Java 2 Platform SE v1.3.1: Class AWTPermission

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Java^TM 2 Platform
Std. Ed. v1.3.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

java.awt
Class AWTPermission

java.lang.Object
  |
  +--java.security.Permission
        |
        +--java.security.BasicPermission
              |
              +--java.awt.AWTPermission

All Implemented Interfaces:: Guard, Serializable

public final class AWTPermission
extends BasicPermission

This class is for AWT permissions. An AWTPermission contains a target name but no actions list; you either have the named permission or you don't.

The target name is the name of the AWT permission (see below). The naming convention follows the hierarchical property naming convention. Also, an asterisk could be used to represent all AWT permissions.

The following table lists all the possible AWTPermission target names, and for each provides a description of what the permission allows and a discussion of the risks of granting code the permission.

Permission Target Name What the Permission Allows Risks of Allowing this Permission

accessClipboard Posting and retrieval of information to and from the AWT clipboard This would allow malfeasant code to share potentially sensitive or confidential information.

accessEventQueue Access to the AWT event queue After retrieving the AWT event queue, malicious code may peek at and even remove existing events from its event queue, as well as post bogus events which may purposefully cause the application or applet to misbehave in an insecure manner.

listenToAllAWTEvents Listen to all AWT events, system-wide After adding an AWT event listener, malicious code may scan all AWT events dispatched in the system, allowing it to read all user input (such as passwords). Each AWT event listener is called from within the context of that event queue's EventDispatchThread, so if the accessEventQueue permission is also enabled, malicious code could modify the contents of AWT event queues system-wide, causing the application or applet to misbehave in an insecure manner.

showWindowWithoutWarningBanner Display of a window without also displaying a banner warning that the window was created by an applet Without this warning, an applet may pop up windows without the user knowing that they belong to an applet. Since users may make security-sensitive decisions based on whether or not the window belongs to an applet (entering a username and password into a dialog box, for example), disabling this warning banner may allow applets to trick the user into entering such information.

readDisplayPixels Readback of pixels from the display screen Interfaces such as the java.awt.Composite interface or the java.awt.Robot class allow arbitrary code to examine pixels on the display enable malicious code to snoop on the activities of the user.

createRobot Create java.awt.Robot objects The java.awt.Robot object allows code to generate native-level mouse and keyboard events as well as read the screen. It could allow malicious code to control the system, run other programs, read the display, and deny mouse and keyboard access to the user.

Permission Target Name	What the Permission Allows	Risks of Allowing this Permission
accessClipboard	Posting and retrieval of information to and from the AWT clipboard	This would allow malfeasant code to share potentially sensitive or confidential information.
accessEventQueue	Access to the AWT event queue	After retrieving the AWT event queue, malicious code may peek at and even remove existing events from its event queue, as well as post bogus events which may purposefully cause the application or applet to misbehave in an insecure manner.
listenToAllAWTEvents	Listen to all AWT events, system-wide	After adding an AWT event listener, malicious code may scan all AWT events dispatched in the system, allowing it to read all user input (such as passwords). Each AWT event listener is called from within the context of that event queue's EventDispatchThread, so if the accessEventQueue permission is also enabled, malicious code could modify the contents of AWT event queues system-wide, causing the application or applet to misbehave in an insecure manner.
showWindowWithoutWarningBanner	Display of a window without also displaying a banner warning that the window was created by an applet	Without this warning, an applet may pop up windows without the user knowing that they belong to an applet. Since users may make security-sensitive decisions based on whether or not the window belongs to an applet (entering a username and password into a dialog box, for example), disabling this warning banner may allow applets to trick the user into entering such information.
readDisplayPixels	Readback of pixels from the display screen	Interfaces such as the java.awt.Composite interface or the java.awt.Robot class allow arbitrary code to examine pixels on the display enable malicious code to snoop on the activities of the user.
createRobot	Create java.awt.Robot objects	The java.awt.Robot object allows code to generate native-level mouse and keyboard events as well as read the screen. It could allow malicious code to control the system, run other programs, read the display, and deny mouse and keyboard access to the user.

See Also:: BasicPermission, Permission, Permissions, PermissionCollection, SecurityManager, Serialized Form

Constructor Summary

AWTPermission(String name)
Creates a new AWTPermission with the specified name.

AWTPermission(String name, String actions)
Creates a new AWTPermission object with the specified name.

Methods inherited from class java.security.BasicPermission

equals, getActions, hashCode, implies, newPermissionCollection

Methods inherited from class java.security.Permission

checkGuard, getName, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

AWTPermission

public AWTPermission(String name)

Creates a new AWTPermission with the specified name. The name is the symbolic name of the AWTPermission, such as "topLevelWindow", "systemClipboard", etc. An asterisk may be used to indicate all AWT permissions.

Parameters:: name - the name of the AWTPermission.

AWTPermission

public AWTPermission(String name,
                     String actions)

Creates a new AWTPermission object with the specified name. The name is the symbolic name of the AWTPermission, and the actions String is currently unused and should be null. This constructor exists for use by the Policy object to instantiate new Permission objects.

Parameters:: name - the name of the AWTPermission.; actions - should be null.

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

Java^TM 2 Platform
Std. Ed. v1.3.1

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: INNER | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

Submit a bug or feature
For further API reference and developer documentation, see Java 2 SDK SE Developer Documentation. That documentation contains more detailed, developer-targeted descriptions, with conceptual overviews, definitions of terms, workarounds, and working code examples.

Java, Java 2D, and JDBC are trademarks or registered trademarks of Oracle and/or its affiliates, in the US and other countries.
Copyright © 1995, 2010 Oracle and/or its affiliates. All rights reserved.

Constructor Summary
`AWTPermission(String name)` Creates a new AWTPermission with the specified name.
`AWTPermission(String name, String actions)` Creates a new AWTPermission object with the specified name.

java.awt Class AWTPermission

AWTPermission

AWTPermission

java.awt
Class AWTPermission