Subversion Repositories scarts

/* SecurityManager.java -- security checks for privileged actions

   Copyright (C) 1998, 1999, 2001, 2002, 2005  Free Software Foundation, Inc.

This file is part of GNU Classpath.

GNU Classpath is free software; you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation; either version 2, or (at your option)

any later version.

GNU Classpath is distributed in the hope that it will be useful, but

WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

General Public License for more details.

You should have received a copy of the GNU General Public License

along with GNU Classpath; see the file COPYING.  If not, write to the

Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA

02110-1301 USA.

Linking this library statically or dynamically with other modules is

making a combined work based on this library.  Thus, the terms and

conditions of the GNU General Public License cover the whole

combination.

As a special exception, the copyright holders of this library give you

permission to link this library with independent modules to produce an

executable, regardless of the license terms of these independent

modules, and to copy and distribute the resulting executable under

terms of your choice, provided that you also meet, for each linked

independent module, the terms and conditions of the license of that

module.  An independent module is a module which is not derived from

or based on this library.  If you modify this library, you may extend

this exception to your version of the library, but you are not

obligated to do so.  If you do not wish to do so, delete this

exception statement from your version. */

package java.lang;

import gnu.classpath.VMStackWalker;

import java.awt.AWTPermission;

import java.awt.Frame;

import java.awt.Toolkit;

import java.awt.Window;

import java.io.File;

import java.io.FileDescriptor;

import java.io.FileInputStream;

import java.io.FileOutputStream;

import java.io.FilePermission;

import java.io.RandomAccessFile;

import java.lang.reflect.Member;

import java.net.InetAddress;

import java.net.ServerSocket;

import java.net.Socket;

import java.net.SocketImplFactory;

import java.net.SocketPermission;

import java.net.URL;

import java.net.URLStreamHandlerFactory;

import java.security.AccessControlContext;

import java.security.AccessControlException;

import java.security.AccessController;

import java.security.AllPermission;

import java.security.BasicPermission;

import java.security.Permission;

import java.security.Policy;

import java.security.PrivilegedAction;

import java.security.ProtectionDomain;

import java.security.Security;

import java.security.SecurityPermission;

import java.util.Properties;

import java.util.PropertyPermission;

import java.util.StringTokenizer;

/**

 * SecurityManager is a class you can extend to create your own Java

 * security policy.  By default, there is no SecurityManager installed in

 * 1.1, which means that all things are permitted to all people. The security

 * manager, if set, is consulted before doing anything with potentially

 * dangerous results, and throws a <code>SecurityException</code> if the

 * action is forbidden.

 *

 * <p>A typical check is as follows, just before the dangerous operation:<br>

 * <pre>

 * SecurityManager sm = System.getSecurityManager();

 * if (sm != null)

 *   sm.checkABC(<em>argument</em>, ...);

 * </pre>

 * Note that this is thread-safe, by caching the security manager in a local

 * variable rather than risking a NullPointerException if the mangager is

 * changed between the check for null and before the permission check.

 *

 * <p>The special method <code>checkPermission</code> is a catchall, and

 * the default implementation calls

 * <code>AccessController.checkPermission</code>. In fact, all the other

 * methods default to calling checkPermission.

 *

 * <p>Sometimes, the security check needs to happen from a different context,

 * such as when called from a worker thread. In such cases, use

 * <code>getSecurityContext</code> to take a snapshot that can be passed

 * to the worker thread:<br>

 * <pre>

 * Object context = null;

 * SecurityManager sm = System.getSecurityManager();

 * if (sm != null)

 *   context = sm.getSecurityContext(); // defaults to an AccessControlContext

 * // now, in worker thread

 * if (sm != null)

 *   sm.checkPermission(permission, context);

 * </pre>

 *

 * <p>Permissions fall into these categories: File, Socket, Net, Security,

 * Runtime, Property, AWT, Reflect, and Serializable. Each of these

 * permissions have a property naming convention, that follows a hierarchical

 * naming convention, to make it easy to grant or deny several permissions

 * at once. Some permissions also take a list of permitted actions, such

 * as "read" or "write", to fine-tune control even more. The permission

 * <code>java.security.AllPermission</code> grants all permissions.

 *

 * <p>The default methods in this class deny all things to all people. You

 * must explicitly grant permission for anything you want to be legal when

 * subclassing this class.

