe callers for {@link #checkMemberAccess(Class, int)}. - */ - private static Set createCallerWhiteList() { - Set wl = new HashSet(); - wl.add("org.netbeans.core.output2.FileMapStorage"); //NOI18N - wl.add("com.sun.tools.javac.util.CloseableURLClassLoader"); //NOI18N - wl.add("java.lang.Thread$1"); //NOI18N - wl.add("org.clank.support.NativeMemory"); //NOI18N - wl.add("org.apache.lucene.store.MMapDirectory$1"); //NOI18N - wl.add("org.apache.lucene.util.Constants"); //#217037 - wl.add("org.apache.lucene.util.RamUsageEstimator");//#217037 - wl.add("com.google.gson.internal.UnsafeAllocator"); //#219464 //NOI18N - wl.add("org.netbeans.modules.web.jspparser_ext.WebAppParseSupport$ParserClassLoader"); //#218690 // NOI18N - return wl; - } - private static boolean isDangerous(String caller, String accessTo) { - if ("com.sun.istack.tools.ProtectedTask".equals(caller)) { // NOI18N - if ("sun.misc.ClassLoaderUtil".equals(accessTo)) { // NOI18N - // calling ClassLoaderUtil is allowed - return false; - } - return true; - } - return false; - } - - public @Override void checkPermission(Permission perm) { -// assert checkLogger(perm); //#178013 & JDK bug 1694855 - checkSetSecurityManager(perm); - - // - // part of makeSwingUseSpecialClipboard that makes it work on - // JDK 1.5 - // - if (awtPermissionClass.isInstance(perm)) { - if ("accessClipboard".equals (perm.getName ())) { // NOI18N - ThreadLocal t; - synchronized (TopSecurityManager.class) { - t = CLIPBOARD_FORBIDDEN; - } - if (t == null) { - return; - } - - if (t.get () != null) { - t.set (this); - throw new SecurityException (); - } else { - checkWhetherAccessedFromSwingTransfer (); - } - } - if ("showWindowWithoutWarningBanner".equals(perm.getName())) { // NOI18N - checkTopLevelWindow(perm, null); - } - } - return; - } - - public @Override void checkPermission(Permission perm, Object context) { -// assert checkLogger(perm); //#178013 & JDK bug 1694855 - checkSetSecurityManager(perm); - return; - } - - private boolean checkLogger(Permission perm) { - //Do not allow foreign code to replace NetBeans logger with its own - //(particularly java.util.logging.FileLogger, which will deadlock) - //see http://netbeans.org/bugzilla/show_bug.cgi?id=178013 - if (LoggingPermission.class.isInstance(perm)) { - //This code will run every time a logger is created; if this - //proves too performance-degrading, replace the assertion test - //with a system property so that mysterious logger-related deadlocks - //can still be done, but leave it off by default - Throwable t = new Exception().fillInStackTrace(); - for (StackTraceElement e : t.getStackTrace()) { - //Currently no other reliable way to determine that the call - //is to reset the logging infrastructure, not just create - //a logger - see JDK bug 1694855 - if ("java.util.logging.LogManager".equals(e.getClassName()) && "reset".equals(e.getMethodName())) { //NOI18N - SecurityException se = new SecurityException("Illegal attempt to reset system logger"); //NOI18N - throw se; - } - if ("java.util.logging.LogManager".equals(e.getClassName()) && "readConfiguration".equals(e.getMethodName())) { //NOI18N - SecurityException se = new SecurityException("Illegal attempt to replace system logger configuration"); //NOI18N - throw se; - } - } - } - return true; - } - - public static void install() { - try { - System.setSecurityManager(new TopSecurityManager()); - } catch (SecurityException ex) { - LOG.log(Level.WARNING, "Cannot associated own security manager"); // NOI18N - LOG.log(Level.INFO, "Cannot associated own security manager", ex); // NOI18N - } - } - static void uninstall() { - System.setSecurityManager(null); - } - - /** Prohibits to set another SecurityManager */ - private void