From eb842815498f5926828b49c48fffce22fc9586a2 Mon Sep 17 00:00:00 2001 From: Sven Gothel Date: Fri, 21 Jun 2013 03:45:07 +0200 Subject: Security: Tighten DynamicLinker*, NativeLibrary and DynamicLibraryBundle access (2) - Completes 23341a2df2d2ea36784a16fa1db8bc7385351a12 - Replace 'DynamicLinker' interface w/ well documented one - All DynamicLinker methods are now considered secure, i.e.: - open/lookup and close utilize reference counting on handle via a hash map. - lookupSymbol(..) and close(..) impl. validate the passed library handle whether it's retrieved via open*. This is the fast path, not that expensive. - lookupSymbolGlobal(..) performs Check acccess of 'new RuntimePermission("loadLibrary.*")' if SecurityManager is installed. This is the slow path. - DynamicLibraryBundleInfo now reflects the security requirements, i.e. whether priviledged access is needed. --- .../com/jogamp/common/os/DynamicLibraryBundle.java | 2 +- .../jogamp/common/os/DynamicLibraryBundleInfo.java | 33 +++-- src/java/com/jogamp/common/os/DynamicLinker.java | 135 ++++++++++++++------- src/java/com/jogamp/common/os/NativeLibrary.java | 27 +---- 4 files changed, 116 insertions(+), 81 deletions(-) (limited to 'src/java/com/jogamp/common/os') diff --git a/src/java/com/jogamp/common/os/DynamicLibraryBundle.java b/src/java/com/jogamp/common/os/DynamicLibraryBundle.java index fc36908..31ca372 100644 --- a/src/java/com/jogamp/common/os/DynamicLibraryBundle.java +++ b/src/java/com/jogamp/common/os/DynamicLibraryBundle.java @@ -324,7 +324,7 @@ public class DynamicLibraryBundle implements DynamicLookupHelper { long addr = 0; NativeLibrary lib = null; - if(info.shallLookupGlobal()) { + if( info.shallLookupGlobal() ) { // Try a global symbol lookup first .. addr = NativeLibrary.dynamicLookupFunctionGlobal(funcName); } diff --git a/src/java/com/jogamp/common/os/DynamicLibraryBundleInfo.java b/src/java/com/jogamp/common/os/DynamicLibraryBundleInfo.java index dc90eab..ef44298 100644 --- a/src/java/com/jogamp/common/os/DynamicLibraryBundleInfo.java +++ b/src/java/com/jogamp/common/os/DynamicLibraryBundleInfo.java @@ -28,14 +28,19 @@ package com.jogamp.common.os; -import java.util.*; +import java.util.List; import com.jogamp.common.util.RunnableExecutor; + public interface DynamicLibraryBundleInfo { public static final boolean DEBUG = DynamicLibraryBundle.DEBUG; - /** @return a list of Tool library names or alternative library name lists.
+ /** + * If a {@link SecurityManager} is installed, user needs link permissions + * for the named libraries. + * + * @return a list of Tool library names or alternative library name lists.
*