 *

 * @author John Keiser

 * @author Eric Blake (ebb9@email.byu.edu)

 * @see ClassLoader

 * @see SecurityException

 * @see #checkTopLevelWindow(Object)

 * @see System#getSecurityManager()

 * @see System#setSecurityManager(SecurityManager)

 * @see AccessController

 * @see AccessControlContext

 * @see AccessControlException

 * @see Permission

 * @see BasicPermission

 * @see java.io.FilePermission

 * @see java.net.SocketPermission

 * @see java.util.PropertyPermission

 * @see RuntimePermission

 * @see java.awt.AWTPermission

 * @see Policy

 * @see SecurityPermission

 * @see ProtectionDomain

 * @since 1.0

 * @status still missing 1.4 functionality

 */

public class SecurityManager

{

  /**

   * The current security manager. This is located here instead of in

   * System, to avoid security problems, as well as bootstrap issues.

   * Make sure to access it in a thread-safe manner; it is package visible

   * to avoid overhead in java.lang.

   */

  static volatile SecurityManager current;

  /**

   * Tells whether or not the SecurityManager is currently performing a

   * security check.

   * @deprecated Use {@link #checkPermission(Permission)} instead.

   */

  protected boolean inCheck;

  /**

   * Construct a new security manager. There may be a security check, of

   * <code>RuntimePermission("createSecurityManager")</code>.

   *

   * @throws SecurityException if permission is denied

   */

  public SecurityManager()

  {

    SecurityManager sm = System.getSecurityManager();

    if (sm != null)

      sm.checkPermission(new RuntimePermission("createSecurityManager"));

  }

  /**

   * Tells whether or not the SecurityManager is currently performing a

   * security check.

   *

   * @return true if the SecurityManager is in a security check

   * @see #inCheck

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  public boolean getInCheck()

  {

    return inCheck;

  }

  /**

   * Get a list of all the classes currently executing methods on the Java

   * stack.  getClassContext()[0] is the currently executing method (ie. the

   * class that CALLED getClassContext, not SecurityManager).

   *

   * @return an array of classes on the Java execution stack

   */

  protected Class[] getClassContext()

  {

    Class[] stack1 = VMStackWalker.getClassContext();

    Class[] stack2 = new Class[stack1.length - 1];

    System.arraycopy(stack1, 1, stack2, 0, stack1.length - 1);

    return stack2;

  }

  /**

   * Find the ClassLoader of the first non-system class on the execution

   * stack. A non-system class is one whose ClassLoader is not equal to

   * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This

   * will return null in three cases:

   *

   * <ul>

   * <li>All methods on the stack are from system classes</li>

   * <li>All methods on the stack up to the first "privileged" caller, as

   *  created by {@link AccessController#doPrivileged(PrivilegedAction)},

   *  are from system classes</li>

   * <li>A check of <code>java.security.AllPermission</code> succeeds.</li>

   * </ul>

   *

   * @return the most recent non-system ClassLoader on the execution stack

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  protected ClassLoader currentClassLoader()

  {

    Class cl = currentLoadedClass();

    return cl != null ? cl.getClassLoader() : null;

  }

  /**

   * Find the first non-system class on the execution stack. A non-system

   * class is one whose ClassLoader is not equal to

   * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This

   * will return null in three cases:

   *

   * <ul>

   * <li>All methods on the stack are from system classes</li>

   * <li>All methods on the stack up to the first "privileged" caller, as

   *  created by {@link AccessController#doPrivileged(PrivilegedAction)},

   *  are from system classes</li>

   * <li>A check of <code>java.security.AllPermission</code> succeeds.</li>

   * </ul>

   *

   * @return the most recent non-system Class on the execution stack

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  protected Class currentLoadedClass()

  {

    int i = classLoaderDepth();

    return i >= 0 ? getClassContext()[i] : null;

  }

  /**

   * Get the depth of a particular class on the execution stack.

   *

   * @param className the fully-qualified name to search for

   * @return the index of the class on the stack, or -1

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  protected int classDepth(String className)

  {

    Class[] c = getClassContext();

    for (int i = 0; i < c.length; i++)

      if (className.equals(c[i].getName()))

        return i;

    return -1;

  }

  /**

   * Get the depth on the execution stack of the most recent non-system class.