checkSetSecurityManager(Permission perm) { - if (runtimePermissionClass.isInstance(perm)) { - if (perm.getName().equals("setSecurityManager")) { // NOI18N - hardcoded in java.lang - if (!check) { - return; - } - Class[] arr = getClassContext(); - boolean seenJava = false; - for (int i = 0; i < arr.length; i++) { - if (arr[i].getName().equals("org.netbeans.TopSecurityManager")) { // NOI18N - if (seenJava) { - // if the change of security manager is called from my own - // class or the class loaded by other classloader, then it is likely ok - return; - } else { - continue; - } - } - if (arr[i] != System.class) { - // if there is a non-java class on stack, skip and throw exception - break; - } - seenJava = true; - } - throw new SecurityException(); - } - } - } - -// -// public void checkMemberAccess(Class clazz, int which) { -// if ((which == java.lang.reflect.Member.PUBLIC) || -// javax.swing.text.JTextComponent.class.isAssignableFrom(clazz)) { -// return; -// } else { -// super.checkMemberAccess(clazz, which); -// } -// } -// - private Class getInsecureClass() { - - Class[] ctx = getClassContext(); - boolean firstACClass = false; - -LOOP: for (int i = 0; i < ctx.length; i++) { - - if (ctx[i] == accessControllerClass) { - // privileged action is on the stack before an untrusted class loader - // #3950 - if (firstACClass) { - return null; - } else { - firstACClass = true; - continue LOOP; - } - } else if (ctx[i].getClassLoader() != null) { - - if (isSecureClass(ctx[i])) { - if (classLoaderClass.isAssignableFrom(ctx[i])) { - return null; - } else { - // OK process next one - continue LOOP; - } - } - - return ctx[i]; - } else if (classLoaderClass.isAssignableFrom(ctx[i])) { // cloader == null - return null; // foreign classloader wants to do work... - } - } - - return null; - } - - /** Checks if the class is loaded through the nbfs URL */ - static boolean isSecureClass(final Class clazz) { - URL source = getClassURL(clazz); - if (source != null) { - return isSecureProtocol(source.getProtocol()); - } else { - return true; - } - } - - /** @return a protocol through which was the class loaded (file://...) or null - */ - static URL getClassURL(Class clazz) { - java.security.CodeSource cs = clazz.getProtectionDomain().getCodeSource(); - if (cs != null) { - URL url = cs.getLocation(); - return url; - } else { // PROXY CLASS? - return null; - } - } - - static Field getUrlField(Class clazz) { - if (urlField == null) { - try { - Field[] fds = clazz.getDeclaredFields(); - for (int i = 0; i < fds.length; i++) { - if (fds[i].getType() == URLClass) { - fds[i].setAccessible(true); - urlField = fds[i]; - break; - } - } - } catch (Exception e) { - e.printStackTrace(); - } - } - return urlField; - } - - private static Field urlField; - - /** @return Boolean.TRUE iff the string is a safe protocol (file, nbfs, ...) */ - static boolean isSecureProtocol(String protocol) { - if (protocol.equals("http") || // NOI18N - protocol.equals("ftp") || // NOI18N - protocol.equals("rmi")) { // NOI18N - return false; - } else { - return true; - } - } - - // Workaround for bug - // - // http://developer.java.sun.com/developer/bugParade/bugs/4818143.html - // - // sun.awt.datatransfer.ClipboardTransferable.getClipboardData() can hang - // for very long time (maxlong == eternity). We tries to avoid the hang by - // access the system clipboard from a separate thread. If the hang happens - // the thread will wait for the system clipboard forever but not the whole - // IDE. See also NbClipboard - - private static ThreadLocal CLIPBOARD_FORBIDDEN; - - /** Convinces Swing components that they should use special clipboard - * and not Toolkit.getSystemClipboard. - * - * @param clip clipboard to use - */ - public