[COLLECTIONS-538] Use AccessController to read system properties in ExtendedProperties, use File.separator in case of a security exception.
git-svn-id: https://svn.apache.org/repos/asf/commons/proper/collections/branches/COLLECTIONS_3_2_X@1713233 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
eb693a7469
commit
c0da312f34
|
@ -23,6 +23,12 @@
|
||||||
|
|
||||||
<release version="3.2.2" date="20XX-XX-XX" description="This is a bugfix release.">
|
<release version="3.2.2" date="20XX-XX-XX" description="This is a bugfix release.">
|
||||||
|
|
||||||
|
<action issue="COLLECTIONS-538" dev="tn" type="fix" due-to="Trejkaz">
|
||||||
|
"ExtendedProperties" will now use a privileged action to access the
|
||||||
|
"file.separator" system property. In case the class does not have
|
||||||
|
permission to read system properties, the "File#separator" field will
|
||||||
|
be used instead.
|
||||||
|
</action>
|
||||||
<action issue="COLLECTIONS-350" dev="bayard" type="fix" due-to="Michael Akerman">
|
<action issue="COLLECTIONS-350" dev="bayard" type="fix" due-to="Michael Akerman">
|
||||||
Removed debug output in "MapUtils#getNumber(Map)".
|
Removed debug output in "MapUtils#getNumber(Map)".
|
||||||
</action>
|
</action>
|
||||||
|
|
|
@ -26,6 +26,7 @@ import java.io.OutputStream;
|
||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
import java.io.Reader;
|
import java.io.Reader;
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
|
import java.security.AccessController;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
import java.util.Enumeration;
|
import java.util.Enumeration;
|
||||||
import java.util.Hashtable;
|
import java.util.Hashtable;
|
||||||
|
@ -165,10 +166,22 @@ public class ExtendedProperties extends Hashtable {
|
||||||
/**
|
/**
|
||||||
* File separator.
|
* File separator.
|
||||||
*/
|
*/
|
||||||
protected String fileSeparator = System.getProperty("file.separator");
|
protected String fileSeparator;
|
||||||
|
{
|
||||||
|
try {
|
||||||
|
fileSeparator = (String) AccessController.doPrivileged(
|
||||||
|
new java.security.PrivilegedAction() {
|
||||||
|
public Object run() {
|
||||||
|
return System.getProperty("file.separator");
|
||||||
|
}
|
||||||
|
});
|
||||||
|
} catch (SecurityException ex) {
|
||||||
|
fileSeparator = File.separator;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Has this configuration been intialized.
|
* Has this configuration been initialized.
|
||||||
*/
|
*/
|
||||||
protected boolean isInitialized = false;
|
protected boolean isInitialized = false;
|
||||||
|
|
||||||
|
|
|
@ -19,6 +19,7 @@ package org.apache.commons.collections;
|
||||||
import java.io.ByteArrayInputStream;
|
import java.io.ByteArrayInputStream;
|
||||||
import java.io.ByteArrayOutputStream;
|
import java.io.ByteArrayOutputStream;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.security.Permission;
|
||||||
import java.util.Properties;
|
import java.util.Properties;
|
||||||
|
|
||||||
import junit.framework.Test;
|
import junit.framework.Test;
|
||||||
|
@ -314,4 +315,29 @@ public class TestExtendedProperties extends TestCase {
|
||||||
assertEquals("class", extended.getString("resource.loader"));
|
assertEquals("class", extended.getString("resource.loader"));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void testActiveSecurityManager() {
|
||||||
|
SecurityManager manager = new SecurityManager() {
|
||||||
|
|
||||||
|
public void checkPropertyAccess(String key) {
|
||||||
|
throw new SecurityException();
|
||||||
|
}
|
||||||
|
|
||||||
|
public void checkPermission(Permission perm) {
|
||||||
|
}
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
System.setSecurityManager(manager);
|
||||||
|
|
||||||
|
try {
|
||||||
|
ExtendedProperties properties = new ExtendedProperties();
|
||||||
|
assertNotNull(properties);
|
||||||
|
} catch (Exception ex) {
|
||||||
|
ex.printStackTrace();
|
||||||
|
fail("failed to instantiate ExtendedProperties");
|
||||||
|
} finally {
|
||||||
|
System.setSecurityManager(null);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue