Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove SecurityManager layer #7928

Draft
wants to merge 5 commits into
base: master
Choose a base branch
from
Draft

Remove SecurityManager layer #7928

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
61f1c5a
remove SM
mbien Oct 15, 2024
d5b3a44
fixes
mbien Oct 15, 2024
85e4e01
flags
mbien Oct 15, 2024
b669a07
remove NBClipboard activation tests
mbien Oct 28, 2024
ef32a7e
enable system exit logging
mbien Oct 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion nb/ide.launcher/netbeans.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ netbeans_default_cachedir="${DEFAULT_CACHEDIR_ROOT}/@@metabuild.RawVersion@@"
# The automatically selected value can be overridden by specifying -J-Xmx
# here or on the command line.
#
netbeans_default_options="-J-XX:+UseStringDeduplication -J-Xss2m @@metabuild.logcli@@ -J-Dapple.laf.useScreenMenuBar=true -J-Dapple.awt.application.appearance=system -J-Dsun.java2d.noddraw=true -J-Dsun.java2d.dpiaware=true -J-Dplugin.manager.check.updates=false -J-Dnetbeans.extbrowser.manual_chrome_plugin_install=yes @@metabuild.jms-flags@@ -J-XX:+IgnoreUnrecognizedVMOptions"
netbeans_default_options="-J-XX:+UseStringDeduplication -J-Xss2m @@metabuild.logcli@@ -J-Djava.lang.Runtime.level=FINE -J-Dapple.laf.useScreenMenuBar=true -J-Dapple.awt.application.appearance=system -J-Dsun.java2d.noddraw=true -J-Dsun.java2d.dpiaware=true -J-Dplugin.manager.check.updates=false -J-Dnetbeans.extbrowser.manual_chrome_plugin_install=yes @@metabuild.jms-flags@@ -J-XX:+IgnoreUnrecognizedVMOptions"

# Default location of JDK:
# (set by installer or commented out if launcher should decide)
Expand Down
6 changes: 2 additions & 4 deletions platform/core.execution/src/org/netbeans/core/execution/Install.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@
import java.awt.event.ActionListener;
import java.awt.event.WindowAdapter;
import java.awt.event.WindowEvent;
import java.beans.Introspector;
import java.beans.PropertyChangeEvent;
import java.beans.PropertyChangeListener;
import java.util.ArrayList;
Expand All @@ -50,7 +49,6 @@
import javax.swing.event.ListDataEvent;
import javax.swing.event.ListDataListener;
import javax.swing.text.DefaultEditorKit;
import org.netbeans.TopSecurityManager;
import org.netbeans.core.ModuleActions;
import org.netbeans.modules.progress.spi.Controller;
import org.netbeans.modules.progress.spi.InternalHandle;
Expand Down Expand Up @@ -88,7 +86,7 @@ public class Install implements Runnable {
private static final Logger LOG = Logger.getLogger(Install.class.getName());

public @Override void run() {
TopSecurityManager.register(SecMan.DEFAULT);
// TopSecurityManager.register(SecMan.DEFAULT);
}

@OnStop
Expand All @@ -97,7 +95,7 @@ public static final class Down implements Runnable {
public @Override void run() {
showPendingTasks();

TopSecurityManager.unregister(SecMan.DEFAULT);
// TopSecurityManager.unregister(SecMan.DEFAULT);
}
}

Expand Down
7 changes: 0 additions & 7 deletions platform/core.startup/src/org/netbeans/core/startup/ModuleLifecycleManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,13 +38,6 @@
@ServiceProvider(service=LifecycleManager.class)
public class ModuleLifecycleManager extends LifecycleManager {
public ModuleLifecycleManager() {
Runtime.getRuntime().addShutdownHook(new Thread("close modules") { // NOI18N
public @Override void run() {
if (System.getSecurityManager() instanceof TopSecurityManager) {
LifecycleManager.getDefault().exit();
}
}
});
}

public void saveAll() {
Expand Down
1 change: 0 additions & 1 deletion platform/core.startup/src/org/netbeans/core/startup/TopThreadGroup.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@
package org.netbeans.core.startup;

import java.lang.Thread.UncaughtExceptionHandler;
import org.netbeans.TopSecurityManager;
import org.openide.util.Exceptions;

