- java.lang.Object
-
- java.security.Permission
-
- java.security.BasicPermission
-
- java.awt.AWTPermission
-
- All Implemented Interfaces:
-
Serializable
,Guard
public final class AWTPermission extends BasicPermission
此类用于AWT权限。 一个AWTPermission
包含一个目标名称,但没有动作列表; 你有指定的权限,或者你没有。目标名称是AWT许可的名称(见下文)。 命名约定遵循层次化属性命名约定。 此外,星号可用于表示所有AWT权限。
下表列出了所有可能的
AWTPermission target names, descriptions, and associated risks Permission Target Name What the Permission Allows Risks of Allowing this Permission accessClipboard Posting and retrieval of information to and from the AWT clipboard This would allow malfeasant code to share potentially sensitive or confidential information. accessEventQueue Access to the AWT event queue After retrieving the AWT event queue, malicious code may peek at and even remove existing events from its event queue, as well as post bogus events which may purposefully cause the application or applet to misbehave in an insecure manner. accessSystemTray Access to the AWT SystemTray instance This would allow malicious code to add tray icons to the system tray. First, such an icon may look like the icon of some known application (such as a firewall or anti-virus) and order a user to do something unsafe (with help of balloon messages). Second, the system tray may be glutted with tray icons so that no one could add a tray icon anymore. createRobot Create java.awt.Robot objects The java.awt.Robot object allows code to generate native-level mouse and keyboard events as well as read the screen. It could allow malicious code to control the system, run other programs, read the display, and deny mouse and keyboard access to the user. fullScreenExclusive Enter full-screen exclusive mode Entering full-screen exclusive mode allows direct access to low-level graphics card memory. This could be used to spoof the system, since the program is in direct control of rendering. Depending on the implementation, the security warning may not be shown for the windows used to enter the full-screen exclusive mode (assuming that theAWTPermission
目标名称,每个都提供了许可允许的描述以及授权许可的风险的讨论。fullScreenExclusive
permission has been granted to this application). Note that this behavior does not mean that theshowWindowWithoutWarningBanner
permission will be automatically granted to the application which has thefullScreenExclusive
permission: non-full-screen windows will continue to be shown with the security warning. listenToAllAWTEvents Listen to all AWT events, system-wide After adding an AWT event listener, malicious code may scan all AWT events dispatched in the system, allowing it to read all user input (such as passwords). Each AWT event listener is called from within the context of that event queue's EventDispatchThread, so if the accessEventQueue permission is also enabled, malicious code could modify the contents of AWT event queues system-wide, causing the application or applet to misbehave in an insecure manner. readDisplayPixels Readback of pixels from the display screen Interfaces such as the java.awt.Composite interface or the java.awt.Robot class allow arbitrary code to examine pixels on the display enable malicious code to snoop on the activities of the user. replaceKeyboardFocusManager Sets theKeyboardFocusManager
for a particular thread. WhenSecurityManager
is installed, the invoking thread must be granted this permission in order to replace the currentKeyboardFocusManager
. If permission is not granted, aSecurityException
will be thrown. setAppletStub Setting the stub which implements Applet container services Malicious code could set an applet's stub and result in unexpected behavior or denial of service to an applet. setWindowAlwaysOnTop Setting always-on-top property of the window:Window.setAlwaysOnTop(boolean)
The malicious window might make itself look and behave like a real full desktop, so that information entered by the unsuspecting user is captured and subsequently misused showWindowWithoutWarningBanner Display of a window without also displaying a banner warning that the window was created by an applet Without this warning, an applet may pop up windows without the user knowing that they belong to an applet. Since users may make security-sensitive decisions based on whether or not the window belongs to an applet (entering a username and password into a dialog box, for example), disabling this warning banner may allow applets to trick the user into entering such information. toolkitModality CreatingTOOLKIT_MODAL
dialogs and setting theTOOLKIT_EXCLUDE
window property. When a toolkit-modal dialog is shown from an applet, it blocks all other applets in the browser. When launching applications from Java Web Start, its windows (such as the security dialog) may also be blocked by toolkit-modal dialogs, shown from these applications. watchMousePointer Getting the information about the mouse pointer position at any time Constantly watching the mouse pointer, an applet can make guesses about what the user is doing, i.e. moving the mouse to the lower left corner of the screen most likely means that the user is about to launch an application. If a virtual keypad is used so that keyboard is emulated using the mouse, an applet may guess what is being typed.
-
-
构造方法摘要
构造方法 Constructor 描述 AWTPermission(String name)
用指定的名称创建一个新的AWTPermission
。AWTPermission(String name, String actions)
使用指定的名称创建一个新的AWTPermission
对象。
-
方法摘要
-
Methods inherited from class java.security.BasicPermission
equals, getActions, hashCode, implies, newPermissionCollection
-
Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait
-
Methods inherited from class java.security.Permission
checkGuard, getName, toString
-
-
-
-
构造方法详细信息
-
AWTPermission
public AWTPermission(String name)
创建一个具有指定名称的新的AWTPermission
。 该名称是AWTPermission
的符号名称,例如“topLevelWindow”,“systemClipboard”等。星号可用于指示所有AWT权限。- 参数
-
name
- AWTPermission的名称 - 异常
-
NullPointerException
- 如果name
是null
。 -
IllegalArgumentException
- 如果name
为空。
-
AWTPermission
public AWTPermission(String name, String actions)
创建具有指定名称的新的AWTPermission
对象。 该名称是AWTPermission
的符号名称,并且操作字符串当前未使用,应为null
。- 参数
-
name
- 名称为AWTPermission
-
actions
- 应为null
- 异常
-
NullPointerException
- 如果name
是null
。 -
IllegalArgumentException
- 如果name
为空。
-
-