2014-04-19 02:30:29 -04:00
|
|
|
package net.filebot.format;
|
2012-03-24 22:50:28 -04:00
|
|
|
|
|
|
|
|
import java.io.File;
|
|
|
|
|
import java.io.FilePermission;
|
2013-10-17 03:11:32 -04:00
|
|
|
import java.lang.management.ManagementPermission;
|
2015-11-13 01:17:15 -05:00
|
|
|
import java.lang.reflect.ReflectPermission;
|
2012-03-24 22:50:28 -04:00
|
|
|
import java.net.SocketPermission;
|
|
|
|
|
import java.security.AccessControlContext;
|
|
|
|
|
import java.security.AccessControlException;
|
|
|
|
|
import java.security.AccessController;
|
|
|
|
|
import java.security.PermissionCollection;
|
|
|
|
|
import java.security.Permissions;
|
|
|
|
|
import java.security.PrivilegedActionException;
|
|
|
|
|
import java.security.PrivilegedExceptionAction;
|
|
|
|
|
import java.security.ProtectionDomain;
|
|
|
|
|
import java.util.PropertyPermission;
|
2016-05-05 13:26:39 -04:00
|
|
|
import java.util.logging.LoggingPermission;
|
2012-03-24 22:50:28 -04:00
|
|
|
|
|
|
|
|
import javax.script.CompiledScript;
|
|
|
|
|
import javax.script.ScriptContext;
|
|
|
|
|
import javax.script.ScriptEngine;
|
|
|
|
|
import javax.script.ScriptException;
|
|
|
|
|
|
2016-08-04 03:05:54 -04:00
|
|
|
import net.filebot.ApplicationFolder;
|
2014-04-19 02:30:29 -04:00
|
|
|
import net.filebot.util.ExceptionUtilities;
|
2012-03-24 22:50:28 -04:00
|
|
|
|
|
|
|
|
public class SecureCompiledScript extends CompiledScript {
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
public static PermissionCollection getDefaultSandboxPermissions() {
|
|
|
|
|
Permissions permissions = new Permissions();
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2015-11-13 01:17:15 -05:00
|
|
|
// give up on real security, just try to keep files read-only (because of classloading and native lib loading issues)
|
2012-03-24 22:50:28 -04:00
|
|
|
permissions.add(new RuntimePermission("createClassLoader"));
|
2015-11-09 02:25:56 -05:00
|
|
|
permissions.add(new RuntimePermission("getClassLoader"));
|
2013-04-04 17:41:47 -04:00
|
|
|
permissions.add(new RuntimePermission("modifyThread"));
|
2015-11-09 02:25:56 -05:00
|
|
|
permissions.add(new RuntimePermission("modifyThreadGroup"));
|
|
|
|
|
permissions.add(new RuntimePermission("loadLibrary.*"));
|
|
|
|
|
permissions.add(new RuntimePermission("accessClassInPackage.*"));
|
|
|
|
|
permissions.add(new RuntimePermission("accessDeclaredMembers"));
|
|
|
|
|
permissions.add(new RuntimePermission("getenv.*"));
|
|
|
|
|
permissions.add(new RuntimePermission("getFileSystemAttributes"));
|
|
|
|
|
permissions.add(new RuntimePermission("readFileDescriptor"));
|
2016-05-05 13:26:39 -04:00
|
|
|
permissions.add(new RuntimePermission("preferences"));
|
2012-03-24 22:50:28 -04:00
|
|
|
permissions.add(new FilePermission("<<ALL FILES>>", "read"));
|
|
|
|
|
permissions.add(new SocketPermission("*", "connect"));
|
|
|
|
|
permissions.add(new PropertyPermission("*", "read"));
|
2015-11-13 01:17:15 -05:00
|
|
|
permissions.add(new PropertyPermission("*", "write"));
|
2016-05-05 13:26:39 -04:00
|
|
|
permissions.add(new LoggingPermission("control", null));
|
2013-10-17 03:11:32 -04:00
|
|
|
permissions.add(new ManagementPermission("monitor"));
|
2015-11-13 01:17:15 -05:00
|
|
|
permissions.add(new ReflectPermission("suppressAccessChecks"));
|
|
|
|
|
permissions.add(new ReflectPermission("newProxyInPackage.*"));
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2016-03-11 06:14:50 -05:00
|
|
|
// write permissions for cache and temp folders
|
|
|
|
|
for (ApplicationFolder it : ApplicationFolder.values()) {
|
|
|
|
|
permissions.add(new FilePermission(it.getCanonicalFile() + File.separator + "-", "read, write, delete"));
|
2013-01-29 04:05:42 -05:00
|
|
|
}
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
return permissions;
|
|
|
|
|
}
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
private final CompiledScript compiledScript;
|
|
|
|
|
private final AccessControlContext sandbox;
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
public SecureCompiledScript(CompiledScript compiledScript) {
|
|
|
|
|
this(compiledScript, new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, getDefaultSandboxPermissions()) }));
|
|
|
|
|
}
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
public SecureCompiledScript(CompiledScript compiledScript, AccessControlContext sandbox) {
|
|
|
|
|
this.compiledScript = compiledScript;
|
|
|
|
|
this.sandbox = sandbox;
|
|
|
|
|
}
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
@Override
|
|
|
|
|
public Object eval(final ScriptContext context) throws ScriptException {
|
|
|
|
|
try {
|
|
|
|
|
return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
@Override
|
|
|
|
|
public Object run() throws ScriptException {
|
|
|
|
|
return compiledScript.eval(context);
|
|
|
|
|
}
|
|
|
|
|
}, sandbox);
|
|
|
|
|
} catch (PrivilegedActionException e) {
|
|
|
|
|
AccessControlException accessException = ExceptionUtilities.findCause(e, AccessControlException.class);
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
// try to unwrap AccessControlException
|
|
|
|
|
if (accessException != null)
|
|
|
|
|
throw new ExpressionException(accessException);
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
// forward ScriptException
|
|
|
|
|
// e.getException() should be an instance of ScriptException,
|
|
|
|
|
// as only "checked" exceptions will be "wrapped" in a PrivilegedActionException
|
|
|
|
|
throw (ScriptException) e.getException();
|
|
|
|
|
}
|
|
|
|
|
}
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
@Override
|
|
|
|
|
public ScriptEngine getEngine() {
|
|
|
|
|
return compiledScript.getEngine();
|
|
|
|
|
}
|
2013-10-17 03:11:32 -04:00
|
|
|
|
2012-03-24 22:50:28 -04:00
|
|
|
}
|
