SecurityManager #Java

SecurityManagerを設定すると、全体的にアクセス権が失われ、アプリで設定したポリシーに従ったアクセス制御となる
Policy.setPolicyで設定する

class SamplePolicy extends Policy{
    PermissionCollection pc;
    SamplePolicy(PermissionCollection pc) {
        this.pc = pc;
    }

    @Override
    public boolean implies(ProtectionDomain domain, Permission permission) {
        System.out.println("implies executed");
        boolean bl = pc.implies(permission);
        System.out.println(bl);
        return pc.implies(permission);
    }
}
class NocheckSecurityManager extends SecurityManager {
    @Override
    public void checkPermission(Permission perm) {
        System.out.println(perm);
        System.out.println("checkPermission executed");
    }    
}
public class SampleProject {

    /**
     * @param args the command line arguments
     */
    public static void main(String[] args) {
        System.setSecurityManager(new NocheckSecurityManager());
        method();
        System.setSecurityManager(new SecurityManager());
        method();
        Permissions ps = new Permissions();
        ps.add(new FilePermission("C:\\dirtest","read"));
        Policy.setPolicy(new SamplePolicy(ps));
        method();
    }
    static void method() {
        try {
            Stream<Path> s = Files.list(Paths.get("C:\\dirtest"));
            s.forEach(System.out::println);
        } catch (IOException|AccessControlException ex) {
            ex.printStackTrace();
        }
    }
}

("java.io.FilePermission" "C:\dirtest" "read")
checkPermission executed
C:\dirtest\cook.jpg
C:\dirtest\cookcpy.jpg
C:\dirtest\dir1
C:\dirtest\iii
C:\dirtest\sample-utf8.properties
C:\dirtest\sample.properties
C:\dirtest\sample.properties.0
java.security.AccessControlException: access denied ("java.io.FilePermission" "C:\dirtest" "read")
C:\dirtest\sample.ser
C:\dirtest\sample_en_US.properties
C:\dirtest\sample_ja_JP.properties
C:\dirtest\showa.txt
C:\dirtest\test.java
C:\dirtest\test.txt
	at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
	at java.base/java.security.AccessController.checkPermission(AccessController.java:897)
	at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:322)
	at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:661)
	at java.base/sun.nio.fs.WindowsPath.checkRead(WindowsPath.java:847)
	at java.base/sun.nio.fs.WindowsFileSystemProvider.newDirectoryStream(WindowsFileSystemProvider.java:520)
	at java.base/java.nio.file.Files.newDirectoryStream(Files.java:472)
	at java.base/java.nio.file.Files.list(Files.java:3699)
	at sampleproject.SampleProject.method(SampleProject.java:62)
	at sampleproject.SampleProject.main(SampleProject.java:54)
C:\dirtest\testfile.txt
C:\dirtest\testmakefile.txt
C:\dirtest\testwritefile.txt
("java.lang.RuntimePermission" "createSecurityManager")
checkPermission executed
("java.lang.RuntimePermission" "setSecurityManager")
checkPermission executed
implies executed
true
C:\dirtest\cook.jpg
C:\dirtest\cookcpy.jpg
C:\dirtest\dir1
C:\dirtest\iii
C:\dirtest\sample-utf8.properties
C:\dirtest\sample.properties
C:\dirtest\sample.properties.0
C:\dirtest\sample.ser
C:\dirtest\sample_en_US.properties
C:\dirtest\sample_ja_JP.properties
C:\dirtest\showa.txt
C:\dirtest\test.java
C:\dirtest\test.txt
C:\dirtest\testfile.txt
C:\dirtest\testmakefile.txt
C:\dirtest\testwritefile.txt

setSecurityManager, setPolicyあたりでエラーが出るのでjava.policyに権限追加したら解消した。

java.policy

    permission java.lang.RuntimePermission "setSecurityManager", "read,write";
    permission java.security.SecurityPermission "setPolicy", "read,write";