This document contains two tables listing the permissions in JDK1.2. (A permission represents access to a system resource.) The tables are the following:
For information about specifying permissions in policy files, see Default Policy Implementation and Policy File Syntax
The following table contains a list of all the permissions in JDK1.2, and which methods require them.
A call to a method in the left-hand column can only be successful if the permission specified in the corresponding entry in the right-hand column is allowed by the policy currently in effect. For example, the following row:
Method Permission java.awt.Toolkit getSystemEventQueue();java.awt.AWTPermission "eventQueue"; specifies that a call to the
getSystemEventQueue
method in thejava.awt.Toolkit
class can only be successful if the following permission is set:java.awt.AWTPermission "eventQueue";The convention of:
Method Permission some.package.class public static void someMethod(String foo);SomePermission "{foo}"; means the runtime value of
foo
replaces the string{foo}
in the permission name.As an example, here is one table entry:
Method Permission java.io.FileInputStream FileInputStream(String name)java.io.FilePermission "{name}", "read"; If the
FileInputStream
method (in this case, a constructor) is called with "/test/MyTestFile" as thename
argument, as inFileInputStream("/test/MyTestFile");then in order for the call to succeed, the following permission must be set in the current policy, allowing read access to the file "/test/MyTestFile":java.io.FilePermission "/test/MyTestFile", "read";More specifically, the permission must either be explicitly set, as above, or implied by another permission, such as the following:java.io.FilePermission "/test/*", "read";which allows read access to any files in the "/test" directory.The following table is ordered by package name. That is, the methods in classes in the
java.awt
package are listed first, followed by methods in classes in thejava.io
package, and so on.
Method | Permission |
---|---|
java.awt.Toolkit getPrintJob(Frame frame, String jobtitle, Properties props); | java.lang.RuntimePermission "print.queueJob"; Note: The getPrintJob method is actually abstract and thus can't invoke security checks. Each actual implementation of the method should call the java.lang.SecurityManager checkPrintJobAccess method, which is successful only if the java.lang.RuntimePermission "print.queueJob" permission is currently allowed. |
java.awt.Toolkit getSystemClipboard(); | java.awt.AWTPermission "systemClipboard"; Note: The getSystemClipboard method is actually abstract and thus can't invoke security checks. Each actual implementation of the method should call the java.lang.SecurityManager checkSystemClipboardAccess method, which is successful only if the java.awt.AWTPermission "systemClipboard" permission is currently allowed. |
java.awt.Toolkit getSystemEventQueue(); | java.awt.AWTPermission "eventQueue"; |
java.awt.Window Window() | java.awt.AWTPermission "topLevelWindow"; |
java.io.File public boolean delete(); | java.io.FilePermission "{name}", "delete"; |
java.io.FileInputStream FileInputStream(FileDescriptor fdObj); | java.lang.RuntimePermission "fileDescriptor.read"; |
java.io.FileInputStream FileInputStream(String name) java.io.File public boolean exists(); public boolean canRead(); public boolean isFile(); public boolean isDirectory(); public long lastModified(); public long length(); public String[] list(); java.io.RandomAccessFile RandomAccessFile(String name, String mode) (where mode is "r") | java.io.FilePermission "{name}", "read"; |
java.io.FileOutputStream FileOutputStream(FileDescriptor fdObj) | java.lang.RuntimePermission "fileDescriptor.write"; |
java.io.FileOutputStream FileOutputStream(String name) FileOutputStream(String name, boolean append) java.io.File public boolean canWrite(); public boolean mkdir(); public boolean renameTo(File dest); | java.io.FilePermission "{name}", "write"; |
java.io.ObjectInputStream protected final boolean enableResolveObject(boolean enable); java.io.ObjectOutputStream protected final boolean enableReplaceObject(boolean enable) | java.io.SerializablePermission "enableSubstitution"; |
java.io.RandomAccessFile RandomAccessFile(String name, String mode) (where mode is "rw") | java.io.FilePermission "{name}", "read,write"; |
java.lang.Class public Class[] getDeclaredClasses(); public Field[] getDeclaredFields(); public Method[] getDeclaredMethods(); public Constructor[] getDeclaredConstructors(); public Field getDeclaredField(String name); public Method getDeclaredMethod(...); public Constructor getDeclaredConstructor(...); | java.lang.RuntimePermission "reflect.declared.{classname}"; |