static void makeSwingUseSpecialClipboard (java.awt.datatransfer.Clipboard clip) { - try { - synchronized (TopSecurityManager.class) { - if (! (System.getSecurityManager() instanceof TopSecurityManager)) { - LOG.warning("Our manager has to be active: " + System.getSecurityManager()); - return; - } // NOI18N - if (CLIPBOARD_FORBIDDEN != null) { - return; - } - CLIPBOARD_FORBIDDEN = new ThreadLocal(); - CLIPBOARD_FORBIDDEN.set (clip); - } - - javax.swing.JComponent source = new javax.swing.JPanel (); - javax.swing.TransferHandler.getPasteAction ().actionPerformed ( - new java.awt.event.ActionEvent (source, 0, "") - ); - javax.swing.TransferHandler.getCopyAction ().actionPerformed ( - new java.awt.event.ActionEvent (source, 0, "") - ); - javax.swing.TransferHandler.getCutAction ().actionPerformed ( - new java.awt.event.ActionEvent (source, 0, "") - ); - Object forb = CLIPBOARD_FORBIDDEN.get (); - CLIPBOARD_FORBIDDEN.set(null); - if (! (forb instanceof TopSecurityManager) ) { - System.err.println("Cannot install our clipboard to swing components, TopSecurityManager is not the security manager: " + forb); // NOI18N - return; - } - - Class appContextClass = ClassLoader.getSystemClassLoader().loadClass("sun.awt.AppContext"); // NOI18N - Method getAppContext = appContextClass.getMethod ("getAppContext"); // NOI18N - Object appContext = getAppContext.invoke (null, new Object[0]); - - Class actionClass = javax.swing.TransferHandler.getCopyAction ().getClass (); - java.lang.reflect.Field sandboxKeyField = actionClass.getDeclaredField ("SandboxClipboardKey"); // NOI18N - sandboxKeyField.setAccessible (true); - Object value = sandboxKeyField.get (null); - - Method put = appContextClass.getMethod ("put", Object.class, Object.class); // NOI18N - put.invoke (appContext, new Object[] { value, clip }); - } catch (ThreadDeath ex) { - throw ex; - } catch (Throwable t) { - t.printStackTrace(); - } finally { - if (CLIPBOARD_FORBIDDEN != null) { - CLIPBOARD_FORBIDDEN.set (null); - } - } - } - - /** Throws exception if accessed from javax.swing.TransferHandler class - */ - private void checkWhetherAccessedFromSwingTransfer () throws SecurityException { - boolean throwExc = false; - for (Class c : getClassContext()) { - if (c.getName().equals("org.netbeans.editor.BaseCaret")) { // NOI18N - return; - } - if (c.getName().equals("javax.swing.TransferHandler$TransferAction")) { // NOI18N - throwExc = true; - } - } - if (throwExc) { - throw new SecurityException("All swing access to clipboard should be redirected to ExClipboard"); // NOI18N - } - } - - - private static final class PrivilegedCheck implements PrivilegedExceptionAction { - int action; - TopSecurityManager tsm; - - // exit - int status; - AccessControlContext acc; - - // connect - String host; - int port; - - - public PrivilegedCheck(int action, TopSecurityManager tsm) { - this.action = action; - this.tsm = tsm; - - if (action == 0) { - acc = AccessController.getContext(); - } - } - - public Object run() throws Exception { - switch (action) { - case 0 : - tsm.checkExitImpl(status, acc); - break; - case 1 : - tsm.checkConnectImpl(host, port); - break; - default : - } - return null; - } - - static void checkExit(int status, TopSecurityManager tsm) { - PrivilegedCheck pea = new PrivilegedCheck(0, tsm); - pea.status = status; - check(pea); - } - - static void checkConnect(String host, int port, TopSecurityManager tsm) { - PrivilegedCheck pea = new PrivilegedCheck(1, tsm); - pea.host = host; - pea.port = port; - check(pea); - } - - private static void check(PrivilegedCheck action) { - try { - AccessController.doPrivileged(action); - } catch (PrivilegedActionException e) { - Exception orig = e.getException(); - if (orig instanceof