PropertyPermission | java.util | Java 1.2 | serializable permission | This class is a java.security.Permission that governs read and write access to system properties with System.getProperty( ) and System.setProperty( ) . A PropertyPermission object has a name, or target, and a comma-separated list of actions. The name of the permission is the name of the property of interest. The action string can be "read" for getProperty( ) access, "write" for setProperty( ) access, or "read,write" for both types of access. PropertyPermission extends java.security.BasicPermission , so the name of the property supports simple wildcards. The name "*" represents any property name. If a name ends with ".*", it represents any property names that share the specified prefix. For example, the name "java.*" represents "java.version", "java.vendor", "java.vendor.url", and all other properties that begin with "java". Granting access to system properties is not overtly dangerous, but caution is still necessary. Some properties, such as " user .home", reveal details about the host system that malicious code can use to mount an attack. Programmers writing system-level code and system administrators configuring security policies may need to use this class, but applications never need to use it. Figure 16-49. java.util.PropertyPermission public final class PropertyPermission extends java.security.BasicPermission { // Public Constructors public PropertyPermission (String name , String actions ); // Public Methods Overriding BasicPermission public boolean equals (Object obj ); public String getActions ( ); public int hashCode ( ); public boolean implies (java.security.Permission p ); public java.security.PermissionCollection newPermissionCollection ( ); } |