java.lang.Class public ProtectionDomain getProtectionDomain() | java.lang.RuntimePermission "Class.getProtectionDomain"; |
java.lang.Class public void setProtectionDomain(ProtectionDomain pd) | java.lang.RuntimePermission "Class.setProtectionDomain"; |
java.lang.ClassLoader ClassLoader(); | java.lang.RuntimePermission "createClassLoader"; |
java.lang.Runtime public Process exec(String command); public Process exec(String command, String envp[]); public Process exec(String cmdarray[]); public Process exec(String cmdarray[], String envp[]); | java.io.FilePermission "{command}", "execute"; |
java.lang.Runtime public void exit(int status); public static void runFinalizersOnExit(boolean value); | java.lang.RuntimePermission "exit"; |
java.lang.Runtime public void load(String lib); public void loadLibrary(String lib); | java.lang.RuntimePermission "loadLibrary.{lib}"; |
java.lang.System public static Properties getProperties(); public static void setProperties(Properties props); | java.util.PropertyPermission "*", "read,write"; |
java.lang.System public static String getProperty(String key); public static String getProperty(String key, String def); | java.util.PropertyPermission "{key}", "read"; |
java.lang.System public static void setIn(InputStream in); public static void setOut(PrintStream out); public static void setErr(PrintStream err); |
java.lang.RuntimePermission "setIO"; |
java.lang.System public static String setProperty(String key, String value); | java.util.PropertyPermission "{key}", "write"; |
java.lang.Thread Thread(...) public final void stop(); public final synchronized void stop(Throwable o); public void interrupt(); public final void suspend(); public final void resume(); public final void setPriority(int newPriority); public final void setName(String name); public final void setDaemon(boolean on); java.lang.ThreadGroup ThreadGroup(ThreadGroup parent, String name) public final void setDaemon(boolean daemon); public final void setMaxPriority(int pri); public final void stop(); public final void suspend(); public final void resume(); public final void destroy(); | java.lang.RuntimePermission "thread"; |
java.lang.reflect.AccessibleObject public static void setAccessible(...); public void setAccessible(...); | java.lang.reflect.ReflectPermission "access"; |
java.net.Authenticator public static PasswordAuthentication requestPasswordAuthentication( InetAddress addr, int port, String protocol, String prompt, String scheme); | java.net.NetPermission "Authenticator.requestPasswordAuthentication"; |
java.net.Authenticator public static void setDefault(Authenticator a); | java.net.NetPermission "Authenticator.setDefault"; |
java.net.DatagramSocket public void send(DatagramPacket p); java.net.MulticastSocket public void joinGroup(InetAddress mcastaddr); public void leaveGroup(InetAddress mcastaddr); public synchronized void send(DatagramPacket p, byte ttl); | java.net.NetPermission "multicast"; |
java.net.InetAddress public String getHostName(); public static InetAddress getAllByName(String host); public static InetAddress getLocalHost(); java.net.DatagramSocket public InetAddress getLocalAddress(); | java.net.SocketPermission "{host}", "resolve"; |
java.net.ServerSocket ServerSocket(int port, int backlog, InetAddress bindAddr) java.net.DatagramSocket DatagramSocket(...) java.net.MulticastSocket MulticastSocket(...) | java.net.SocketPermission "localhost:{port}", "listen"; |
java.net.ServerSocket public Socket accept(); | java.net.SocketPermission "{host}:{port}", "accept"; |
java.net.ServerSocket public static synchronized void setSocketFactory(...); java.net.Socket public static synchronized void setSocketImplFactory(...); java.net.URL public static synchronized void setURLStreamHandlerFactory(...); java.net.URLConnection public static synchronized void setContentHandlerFactory(...); java.net.HttpURLConnection public static void setFollowRedirects(boolean set); java.rmi.server.RMISocketFactory public synchronized static void setSocketFactory(...); | java.lang.RuntimePermission "setFactory"; |
java.net.Socket Socket(InetAddress host, int port, boolean stream) java.net.DatagramSocket public void send(DatagramPacket p); public synchronized void receive(DatagramPacket p); java.net.MulticastSocket public synchronized void send(DatagramPacket p, byte ttl); | java.net.SocketPermission "{host}:{port}", "connect"; |
java.security.Identity public void addCertificate(...); | java.security.SecurityPermission "Identity.addCertificate"; |
java.security.Identity public void removeCertificate(..); | java.security.SecurityPermission "Identity.removeCertificate"; |
java.security.Identity public void setInfo(String info); | java.security.SecurityPermission "Identity.setInfo"; |
