001
014
015 package com.liferay.portal.security.pacl.checker;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019
020 import java.security.Permission;
021
022 import sun.reflect.Reflection;
023
024
027 public class NetChecker extends BaseChecker {
028
029 public void afterPropertiesSet() {
030 }
031
032 public boolean implies(Permission permission) {
033 String name = permission.getName();
034
035 if (name.equals(NET_PERMISSION_GET_PROXY_SELECTOR)) {
036 if (!hasGetProxySelector(permission)) {
037 logSecurityException(_log, "Attempted to get proxy selector");
038
039 return false;
040 }
041 }
042 else if (name.equals(NET_PERMISSION_SPECIFY_STREAM_HANDLER)) {
043 if (!hasSpecifyStreamHandler(permission)) {
044 logSecurityException(
045 _log, "Attempted to specify stream handler");
046
047 return false;
048 }
049 }
050 else {
051 logSecurityException(
052 _log, "Attempted " + name + " network operation");
053
054 return false;
055 }
056
057 return true;
058 }
059
060 protected boolean hasGetProxySelector(Permission permission) {
061 int stackIndex = getStackIndex(11, 10);
062
063 Class<?> callerClass = Reflection.getCallerClass(stackIndex);
064
065 if (isTrustedCaller(callerClass, permission)) {
066 return true;
067 }
068
069 return false;
070 }
071
072 protected boolean hasSpecifyStreamHandler(Permission permission) {
073 int stackIndex = getStackIndex(11, 10);
074
075 Class<?> callerClass = Reflection.getCallerClass(stackIndex);
076
077 if (isTrustedCaller(callerClass, permission)) {
078 return true;
079 }
080
081 return false;
082 }
083
084 private static Log _log = LogFactoryUtil.getLog(NetChecker.class);
085
086 }