From 710ee7d8ac4f44ebfb08ff05010e30815de8ec85 Mon Sep 17 00:00:00 2001 From: Vasil Vasilev Date: Thu, 26 Jan 2023 18:37:19 +0100 Subject: [PATCH] Reduce the overhead of the custom security manager #SCL-20064 Changes from https://github.com/facebook/nailgun/pull/149. --- .../facebook/nailgun/NGSecurityManager.java | 162 +++++++++++++++++- 1 file changed, 161 insertions(+), 1 deletion(-) diff --git a/nailgun-server/src/main/java/com/facebook/nailgun/NGSecurityManager.java b/nailgun-server/src/main/java/com/facebook/nailgun/NGSecurityManager.java index 5f3549f4..e493d50a 100644 --- a/nailgun-server/src/main/java/com/facebook/nailgun/NGSecurityManager.java +++ b/nailgun-server/src/main/java/com/facebook/nailgun/NGSecurityManager.java @@ -17,6 +17,8 @@ package com.facebook.nailgun; +import java.io.FileDescriptor; +import java.net.InetAddress; import java.security.Permission; /** @@ -37,6 +39,7 @@ public NGSecurityManager(SecurityManager base) { this.base = base; } + @Override public void checkExit(int status) { if (base != null) { base.checkExit(status); @@ -45,12 +48,14 @@ public void checkExit(int status) { throw new NGExitException(status); } + @Override public void checkPermission(Permission perm) { if (base != null) { base.checkPermission(perm); } } + @Override public void checkPermission(Permission perm, Object context) { if (base != null) { base.checkPermission(perm, context); @@ -58,9 +63,164 @@ public void checkPermission(Permission perm, Object context) { } /** Avoid constructing a FilePermission object in checkRead if base manager is null. */ + @Override public void checkRead(String file) { if (base != null) { - super.checkRead(file); + base.checkRead(file); + } + } + + @Override + public void checkCreateClassLoader() { + if (base != null) { + base.checkCreateClassLoader(); + } + } + + @Override + public void checkAccess(Thread t) { + if (base != null) { + base.checkAccess(t); + } + } + + @Override + public void checkAccess(ThreadGroup g) { + if (base != null) { + base.checkAccess(g); + } + } + + @Override + public void checkExec(String cmd) { + if (base != null) { + base.checkExec(cmd); + } + } + + @Override + public void checkLink(String lib) { + if (base != null) { + base.checkLink(lib); + } + } + + @Override + public void checkRead(FileDescriptor fd) { + if (base != null) { + base.checkRead(fd); + } + } + + @Override + public void checkRead(String file, Object context) { + if (base != null) { + base.checkRead(file, context); + } + } + + @Override + public void checkWrite(FileDescriptor fd) { + if (base != null) { + base.checkWrite(fd); + } + } + + @Override + public void checkWrite(String file) { + if (base != null) { + base.checkWrite(file); + } + } + + @Override + public void checkDelete(String file) { + if (base != null) { + base.checkDelete(file); + } + } + + @Override + public void checkConnect(String host, int port) { + if (base != null) { + base.checkConnect(host, port); + } + } + + @Override + public void checkConnect(String host, int port, Object context) { + if (base != null) { + base.checkConnect(host, port, context); + } + } + + @Override + public void checkListen(int port) { + if (base != null) { + base.checkListen(port); + } + } + + @Override + public void checkAccept(String host, int port) { + if (base != null) { + base.checkAccept(host, port); + } + } + + @Override + public void checkMulticast(InetAddress maddr) { + if (base != null) { + base.checkMulticast(maddr); + } + } + + @Override + public void checkPropertiesAccess() { + if (base != null) { + base.checkPropertiesAccess(); + } + } + + @Override + public void checkPropertyAccess(String key) { + if (base != null) { + base.checkPropertyAccess(key); + } + } + + @Override + public void checkPrintJobAccess() { + if (base != null) { + base.checkPrintJobAccess(); + } + } + + @Override + public void checkPackageAccess(String pkg) { + if (base != null) { + base.checkPackageAccess(pkg); + } + } + + @Override + public void checkPackageDefinition(String pkg) { + if (base != null) { + base.checkPackageDefinition(pkg); + } + } + + @Override + public void checkSetFactory() { + if (base != null) { + base.checkSetFactory(); + } + } + + @Override + public void checkSecurityAccess(String target) { + if (base != null) { + base.checkSecurityAccess(target); } } }