/** The ThreadGroup for catching uncaught exceptions in Corona.
Expand Down
2 changes: 1 addition & 1 deletion platform/o.n.bootstrap/launcher/unix/nbexec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,7 @@ fi
# rename old heap dump to .old
mv "${userdir}/var/log/heapdump.hprof" "${userdir}/var/log/heapdump.hprof.old" > /dev/null 2>&1

jargs_without_clusters="$jargs -Djava.security.manager=allow"
jargs_without_clusters="$jargs"
jargs="-Dnetbeans.dirs=\"${clusters}\" $jargs_without_clusters"

if [ -z "$cachedirspecified" ]; then
Expand Down
2 changes: 0 additions & 2 deletions platform/o.n.bootstrap/launcher/windows/platformlauncher.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -579,8 +579,6 @@ void PlatformLauncher::prepareOptions() {
option = OPT_KEEP_WORKING_SET_ON_MINIMIZE;
javaOptions.push_back(option);

option = OPT_JAVA_SECURITY_MANAGER_ALLOW;
javaOptions.push_back(option);
}

string & PlatformLauncher::constructClassPath(bool runUpdater) {
Expand Down
103 changes: 16 additions & 87 deletions platform/o.n.bootstrap/nbproject/org-netbeans-bootstrap.sig
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,9 @@ CLSS public abstract interface java.io.Serializable
CLSS public abstract java.lang.ClassLoader
cons protected init()
cons protected init(java.lang.ClassLoader)
cons protected init(java.lang.String,java.lang.ClassLoader)
meth protected final java.lang.Class<?> defineClass(byte[],int,int)
anno 0 java.lang.Deprecated()
anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="1.1")
meth protected final java.lang.Class<?> defineClass(java.lang.String,byte[],int,int)
meth protected final java.lang.Class<?> defineClass(java.lang.String,byte[],int,int,java.security.ProtectionDomain)
meth protected final java.lang.Class<?> defineClass(java.lang.String,java.nio.ByteBuffer,java.security.ProtectionDomain)
Expand All @@ -46,21 +47,31 @@ meth protected final java.lang.Class<?> findSystemClass(java.lang.String) throws
meth protected final void resolveClass(java.lang.Class<?>)
meth protected final void setSigners(java.lang.Class<?>,java.lang.Object[])
meth protected java.lang.Class<?> findClass(java.lang.String) throws java.lang.ClassNotFoundException
meth protected java.lang.Class<?> findClass(java.lang.String,java.lang.String)
meth protected java.lang.Class<?> loadClass(java.lang.String,boolean) throws java.lang.ClassNotFoundException
meth protected java.lang.Object getClassLoadingLock(java.lang.String)
meth protected java.lang.Package definePackage(java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.lang.String,java.net.URL)
meth protected java.lang.Package getPackage(java.lang.String)
anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="9")
meth protected java.lang.Package[] getPackages()
meth protected java.lang.String findLibrary(java.lang.String)
meth protected java.net.URL findResource(java.lang.String)
meth protected java.net.URL findResource(java.lang.String,java.lang.String) throws java.io.IOException
meth protected java.util.Enumeration<java.net.URL> findResources(java.lang.String) throws java.io.IOException
meth protected static boolean registerAsParallelCapable()
meth public final boolean isRegisteredAsParallelCapable()
meth public final java.lang.ClassLoader getParent()
meth public final java.lang.Module getUnnamedModule()
meth public final java.lang.Package getDefinedPackage(java.lang.String)
meth public final java.lang.Package[] getDefinedPackages()
meth public java.io.InputStream getResourceAsStream(java.lang.String)
meth public java.lang.Class<?> loadClass(java.lang.String) throws java.lang.ClassNotFoundException
meth public java.lang.String getName()
meth public java.net.URL getResource(java.lang.String)
meth public java.util.Enumeration<java.net.URL> getResources(java.lang.String) throws java.io.IOException
meth public java.util.stream.Stream<java.net.URL> resources(java.lang.String)
meth public static java.io.InputStream getSystemResourceAsStream(java.lang.String)
meth public static java.lang.ClassLoader getPlatformClassLoader()
meth public static java.lang.ClassLoader getSystemClassLoader()
meth public static java.net.URL getSystemResource(java.lang.String)
meth public static java.util.Enumeration<java.net.URL> getSystemResources(java.lang.String) throws java.io.IOException
Expand All @@ -82,6 +93,7 @@ CLSS public java.lang.Object
cons public init()
meth protected java.lang.Object clone() throws java.lang.CloneNotSupportedException
meth protected void finalize() throws java.lang.Throwable
anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="9")
meth public boolean equals(java.lang.Object)
meth public final java.lang.Class<?> getClass()
meth public final void notify()
Expand All @@ -92,65 +104,6 @@ meth public final void wait(long,int) throws java.lang.InterruptedException
meth public int hashCode()
meth public java.lang.String toString()

