# HG changeset patch # User coffeys # Date 1382736464 -3600 # Node ID 1e83971f6c9d8f647ffd76326c378b1b94354cb0 # Parent d90ab1e5f50ad0a96fa10bb288e5ebe1946acb16 8019979: Replace CheckPackageAccess test with better one from closed repo Reviewed-by: mullan, robilad diff -r d90ab1e5f50a -r 1e83971f6c9d test/java/lang/SecurityManager/CheckPackageAccess.java --- a/test/java/lang/SecurityManager/CheckPackageAccess.java Fri Oct 25 22:21:34 2013 +0100 +++ b/test/java/lang/SecurityManager/CheckPackageAccess.java Fri Oct 25 22:27:44 2013 +0100 @@ -22,32 +22,129 @@ */ /* - * @test - * @bug 7146431 8000450 - * @summary Test that internal packages cannot be accessed + * @test + * @bug 6741606 7146431 8000450 + * @summary Make sure all restricted packages listed in the package.access + * property in the java.security file are blocked + * @run main/othervm CheckPackageAccess */ +import java.security.Security; +import java.util.Collections; +import java.util.Arrays; +import java.util.ArrayList; +import java.util.List; +import java.util.StringTokenizer; + +/* + * The main benefit of this test is to catch merge errors or other types + * of issues where one or more of the packages are accidentally + * removed. This is why the packages that are known to be restricted have to + * be explicitly listed below. + */ public class CheckPackageAccess { + /* + * This array should be updated whenever new packages are added to the + * package.access property in the java.security file + */ + private static final String[] packages = { + "sun.", + "com.sun.corba.se.impl.", + "com.sun.xml.internal.", + "com.sun.imageio.", + "com.sun.istack.internal.", + "com.sun.jmx.", + "com.sun.proxy.", + "com.sun.script.", + "com.sun.org.apache.bcel.internal.", + "com.sun.org.apache.regexp.internal.", + "com.sun.org.apache.xerces.internal.", + "com.sun.org.apache.xpath.internal.", + "com.sun.org.apache.xalan.internal.extensions.", + "com.sun.org.apache.xalan.internal.lib.", + "com.sun.org.apache.xalan.internal.res.", + "com.sun.org.apache.xalan.internal.templates.", + "com.sun.org.apache.xalan.internal.utils.", + "com.sun.org.apache.xalan.internal.xslt.", + "com.sun.org.apache.xalan.internal.xsltc.cmdline.", + "com.sun.org.apache.xalan.internal.xsltc.compiler.", + "com.sun.org.apache.xalan.internal.xsltc.trax.", + "com.sun.org.apache.xalan.internal.xsltc.util.", + "com.sun.org.apache.xml.internal.res.", + "com.sun.org.apache.xml.internal.security.", + "com.sun.org.apache.xml.internal.serializer.utils.", + "com.sun.org.apache.xml.internal.utils.", + "com.sun.org.glassfish.", + "oracle.jrockit.jfr.", + "org.jcp.xml.dsig.internal.", + }; + public static void main(String[] args) throws Exception { + List pkgs = new ArrayList<>(Arrays.asList(packages)); + String osName = System.getProperty("os.name"); + if (osName.contains("OS X")) { + pkgs.add("apple."); // add apple package for OS X + } else if (osName.startsWith("Windows")) { + pkgs.add("com.sun.java.accessibility."); + } - String[] pkgs = new String[] { - "com.sun.corba.se.impl.", - "com.sun.org.apache.xerces.internal.utils.", - "com.sun.org.apache.xalan.internal.utils.", - "com.sun.script." }; - SecurityManager sm = new SecurityManager(); - System.setSecurityManager(sm); - for (String pkg : pkgs) { - System.out.println("Checking package access for " + pkg); + List jspkgs = + getPackages(Security.getProperty("package.access")); + + // Sort to ensure lists are comparable + Collections.sort(pkgs); + Collections.sort(jspkgs); + + if (!pkgs.equals(jspkgs)) { + for (String p : pkgs) + if (!jspkgs.contains(p)) + System.out.println("In golden set, but not in j.s file: " + p); + for (String p : jspkgs) + if (!pkgs.contains(p)) + System.out.println("In j.s file, but not in golden set: " + p); + + + throw new RuntimeException("restricted packages are not " + + "consistent with java.security file"); + } + System.setSecurityManager(new SecurityManager()); + SecurityManager sm = System.getSecurityManager(); + for (String pkg : packages) { + String subpkg = pkg + "foo"; try { sm.checkPackageAccess(pkg); - throw new Exception("Expected PackageAccess SecurityException not thrown"); + throw new RuntimeException("Able to access " + pkg + + " package"); + } catch (SecurityException se) { } + try { + sm.checkPackageAccess(subpkg); + throw new RuntimeException("Able to access " + subpkg + + " package"); } catch (SecurityException se) { } try { sm.checkPackageDefinition(pkg); - throw new Exception("Expected PackageDefinition SecurityException not thrown"); + throw new RuntimeException("Able to define class in " + pkg + + " package"); + } catch (SecurityException se) { } + try { + sm.checkPackageDefinition(subpkg); + throw new RuntimeException("Able to define class in " + subpkg + + " package"); } catch (SecurityException se) { } } + System.out.println("Test passed"); + } + + private static List getPackages(String p) { + List packages = new ArrayList<>(); + if (p != null && !p.equals("")) { + StringTokenizer tok = new StringTokenizer(p, ","); + while (tok.hasMoreElements()) { + String s = tok.nextToken().trim(); + packages.add(s); + } + } + return packages; } }