   * A non-system class is one whose ClassLoader is not equal to

   * {@link ClassLoader#getSystemClassLoader()} or its ancestors. This

   * will return -1 in three cases:

   *

   * <ul>

   * <li>All methods on the stack are from system classes</li>

   * <li>All methods on the stack up to the first "privileged" caller, as

   *  created by {@link AccessController#doPrivileged(PrivilegedAction)},

   *  are from system classes</li>

   * <li>A check of <code>java.security.AllPermission</code> succeeds.</li>

   * </ul>

   *

   * @return the index of the most recent non-system Class on the stack

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  protected int classLoaderDepth()

  {

    try

      {

        checkPermission(new AllPermission());

      }

    catch (SecurityException e)

      {

        Class[] c = getClassContext();

        for (int i = 0; i < c.length; i++)

          if (c[i].getClassLoader() != null)

            // XXX Check if c[i] is AccessController, or a system class.

            return i;

      }

    return -1;

  }

  /**

   * Tell whether the specified class is on the execution stack.

   *

   * @param className the fully-qualified name of the class to find

   * @return whether the specified class is on the execution stack

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  protected boolean inClass(String className)

  {

    return classDepth(className) != -1;

  }

  /**

   * Tell whether there is a class loaded with an explicit ClassLoader on

   * the stack.

   *

   * @return whether a class with an explicit ClassLoader is on the stack

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  protected boolean inClassLoader()

  {

    return classLoaderDepth() != -1;

  }

  /**

   * Get an implementation-dependent Object that contains enough information

   * about the current environment to be able to perform standard security

   * checks later.  This is used by trusted methods that need to verify that

   * their callers have sufficient access to perform certain operations.

   *

   * <p>Currently the only methods that use this are checkRead() and

   * checkConnect(). The default implementation returns an

   * <code>AccessControlContext</code>.

   *

   * @return a security context

   * @see #checkConnect(String, int, Object)

   * @see #checkRead(String, Object)

   * @see AccessControlContext

   * @see AccessController#getContext()

   */

  public Object getSecurityContext()

  {

    return AccessController.getContext();

  }

  /**

   * Check if the current thread is allowed to perform an operation that

   * requires the specified <code>Permission</code>. This defaults to

   * <code>AccessController.checkPermission</code>.

   *

   * @param perm the <code>Permission</code> required

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if perm is null

   * @since 1.2

   */

  public void checkPermission(Permission perm)

  {

    AccessController.checkPermission(perm);

  }

  /**

   * Check if the current thread is allowed to perform an operation that

   * requires the specified <code>Permission</code>. This is done in a

   * context previously returned by <code>getSecurityContext()</code>. The

   * default implementation expects context to be an AccessControlContext,

   * and it calls <code>AccessControlContext.checkPermission(perm)</code>.

   *

   * @param perm the <code>Permission</code> required

   * @param context a security context

   * @throws SecurityException if permission is denied, or if context is

   *         not an AccessControlContext

   * @throws NullPointerException if perm is null

   * @see #getSecurityContext()

   * @see AccessControlContext#checkPermission(Permission)

   * @since 1.2

   */

  public void checkPermission(Permission perm, Object context)

  {

    if (! (context instanceof AccessControlContext))

      throw new SecurityException("Missing context");

    ((AccessControlContext) context).checkPermission(perm);

  }

  /**

   * Check if the current thread is allowed to create a ClassLoader. This

   * method is called from ClassLoader.ClassLoader(), and checks

   * <code>RuntimePermission("createClassLoader")</code>. If you override

   * this, you should call <code>super.checkCreateClassLoader()</code> rather

   * than throwing an exception.

   *

   * @throws SecurityException if permission is denied

   * @see ClassLoader#ClassLoader()

   */

  public void checkCreateClassLoader()

  {

    checkPermission(new RuntimePermission("createClassLoader"));

  }

  /**

   * Check if the current thread is allowed to modify another Thread. This is

   * called by Thread.stop(), suspend(), resume(), interrupt(), destroy(),

   * setPriority(), setName(), and setDaemon(). The default implementation

   * checks <code>RuntimePermission("modifyThread")</code> on system threads

   * (ie. threads in ThreadGroup with a null parent), and returns silently on

   * other threads.

   *

   * <p>If you override this, you must do two things. First, call

   * <code>super.checkAccess(t)</code>, to make sure you are not relaxing

   * requirements. Second, if the calling thread has

   * <code>RuntimePermission("modifyThread")</code>, return silently, so that

   * core classes (the Classpath library!) can modify any thread.