RuntimeException) { - throw ((RuntimeException) orig); - } - orig.printStackTrace(); - } - } - } - -} diff --git a/platform/o.n.bootstrap/src/org/netbeans/Util.java b/platform/o.n.bootstrap/src/org/netbeans/Util.java index 787f8d17c1c4..5f928c19ccf5 100644 --- a/platform/o.n.bootstrap/src/org/netbeans/Util.java +++ b/platform/o.n.bootstrap/src/org/netbeans/Util.java @@ -25,6 +25,8 @@ import java.util.ArrayList; import java.util.logging.Level; import java.util.logging.Logger; +import java.util.stream.Collectors; +import java.util.stream.Stream; import org.openide.util.*; import org.openide.modules.*; @@ -219,6 +221,12 @@ public static boolean checkPackageDependency(Dependency dep, ClassLoader cl) thr } } + static List> getStack() { + return StackWalker.getInstance(StackWalker.Option.RETAIN_CLASS_REFERENCE).walk( + stream -> stream.map(frame -> frame.getDeclaringClass()) + .collect(Collectors.toList())); + } + /** * Interface for a classloader to declare that it comes from a module. * @since 2.1 diff --git a/platform/o.n.bootstrap/test/unit/src/org/netbeans/NbClipboardIsUsedByAlreadyInitializedComponentsTest.java b/platform/o.n.bootstrap/test/unit/src/org/netbeans/NbClipboardIsUsedByAlreadyInitializedComponentsTest.java deleted file mode 100644 index bdfcb0a0e478..000000000000 --- a/platform/o.n.bootstrap/test/unit/src/org/netbeans/NbClipboardIsUsedByAlreadyInitializedComponentsTest.java +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.netbeans; - -import java.awt.GraphicsEnvironment; -import javax.swing.TransferHandler; -import junit.framework.Test; -import junit.framework.TestSuite; - -/** Test that verifies that Clipboard is used by swing components. - * @author Jaroslav Tulach - * @see "#40693" - */ -public class NbClipboardIsUsedByAlreadyInitializedComponentsTest extends NbClipboardIsUsedBySwingComponentsTest { - - public static Test suite() { - return GraphicsEnvironment.isHeadless() ? new TestSuite() : new TestSuite(NbClipboardIsUsedByAlreadyInitializedComponentsTest.class); - } - - private javax.swing.JTextField field; - - public NbClipboardIsUsedByAlreadyInitializedComponentsTest (String name) { - super(name); - } - - protected void inMiddleOfSettingUpTheManager() { - assertNotNull("There is a manager already", System.getSecurityManager()); - // do some strange tricks to initialize the system - field = new javax.swing.JTextField (); - TransferHandler.getCopyAction(); - TransferHandler.getCutAction(); - TransferHandler.getPasteAction(); - } - - /** overrides to return field that exists since begining and was not instantiated - * after SecurityManager hack is started */ - protected javax.swing.JTextField getField () { - return field; - } - -} diff --git a/platform/o.n.bootstrap/test/unit/src/org/netbeans/NbClipboardIsUsedBySwingComponentsTest.java b/platform/o.n.bootstrap/test/unit/src/org/netbeans/NbClipboardIsUsedBySwingComponentsTest.java deleted file mode 100644 index c0a1256960c5..000000000000 --- a/platform/o.n.bootstrap/test/unit/src/org/netbeans/NbClipboardIsUsedBySwingComponentsTest.java +++ /dev/null @@ -1,191 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.netbeans; - -import java.awt.GraphicsEnvironment; -import java.awt.datatransfer.ClipboardOwner; -import java.awt.datatransfer.StringSelection; -import java.awt.datatransfer.Transferable; -import junit.framework.Test; -import junit.framework.TestSuite; -import org.netbeans.junit.MockServices; -import org.netbeans.junit.NbTestCase; -import org.openide.util.Lookup; -import org.openide.util.datatransfer.ExClipboard; - -/** Test that verifies that Clipboard is used by swing components. - * @author Jaroslav Tulach - * @see "#40693" - */ -public class NbClipboardIsUsedBySwingComponentsTest