CLSS public java.lang.SecurityManager
cons public init()
fld protected boolean inCheck
anno 0 java.lang.Deprecated()
meth protected boolean inClass(java.lang.String)
anno 0 java.lang.Deprecated()
meth protected boolean inClassLoader()
anno 0 java.lang.Deprecated()
meth protected int classDepth(java.lang.String)
anno 0 java.lang.Deprecated()
meth protected int classLoaderDepth()
anno 0 java.lang.Deprecated()
meth protected java.lang.Class<?> currentLoadedClass()
anno 0 java.lang.Deprecated()
meth protected java.lang.ClassLoader currentClassLoader()
anno 0 java.lang.Deprecated()
meth protected java.lang.Class[] getClassContext()
meth public boolean checkTopLevelWindow(java.lang.Object)
anno 0 java.lang.Deprecated()
meth public boolean getInCheck()
anno 0 java.lang.Deprecated()
meth public java.lang.Object getSecurityContext()
meth public java.lang.ThreadGroup getThreadGroup()
meth public void checkAccept(java.lang.String,int)
meth public void checkAccess(java.lang.Thread)
meth public void checkAccess(java.lang.ThreadGroup)
meth public void checkAwtEventQueueAccess()
anno 0 java.lang.Deprecated()
meth public void checkConnect(java.lang.String,int)
meth public void checkConnect(java.lang.String,int,java.lang.Object)
meth public void checkCreateClassLoader()
meth public void checkDelete(java.lang.String)
meth public void checkExec(java.lang.String)
meth public void checkExit(int)
meth public void checkLink(java.lang.String)
meth public void checkListen(int)
meth public void checkMemberAccess(java.lang.Class<?>,int)
anno 0 java.lang.Deprecated()
meth public void checkMulticast(java.net.InetAddress)
meth public void checkMulticast(java.net.InetAddress,byte)
anno 0 java.lang.Deprecated()
meth public void checkPackageAccess(java.lang.String)
meth public void checkPackageDefinition(java.lang.String)
meth public void checkPermission(java.security.Permission)
meth public void checkPermission(java.security.Permission,java.lang.Object)
meth public void checkPrintJobAccess()
meth public void checkPropertiesAccess()
meth public void checkPropertyAccess(java.lang.String)
meth public void checkRead(java.io.FileDescriptor)
meth public void checkRead(java.lang.String)
meth public void checkRead(java.lang.String,java.lang.Object)
meth public void checkSecurityAccess(java.lang.String)
meth public void checkSetFactory()
meth public void checkSystemClipboardAccess()
anno 0 java.lang.Deprecated()
meth public void checkWrite(java.io.FileDescriptor)
meth public void checkWrite(java.lang.String)
supr java.lang.Object