   *

   * @param thread the other Thread to check

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if thread is null

   * @see Thread#stop()

   * @see Thread#suspend()

   * @see Thread#resume()

   * @see Thread#setPriority(int)

   * @see Thread#setName(String)

   * @see Thread#setDaemon(boolean)

   */

  public void checkAccess(Thread thread)

  {

    if (thread.getThreadGroup() != null

        && thread.getThreadGroup().getParent() != null)

      checkPermission(new RuntimePermission("modifyThread"));

  }

  /**

   * Check if the current thread is allowed to modify a ThreadGroup. This is

   * called by Thread.Thread() (to add a thread to the ThreadGroup),

   * ThreadGroup.ThreadGroup() (to add this ThreadGroup to a parent),

   * ThreadGroup.stop(), suspend(), resume(), interrupt(), destroy(),

   * setDaemon(), and setMaxPriority(). The default implementation

   * checks <code>RuntimePermission("modifyThread")</code> on the system group

   * (ie. the one with a null parent), and returns silently on other groups.

   *

   * <p>If you override this, you must do two things. First, call

   * <code>super.checkAccess(t)</code>, to make sure you are not relaxing

   * requirements. Second, if the calling thread has

   * <code>RuntimePermission("modifyThreadGroup")</code>, return silently,

   * so that core classes (the Classpath library!) can modify any thread.

   *

   * @param g the ThreadGroup to check

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if g is null

   * @see Thread#Thread()

   * @see ThreadGroup#ThreadGroup(String)

   * @see ThreadGroup#stop()

   * @see ThreadGroup#suspend()

   * @see ThreadGroup#resume()

   * @see ThreadGroup#interrupt()

   * @see ThreadGroup#setDaemon(boolean)

   * @see ThreadGroup#setMaxPriority(int)

   */

  public void checkAccess(ThreadGroup g)

  {

    if (g.getParent() != null)

      checkPermission(new RuntimePermission("modifyThreadGroup"));

  }

  /**

   * Check if the current thread is allowed to exit the JVM with the given

   * status. This method is called from Runtime.exit() and Runtime.halt().

   * The default implementation checks

   * <code>RuntimePermission("exitVM")</code>. If you override this, call

   * <code>super.checkExit</code> rather than throwing an exception.

   *

   * @param status the status to exit with

   * @throws SecurityException if permission is denied

   * @see Runtime#exit(int)

   * @see Runtime#halt(int)

   */

  public void checkExit(int status)

  {

    checkPermission(new RuntimePermission("exitVM"));

  }

  /**

   * Check if the current thread is allowed to execute the given program. This

   * method is called from Runtime.exec(). If the name is an absolute path,

   * the default implementation checks

   * <code>FilePermission(program, "execute")</code>, otherwise it checks

   * <code>FilePermission("&lt;&lt;ALL FILES&gt;&gt;", "execute")</code>. If

   * you override this, call <code>super.checkExec</code> rather than

   * throwing an exception.

   *

   * @param program the name of the program to exec

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if program is null

   * @see Runtime#exec(String[], String[], File)

   */

  public void checkExec(String program)

  {

    if (! program.equals(new File(program).getAbsolutePath()))

      program = "<<ALL FILES>>";

    checkPermission(new FilePermission(program, "execute"));

  }

  /**

   * Check if the current thread is allowed to link in the given native

   * library. This method is called from Runtime.load() (and hence, by

   * loadLibrary() as well). The default implementation checks

   * <code>RuntimePermission("loadLibrary." + filename)</code>. If you

   * override this, call <code>super.checkLink</code> rather than throwing

   * an exception.

   *

   * @param filename the full name of the library to load

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if filename is null

   * @see Runtime#load(String)

   */

  public void checkLink(String filename)

  {

    // Use the toString() hack to do the null check.

    checkPermission(new RuntimePermission("loadLibrary."

                                          + filename.toString()));

  }

  /**

   * Check if the current thread is allowed to read the given file using the

   * FileDescriptor. This method is called from

   * FileInputStream.FileInputStream(). The default implementation checks

   * <code>RuntimePermission("readFileDescriptor")</code>. If you override

   * this, call <code>super.checkRead</code> rather than throwing an

   * exception.

   *

   * @param desc the FileDescriptor representing the file to access

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if desc is null

   * @see FileInputStream#FileInputStream(FileDescriptor)

   */

  public void checkRead(FileDescriptor desc)

  {

    if (desc == null)

      throw new NullPointerException();

    checkPermission(new RuntimePermission("readFileDescriptor"));

  }

  /**

   * Check if the current thread is allowed to read the given file. This

   * method is called from FileInputStream.FileInputStream(),

   * RandomAccessFile.RandomAccessFile(), File.exists(), canRead(), isFile(),

   * isDirectory(), lastModified(), length() and list(). The default

   * implementation checks <code>FilePermission(filename, "read")</code>. If

   * you override this, call <code>super.checkRead</code> rather than

   * throwing an exception.