java.security.Identity public void setPublicKey(PublicKey key); | java.security.SecurityPermission "Identity.setPublicKey"; |
java.security.IdentityScope protected static void setSystemScope(); | java.security.SecurityPermission "IdentityScope.setSystemScope"; |
java.security.Policy public static Policy getPolicy(); | java.security.SecurityPermission "Policy.getPolicy"; |
java.security.Policy public static void setPolicy(Policy policy); | java.security.SecurityPermission "Policy.setPolicy"; |
java.security.Provider public synchronized void clear(); | java.security.SecurityPermission "Provider.clear.{name}"; |
java.security.Provider public synchronized Object put(Object key, Object value); | java.security.SecurityPermission "Provider.put.{name}"; |
java.security.Provider public synchronized Object remove(Object key); | java.security.SecurityPermission "Provider.remove.{name}"; |
java.security.Security public static void getProperty(String key); | java.security.SecurityPermission "Security.getProperty.{key}"; |
java.security.Security public static int insertProviderAt(Provider provider,int position); | java.security.SecurityPermission "Security.insertProvider.{name}"; |
java.security.Security public static void removeProvider(String name); | java.security.SecurityPermission "Security.removeProvider.{name}"; |
java.security.Security public static void setProperty(String key, String datum); | java.security.SecurityPermission "Security.setProperty.{key}"; |
java.security.Signer public PrivateKey getPrivateKey(); | java.security.SecurityPermission "Signer.getPrivateKey"; |
java.security.Signer public final void setKeyPair(KeyPair pair) | java.security.SecurityPermission "Signer.setPrivateKeypair"; |
java.util.Locale public static synchronized void setDefault(Locale newLocale) | java.util.PropertyPermission "user.language","write"; |
Method | Permission |
---|---|
public void checkAccept(String host, int port); | java.net.SocketPermission "{host}:{port}", "accept"; |
public void checkAccess(Thread g); | java.lang.RuntimePermission "thread"); |
public void checkAccess(ThreadGroup g); | java.lang.RuntimePermission "thread"); |
public void checkAwtEventQueueAccess(); | java.awt.AWTPermission "eventQueue"; |
public void checkConnect(String host, int port); | if (port == -1) java.net.SocketPermission "{host}","resolve"; else java.net.SocketPermissio "{host}:{port}","connect"; |
public void checkCreateClassLoader(); | java.lang.RuntimePermission "createClassLoader"; |
public void checkDelete(String file); | java.io.FilePermission "{file}", "delete"; |
public void checkExec(String cmd); | if cmd is an absolute path: java.io.FilePermission "{cmd}", "execute"; else java.io.FilePermission "-", "execute"; |
public void checkExit(int status); | java.lang.RuntimePermission "exit"); |
public void checkLink(String lib); | java.lang.RuntimePermission "loadLibrary.{lib}"; |
public void checkListen(int port); | if (port == 0)
java.net.SocketPermission "localhost:1024-","listen"; else java.net.SocketPermission "localhost:{port}","listen"; |
public void checkMemberAccess(Class clazz, int which); |
if (which == Member.PUBLIC) return; if (currentClassLoader() == clazz.getClassLoader()) return; java.lang.RuntimePermission "reflect.declared.{classname}"; |
public void checkMulticast(InetAddress maddr); | java.net.NetPermission "multicast"; |
public void checkMulticast(InetAddress maddr, byte ttl); | java.net.NetPermission "multicast"; |
public void checkPackageAccess(String pkg); | java.lang.RuntimePermission "package.access.{pkg}"; |
public void checkPackageDefinition(String pkg); | java.lang.RuntimePermission "package.define.{pkg}"; |
public void checkPrintJobAccess(); | java.lang.RuntimePermission "print.queueJob"; |
public void checkPropertiesAccess(); | java.util.PropertyPermission "*", "read,write"; |
public void checkPropertyAccess(String key); | java.util.PropertyPermission "{key}", "read,write"; |
public void checkRead(FileDescriptor fd); | java.lang.RuntimePermission "fileDescriptor.read"; |
public void checkRead(String file); | java.io.FilePermission "{file}", "read"; |
public void checkSecurityAccess(String action); | java.security.SecurityPermission "{action}"; |
public void checkSetFactory(); | java.lang.RuntimePermission "setFactory"; |
public void checkSystemClipboardAccess(); | java.awt.AWTPermission "systemClipboard"; |
public boolean checkTopLevelWindow(Object window); | java.awt.AWTPermission "topLevelWindow"; |
public void checkWrite(FileDescriptor fd); | java.lang.RuntimePermission "fileDescriptor.write"; |
public void checkWrite(String file); | java.io.FilePermission "{file}", "write"; |
Copyright © 1997-98 Sun Microsystems, Inc. All Rights Reserved. Please send comments to: Roland Schemers |
![]() JavaSoft |