CLSS public java.lang.Throwable
cons protected init(java.lang.String,java.lang.Throwable,boolean,boolean)
cons public init()
Expand Down Expand Up @@ -395,7 +348,7 @@ fld public final static java.lang.String PROP_MODULES = "modules"
meth public boolean hasToEnableCompatModules(java.util.Set<org.netbeans.Module>)
meth public boolean isOrWillEnable(org.netbeans.Module)
meth public boolean shouldDelegateResource(org.netbeans.Module,org.netbeans.Module,java.lang.String)
anno 0 java.lang.Deprecated()
anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="")
meth public boolean shouldDelegateResource(org.netbeans.Module,org.netbeans.Module,java.lang.String,java.lang.ClassLoader)
meth public boolean shutDown()
meth public boolean shutDown(java.lang.Runnable)
Expand All @@ -414,12 +367,12 @@ meth public java.util.Collection<org.netbeans.Module> getAttachedFragments(org.n
meth public java.util.List<org.netbeans.Module> simulateDisable(java.util.Set<org.netbeans.Module>)
meth public java.util.List<org.netbeans.Module> simulateEnable(java.util.Set<org.netbeans.Module>)
meth public java.util.Set<org.netbeans.Module> getModuleInterdependencies(org.netbeans.Module,boolean,boolean)
anno 0 java.lang.Deprecated()
anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="")
meth public java.util.Set<org.netbeans.Module> getModuleInterdependencies(org.netbeans.Module,boolean,boolean,boolean)
meth public java.util.Set<org.netbeans.Module> getModules()
meth public java.util.concurrent.Future<java.lang.Boolean> shutDownAsync(java.lang.Runnable)
meth public org.netbeans.Module create(java.io.File,java.lang.Object,boolean,boolean) throws java.io.IOException,org.netbeans.DuplicateException
anno 0 java.lang.Deprecated()
anno 0 java.lang.Deprecated(boolean forRemoval=false, java.lang.String since="")
meth public org.netbeans.Module create(java.io.File,java.lang.Object,boolean,boolean,boolean) throws java.io.IOException,org.netbeans.DuplicateException
meth public org.netbeans.Module createBundle(java.io.File,java.lang.Object,boolean,boolean,boolean,int) throws java.io.IOException,org.netbeans.DuplicateException
meth public org.netbeans.Module createFixed(java.util.jar.Manifest,java.lang.Object,java.lang.ClassLoader) throws org.netbeans.DuplicateException,org.netbeans.InvalidException
Expand Down Expand Up @@ -534,30 +487,6 @@ CLSS public abstract interface static org.netbeans.Stamps$Updater
meth public abstract void cacheReady()
meth public abstract void flushCaches(java.io.DataOutputStream) throws java.io.IOException

CLSS public org.netbeans.TopSecurityManager
cons public init()
meth public boolean checkTopLevelWindow(java.lang.Object)
meth public final void checkPropertyAccess(java.lang.String)
meth public static void exit(int)
meth public static void install()
meth public static void makeSwingUseSpecialClipboard(java.awt.datatransfer.Clipboard)
meth public static void register(java.lang.SecurityManager)
meth public static void unregister(java.lang.SecurityManager)
meth public void checkConnect(java.lang.String,int)
meth public void checkConnect(java.lang.String,int,java.lang.Object)
meth public void checkDelete(java.lang.String)
meth public void checkExit(int)
meth public void checkMemberAccess(java.lang.Class<?>,int)
meth public void checkPermission(java.security.Permission)
meth public void checkPermission(java.security.Permission,java.lang.Object)
meth public void checkRead(java.io.FileDescriptor)
meth public void checkRead(java.lang.String)
meth public void checkWrite(java.io.FileDescriptor)
meth public void checkWrite(java.lang.String)
supr java.lang.SecurityManager
hfds CLIPBOARD_FORBIDDEN,LOG,URLClass,accessControllerClass,allPermission,awtPermissionClass,callerWhiteList,check,classLoaderClass,delegates,fsSecManager,officialExit,runtimePermissionClass,urlField,warnedClassesNDE,warnedClassesNH,warnedSunMisc
hcls PrivilegedCheck

CLSS public final org.netbeans.Util
fld public final static java.util.logging.Logger err
innr public abstract interface static ModuleProvider
Expand Down
2 changes: 1 addition & 1 deletion platform/o.n.bootstrap/nbproject/project.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
# under the License.

javac.compilerargs=-Xlint:all -Xlint:-serial -Xlint:-processing
javac.source=1.8
javac.release=11
module.jar.dir=lib
module.jar.basename=boot.jar
release.launcher/unix/nbexec=lib/nbexec
Expand Down
Loading
Loading