   *

   * @param filename the full name of the file to access

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if filename is null

   * @see File

   * @see FileInputStream#FileInputStream(String)

   * @see RandomAccessFile#RandomAccessFile(String, String)

   */

  public void checkRead(String filename)

  {

    checkPermission(new FilePermission(filename, "read"));

  }

  /**

   * Check if the current thread is allowed to read the given file. using the

   * given security context. The context must be a result of a previous call

   * to <code>getSecurityContext()</code>. The default implementation checks

   * <code>AccessControlContext.checkPermission(new FilePermission(filename,

   * "read"))</code>. If you override this, call <code>super.checkRead</code>

   * rather than throwing an exception.

   *

   * @param filename the full name of the file to access

   * @param context the context to determine access for

   * @throws SecurityException if permission is denied, or if context is

   *         not an AccessControlContext

   * @throws NullPointerException if filename is null

   * @see #getSecurityContext()

   * @see AccessControlContext#checkPermission(Permission)

   */

  public void checkRead(String filename, Object context)

  {

    if (! (context instanceof AccessControlContext))

      throw new SecurityException("Missing context");

    AccessControlContext ac = (AccessControlContext) context;

    ac.checkPermission(new FilePermission(filename, "read"));

  }

  /**

   * Check if the current thread is allowed to write the given file using the

   * FileDescriptor. This method is called from

   * FileOutputStream.FileOutputStream(). The default implementation checks

   * <code>RuntimePermission("writeFileDescriptor")</code>. If you override

   * this, call <code>super.checkWrite</code> rather than throwing an

   * exception.

   *

   * @param desc the FileDescriptor representing the file to access

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if desc is null

   * @see FileOutputStream#FileOutputStream(FileDescriptor)

   */

  public void checkWrite(FileDescriptor desc)

  {

    if (desc == null)

      throw new NullPointerException();

    checkPermission(new RuntimePermission("writeFileDescriptor"));

  }

  /**

   * Check if the current thread is allowed to write the given file. This

   * method is called from FileOutputStream.FileOutputStream(),

   * RandomAccessFile.RandomAccessFile(), File.canWrite(), mkdir(), and

   * renameTo(). The default implementation checks

   * <code>FilePermission(filename, "write")</code>. If you override this,

   * call <code>super.checkWrite</code> rather than throwing an exception.

   *

   * @param filename the full name of the file to access

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if filename is null

   * @see File

   * @see File#canWrite()

   * @see File#mkdir()

   * @see File#renameTo(File)

   * @see FileOutputStream#FileOutputStream(String)

   * @see RandomAccessFile#RandomAccessFile(String, String)

   */

  public void checkWrite(String filename)

  {

    checkPermission(new FilePermission(filename, "write"));

  }

  /**

   * Check if the current thread is allowed to delete the given file. This

   * method is called from File.delete(). The default implementation checks

   * <code>FilePermission(filename, "delete")</code>. If you override this,

   * call <code>super.checkDelete</code> rather than throwing an exception.

   *

   * @param filename the full name of the file to delete

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if filename is null

   * @see File#delete()

   */

  public void checkDelete(String filename)

  {

    checkPermission(new FilePermission(filename, "delete"));

  }

  /**

   * Check if the current thread is allowed to connect to a given host on a

   * given port. This method is called from Socket.Socket(). A port number

   * of -1 indicates the caller is attempting to determine an IP address, so

   * the default implementation checks

   * <code>SocketPermission(host, "resolve")</code>. Otherwise, the default

   * implementation checks

   * <code>SocketPermission(host + ":" + port, "connect")</code>. If you

   * override this, call <code>super.checkConnect</code> rather than throwing

   * an exception.