extends NbTestCase { - - public static Test suite() { - return GraphicsEnvironment.isHeadless() ? new TestSuite() : new TestSuite(NbClipboardIsUsedBySwingComponentsTest.class); - } - - private Clip clip; - private javax.swing.JTextField field; - - public NbClipboardIsUsedBySwingComponentsTest (String name) { - super(name); - } - - protected void setUp() throws Exception { - MockServices.setServices(Clip.class); - System.setProperty ("netbeans.security.nocheck", "true"); - Object clip = Lookup.getDefault ().lookup (ExClipboard.class); - assertNotNull ("Some clipboard found", clip); - assertEquals ("Correct clipboard found", Clip.class, clip.getClass()); - this.clip = (Clip)clip; - - if (System.getSecurityManager () == null) { - java.text.NumberFormat.getInstance (); - - Object clazz = org.netbeans.TopSecurityManager.class; - SecurityManager m = new org.netbeans.TopSecurityManager (); - System.setSecurityManager (m); - - inMiddleOfSettingUpTheManager(); - - org.netbeans.TopSecurityManager.makeSwingUseSpecialClipboard (this.clip); - } else { - inMiddleOfSettingUpTheManager(); - } - - field = new javax.swing.JTextField (); - } - protected boolean runInEQ () { - return true; - } - - protected javax.swing.JTextField getField () { - return field; - } - - - public void testClipboardOurClipboardUsedDuringCopy () { - javax.swing.JTextField f = getField (); - f.setText ("Ahoj"); - f.selectAll (); - assertEquals ("Ahoj", f.getSelectedText ()); - f.copy (); - - Clip.assertCalls ("Copy should call setContent", 1, 0); - assertClipboard ("Ahoj"); - } - - public void testClipboardOurClipboardUsedDuringCut () { - javax.swing.JTextField f = getField (); - f.setText ("DoCut"); - f.selectAll (); - assertEquals ("DoCut", f.getSelectedText ()); - f.cut (); - - Clip.assertCalls ("Cut should call setContent", 1, 0); - assertClipboard ("DoCut"); - - assertEquals ("Empty", "", f.getText ()); - } - - public void testClipboardOurClipboardUsedDuringPaste () { - javax.swing.JTextField f = getField (); - - StringSelection sel = new StringSelection ("DoPaste"); - clip.setContents (sel, sel); - Clip.assertCalls ("Of course there is one set", 1, 0); - - assertClipboard ("DoPaste"); - f.paste (); - - Clip.assertCalls ("Paste should call getContent", 0, 1); - assertEquals ("Text is there", "DoPaste", f.getText ()); - } - - public void testCopyFromEditorPasteToTheSameOneIssue40785 () { - javax.swing.JTextField f = getField (); - f.setText (getName ()); - f.selectAll (); - assertEquals ("Selection is correct", getName (), f.getSelectedText ()); - f.copy (); - Clip.assertCalls ("Once in, none out", 1, 0); - f.setText (""); - f.paste (); - Clip.assertCalls ("Once out, none in", 0, 1); - - assertEquals ("Test is again the same", getName (), f.getText ()); - } - - public void testItIsStillPossibleToGetTheClipboardForNormalCode () throws Exception { - assertNotNull ( - java.awt.Toolkit.getDefaultToolkit ().getSystemClipboard () - ); - } - - public void assertClipboard (String text) { - try { - Transferable t = clip.getContentsSuper (this); - Object obj = t.getTransferData (java.awt.datatransfer.DataFlavor.stringFlavor); - assertEquals ("Clipboard is the same", text, obj); - } catch (java.io.IOException ex) { - fail (ex.getMessage ()); - } catch (java.awt.datatransfer.UnsupportedFlavorException ex) { - fail (ex.getMessage ()); - } - } - - protected void inMiddleOfSettingUpTheManager() { - } - - public static final class Clip extends ExClipboard { - private static int setContents; - private static int getContents; - - public Clip () { - super ("Clip"); - } - - protected ExClipboard.Convertor[] getConvertors () { - return new ExClipboard.Convertor[0]; - } - - public void setContents (Transferable