   *

   * @param host the host to connect to

   * @param port the port to connect on

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if host is null

   * @see Socket#Socket()

   */

  public void checkConnect(String host, int port)

  {

    if (port == -1)

      checkPermission(new SocketPermission(host, "resolve"));

    else

      // Use the toString() hack to do the null check.

      checkPermission(new SocketPermission(host.toString() + ":" + port,

                                           "connect"));

  }

  /**

   * Check if the current thread is allowed to connect to a given host on a

   * given port, using the given security context. The context must be a

   * result of a previous call to <code>getSecurityContext</code>. A port

   * number of -1 indicates the caller is attempting to determine an IP

   * address, so the default implementation checks

   * <code>AccessControlContext.checkPermission(new SocketPermission(host,

   * "resolve"))</code>. Otherwise, the default implementation checks

   * <code>AccessControlContext.checkPermission(new SocketPermission(host

   * + ":" + port, "connect"))</code>. If you override this, call

   * <code>super.checkConnect</code> rather than throwing an exception.

   *

   * @param host the host to connect to

   * @param port the port to connect on

   * @param context the context to determine access for

   *

   * @throws SecurityException if permission is denied, or if context is

   *         not an AccessControlContext

   * @throws NullPointerException if host is null

   *

   * @see #getSecurityContext()

   * @see AccessControlContext#checkPermission(Permission)

   */

  public void checkConnect(String host, int port, Object context)

  {

    if (! (context instanceof AccessControlContext))

      throw new SecurityException("Missing context");

    AccessControlContext ac = (AccessControlContext) context;

    if (port == -1)

      ac.checkPermission(new SocketPermission(host, "resolve"));

    else

      // Use the toString() hack to do the null check.

      ac.checkPermission(new SocketPermission(host.toString() + ":" + port,

                                              "connect"));

  }

  /**

   * Check if the current thread is allowed to listen to a specific port for

   * data. This method is called by ServerSocket.ServerSocket(). The default

   * implementation checks

   * <code>SocketPermission("localhost:" + (port == 0 ? "1024-" : "" + port),

   * "listen")</code>. If you override this, call

   * <code>super.checkListen</code> rather than throwing an exception.

   *

   * @param port the port to listen on

   * @throws SecurityException if permission is denied

   * @see ServerSocket#ServerSocket(int)

   */

  public void checkListen(int port)

  {

    checkPermission(new SocketPermission("localhost:"

                                         + (port == 0 ? "1024-" : "" +port),

                                         "listen"));

  }

  /**

   * Check if the current thread is allowed to accept a connection from a

   * particular host on a particular port. This method is called by

   * ServerSocket.implAccept(). The default implementation checks

   * <code>SocketPermission(host + ":" + port, "accept")</code>. If you

   * override this, call <code>super.checkAccept</code> rather than throwing

   * an exception.

   *

   * @param host the host which wishes to connect

   * @param port the port the connection will be on

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if host is null

   * @see ServerSocket#accept()

   */

  public void checkAccept(String host, int port)

  {

    // Use the toString() hack to do the null check.

    checkPermission(new SocketPermission(host.toString() + ":" + port,

                                         "accept"));

  }

  /**

   * Check if the current thread is allowed to read and write multicast to

   * a particular address. The default implementation checks

   * <code>SocketPermission(addr.getHostAddress(), "accept,connect")</code>.

   * If you override this, call <code>super.checkMulticast</code> rather than

   * throwing an exception.

   *

   * @param addr the address to multicast to

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if host is null

   * @since 1.1

   */

  public void checkMulticast(InetAddress addr)

  {

    checkPermission(new SocketPermission(addr.getHostAddress(),

                                         "accept,connect"));

  }

  /**

   *Check if the current thread is allowed to read and write multicast to

   * a particular address with a particular ttl (time-to-live) value. The

   * default implementation ignores ttl, and checks

   * <code>SocketPermission(addr.getHostAddress(), "accept,connect")</code>.

   * If you override this, call <code>super.checkMulticast</code> rather than

   * throwing an exception.

   *

   * @param addr the address to multicast to

   * @param ttl value in use for multicast send

   * @throws SecurityException if permission is denied

   * @throws NullPointerException if host is null

   * @since 1.1

   * @deprecated use {@link #checkPermission(Permission)} instead

   */

  public void checkMulticast(InetAddress addr, byte ttl)

  {

    checkPermission(new SocketPermission(addr.getHostAddress(),

                                         "accept,connect"));

  }

  /**

   * Check if the current thread is allowed to read or write all the system

   * properties at once. This method is called by System.getProperties()

   * and setProperties(). The default implementation checks

   * <code>PropertyPermission("*", "read,write")</code>. If you override

   * this, call <code>super.checkPropertiesAccess</code> rather than

   * throwing an exception.

   *

   * @throws SecurityException if permission is denied

   * @see System#getProperties()

   * @see System#setProperties(Properties)

   */

  public void checkPropertiesAccess()