contents, ClipboardOwner owner) { - super.setContents (contents, owner); - setContents++; - } - - public Transferable getContents (Object requestor) { - Transferable retValue; - getContents++; - retValue = super.getContents (requestor); - return retValue; - } - public Transferable getContentsSuper (Object requestor) { - return super.getContents (requestor); - } - - public static void assertCalls (String msg, int setContents, int getContents) { - if (setContents != -1) assertEquals (msg + " setContents", setContents, Clip.setContents); - if (getContents != -1) assertEquals (msg + " getContents", getContents, Clip.getContents); - - Clip.setContents = 0; - Clip.getContents = 0; - } - } // Clip -} diff --git a/platform/o.n.bootstrap/test/unit/src/org/netbeans/TopSecurityManagerReplaceTest.java b/platform/o.n.bootstrap/test/unit/src/org/netbeans/TopSecurityManagerReplaceTest.java deleted file mode 100644 index 2959c2507613..000000000000 --- a/platform/o.n.bootstrap/test/unit/src/org/netbeans/TopSecurityManagerReplaceTest.java +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.netbeans; - -import java.security.Permission; -import org.netbeans.junit.NbTestCase; - -/** - * - * @author Jaroslav Tulach - */ -public class TopSecurityManagerReplaceTest extends NbTestCase { - - public TopSecurityManagerReplaceTest(String name) { - super(name); - } - - @Override - protected void setUp() throws Exception { - System.setProperty("netbeans.security.nocheck", "true"); - assertNull("No manager yet", System.getSecurityManager()); - TopSecurityManager.install(); - assertTrue("Installed OK", System.getSecurityManager() instanceof TopSecurityManager); - } - - public void testReplaceSecurityManager() { - MySM sm = new MySM(); - System.setSecurityManager(sm); - assertEquals("Replaced OK", sm, System.getSecurityManager()); - } - - private static final class MySM extends SecurityManager { - @Override - public void checkPermission(Permission perm) { - } - } -} diff --git a/platform/o.n.bootstrap/test/unit/src/org/netbeans/TopSecurityManagerTest.java b/platform/o.n.bootstrap/test/unit/src/org/netbeans/TopSecurityManagerTest.java deleted file mode 100644 index 69073b133c41..000000000000 --- a/platform/o.n.bootstrap/test/unit/src/org/netbeans/TopSecurityManagerTest.java +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.netbeans; - -import junit.framework.TestCase; - -/** - * - * @author Jaroslav Tulach - */ -public class TopSecurityManagerTest extends TestCase { - - public TopSecurityManagerTest(String testName) { - super(testName); - System.err.println("TopSecurityManagerTest: " + testName); - } - - @Override - protected void tearDown() throws Exception { - super.tearDown(); - TopSecurityManager.uninstall(); - } - - - public void testCanInstallTwice() { - TopSecurityManager.install(); - TopSecurityManager.install(); - } - public void testSecondDirectCallFails() { - TopSecurityManager.install(); - try { - System.setSecurityManager(new SecMan()); - } catch (SecurityException ex) { - // ok - return; - } - fail("Associating own security manager when one is already installed shall not be allowed"); - } - - /* Reenable when assert checkLogger(perm) is added back: - public void testLoggerCannotBeReset() { - if (true) return; - boolean asserts = false; - assert asserts = true; - if (asserts) { - TopSecurityManager.install(); - SecurityException ex = null; - try { - LogManager.getLogManager().reset(); - } catch (SecurityException e) { - ex = e; - } - assertNotNull ("LogManager.reset() should throw a SecurityException", - ex); - } - } - - public void testLoggerCannotBeReconfigured() throws IOException { - if (true) return; - boolean asserts = false; - assert asserts = true; - if (asserts) { - TopSecurityManager.install(); - SecurityException ex = null; - try { - LogManager.getLogManager().readConfiguration(new ByteArrayInputStream(new byte[256])); - } catch (SecurityException e) { - ex = e; - } - assertNotNull ("LogManager.readConfiguration() should throw a SecurityException", - ex); - } - } - */ - - - private static final class SecMan extends SecurityManager { - } -} diff --git a/platform/o.n.core/src/org/netbeans/core/GuiRunLevel.java b/platform/o.n.core/src/org/netbeans/core/GuiRunLevel.java index 6cf9cf6c7f89..e19bb402103c 100644 --- a/platform/o.n.core/src/org/netbeans/core/GuiRunLevel.java +++ b/platform/o.n.core/src/org/netbeans/core/GuiRunLevel.java @@ -163,7 +163,7 @@ private static void endOfStartupMeasuring(Object o) { private static void maybeDie(Object o) { // finish starting if (System.getProperty("netbeans.kill") != null) { - org.netbeans.TopSecurityManager.exit(5); + org.netbeans.NbExit.exit(5); } // close IDE diff --git a/platform/o.n.core/src/org/netbeans/core/NbLifeExit.java b/platform/o.n.core/src/org/netbeans/core/NbLifeExit.java index 08f27e4f50f0..b741b5305c78 100644 --- a/platform/o.n.core/src/org/netbeans/core/NbLifeExit.java +++ b/platform/o.n.core/src/org/netbeans/core/NbLifeExit.java @@ -26,7 +26,7 @@ import java.util.logging.Level; import java.util.logging.Logger; import org.netbeans.CLIHandler; -import org.netbeans.TopSecurityManager; +import org.netbeans.NbExit; import org.netbeans.core.startup.CLIOptions; import org.netbeans.core.startup.Main; import org.netbeans.core.startup.layers.SessionManager; @@ -96,7 +96,7 @@ public void run() { final boolean doExit = !Boolean.getBoolean("netbeans.close.no.exit"); // NOI18N NbLifecycleManager.LOG.log(Level.FINE, "Calling exit: {0}", doExit); // NOI18N if (doExit) { - TopSecurityManager.exit(status); + NbExit.exit(status); } } finally { NbLifecycleManager.LOG.log(Level.FINE, "After exit!"); // NOI18N @@ -132,7 +132,7 @@ private void doStopInfra(int status) { if (Boolean.getBoolean("netbeans.close.when.invisible")) { // NOI18N // hook to permit perf testing of time to *apparently* shut down try { - TopSecurityManager.exit(status); + NbExit.exit(status); } finally { onExit.countDown(); } diff --git a/platform/o.n.core/src/org/netbeans/core/NbLifecycleManager.java b/platform/o.n.core/src/org/netbeans/core/NbLifecycleManager.java index c3b891d7aace..1f7463c75d6d 100644 --- a/platform/o.n.core/src/org/netbeans/core/NbLifecycleManager.java +++ b/platform/o.n.core/src/org/netbeans/core/NbLifecycleManager.java @@ -28,8 +28,6 @@ import java.util.concurrent.TimeUnit; import java.util.logging.Level; import java.util.logging.Logger; -import org.netbeans.TopSecurityManager; -import org.netbeans.core.startup.CLIOptions; import org.netbeans.core.startup.ModuleSystem; import org.openide.DialogDisplayer; import org.openide.LifecycleManager; @@ -37,10 +35,8 @@ import org.openide.awt.StatusDisplayer; import org.openide.cookies.SaveCookie; import org.openide.loaders.DataObject; -import org.openide.util.Lookup; import org.openide.util.Mutex; import org.openide.util.NbBundle; -import org.openide.util.datatransfer.ExClipboard; import org.openide.util.lookup.ServiceProvider; /** @@ -62,15 +58,6 @@ public static void advancePolicy() { if (policyAdvanced) { return; } - // ----------------------------------------------------------------------------------------------------- - // 8. Advance Policy - if (!Boolean.getBoolean("TopSecurityManager.disable")) { - // set security manager - TopSecurityManager.install(); - if (CLIOptions.isGui()) { - TopSecurityManager.makeSwingUseSpecialClipboard(Lookup.getDefault().lookup(ExClipboard.class)); - } - } policyAdvanced = true; } private volatile SecondaryLoop sndLoop;