filebot/source/net/filebot/format/SecureCompiledScript.java

package net.filebot.format;

import java.io.File;
import java.io.FilePermission;
import java.lang.management.ManagementPermission;
import java.net.SocketPermission;
import java.security.AccessControlContext;
import java.security.AccessControlException;
import java.security.AccessController;
import java.security.PermissionCollection;
import java.security.Permissions;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.security.ProtectionDomain;
import java.util.PropertyPermission;

import javax.script.CompiledScript;
import javax.script.ScriptContext;
import javax.script.ScriptEngine;
import javax.script.ScriptException;

import net.filebot.util.ExceptionUtilities;

public class SecureCompiledScript extends CompiledScript {

	public static PermissionCollection getDefaultSandboxPermissions() {
		Permissions permissions = new Permissions();

		permissions.add(new RuntimePermission("createClassLoader"));
		permissions.add(new RuntimePermission("accessDeclaredMembers"));
		permissions.add(new RuntimePermission("accessClassInPackage.*"));
		permissions.add(new RuntimePermission("modifyThread"));
		permissions.add(new FilePermission("<<ALL FILES>>", "read"));
		permissions.add(new SocketPermission("*", "connect"));
		permissions.add(new PropertyPermission("*", "read"));
		permissions.add(new RuntimePermission("getenv.*"));
		permissions.add(new RuntimePermission("getFileSystemAttributes"));
		permissions.add(new ManagementPermission("monitor"));

		// write permissions for temp and cache folders
		try {
			permissions.add(new FilePermission(new File(System.getProperty("java.io.tmpdir")).getAbsolutePath() + File.separator + "-", "write, delete"));
			permissions.add(new FilePermission(new File(System.getProperty("ehcache.disk.store.dir")).getAbsolutePath() + File.separator + "-", "write, delete"));
		} catch (Exception e) {
			// ignore
		}

		return permissions;
	}

	private final CompiledScript compiledScript;
	private final AccessControlContext sandbox;

	public SecureCompiledScript(CompiledScript compiledScript) {
		this(compiledScript, new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, getDefaultSandboxPermissions()) }));
	}

	public SecureCompiledScript(CompiledScript compiledScript, AccessControlContext sandbox) {
		this.compiledScript = compiledScript;
		this.sandbox = sandbox;
	}

	@Override
	public Object eval(final ScriptContext context) throws ScriptException {
		try {
			return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {

				@Override
				public Object run() throws ScriptException {
					return compiledScript.eval(context);
				}
			}, sandbox);
		} catch (PrivilegedActionException e) {
			AccessControlException accessException = ExceptionUtilities.findCause(e, AccessControlException.class);

			// try to unwrap AccessControlException
			if (accessException != null)
				throw new ExpressionException(accessException);

			// forward ScriptException
			// e.getException() should be an instance of ScriptException,
			// as only "checked" exceptions will be "wrapped" in a PrivilegedActionException
			throw (ScriptException) e.getException();
		}
	}

	@Override
	public ScriptEngine getEngine() {
		return compiledScript.getEngine();
	}

}
* fix package and import declarations 2014-04-19 02:30:29 -04:00			`package net.filebot.format;`
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00
			`import java.io.File;`
			`import java.io.FilePermission;`
* update samples 2013-10-17 03:11:32 -04:00			`import java.lang.management.ManagementPermission;`
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`import java.net.SocketPermission;`
			`import java.security.AccessControlContext;`
			`import java.security.AccessControlException;`
			`import java.security.AccessController;`
			`import java.security.PermissionCollection;`
			`import java.security.Permissions;`
			`import java.security.PrivilegedActionException;`
			`import java.security.PrivilegedExceptionAction;`
			`import java.security.ProtectionDomain;`
			`import java.util.PropertyPermission;`

			`import javax.script.CompiledScript;`
			`import javax.script.ScriptContext;`
			`import javax.script.ScriptEngine;`
			`import javax.script.ScriptException;`

* fix package and import declarations 2014-04-19 02:30:29 -04:00			`import net.filebot.util.ExceptionUtilities;`
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00
			`public class SecureCompiledScript extends CompiledScript {`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`public static PermissionCollection getDefaultSandboxPermissions() {`
			`Permissions permissions = new Permissions();`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`permissions.add(new RuntimePermission("createClassLoader"));`
* fix format capability issues 2013-12-03 10:24:57 -05:00			`permissions.add(new RuntimePermission("accessDeclaredMembers"));`
* better support for web-scraping in format expressions 2013-10-18 07:11:15 -04:00			`permissions.add(new RuntimePermission("accessClassInPackage.*"));`
* added data 2013-04-04 17:41:47 -04:00			`permissions.add(new RuntimePermission("modifyThread"));`
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`permissions.add(new FilePermission("<<ALL FILES>>", "read"));`
			`permissions.add(new SocketPermission("*", "connect"));`
			`permissions.add(new PropertyPermission("*", "read"));`
			`permissions.add(new RuntimePermission("getenv.*"));`
* Expression Format: added getFileSystemAttributes permission 2013-01-22 04:26:24 -05:00			`permissions.add(new RuntimePermission("getFileSystemAttributes"));`
* update samples 2013-10-17 03:11:32 -04:00			`permissions.add(new ManagementPermission("monitor"));`

+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`// write permissions for temp and cache folders`
* cache compiled script snippets since each new instance leaks into PermGen memory 2013-01-29 04:05:42 -05:00			`try {`
			`permissions.add(new FilePermission(new File(System.getProperty("java.io.tmpdir")).getAbsolutePath() + File.separator + "-", "write, delete"));`
			`permissions.add(new FilePermission(new File(System.getProperty("ehcache.disk.store.dir")).getAbsolutePath() + File.separator + "-", "write, delete"));`
			`} catch (Exception e) {`
			`// ignore`
			`}`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`return permissions;`
			`}`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`private final CompiledScript compiledScript;`
			`private final AccessControlContext sandbox;`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`public SecureCompiledScript(CompiledScript compiledScript) {`
			`this(compiledScript, new AccessControlContext(new ProtectionDomain[] { new ProtectionDomain(null, getDefaultSandboxPermissions()) }));`
			`}`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`public SecureCompiledScript(CompiledScript compiledScript, AccessControlContext sandbox) {`
			`this.compiledScript = compiledScript;`
			`this.sandbox = sandbox;`
			`}`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`@Override`
			`public Object eval(final ScriptContext context) throws ScriptException {`
			`try {`
			`return AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() {`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`@Override`
			`public Object run() throws ScriptException {`
			`return compiledScript.eval(context);`
			`}`
			`}, sandbox);`
			`} catch (PrivilegedActionException e) {`
			`AccessControlException accessException = ExceptionUtilities.findCause(e, AccessControlException.class);`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`// try to unwrap AccessControlException`
			`if (accessException != null)`
			`throw new ExpressionException(accessException);`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`// forward ScriptException`
			`// e.getException() should be an instance of ScriptException,`
			`// as only "checked" exceptions will be "wrapped" in a PrivilegedActionException`
			`throw (ScriptException) e.getException();`
			`}`
			`}`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`@Override`
			`public ScriptEngine getEngine() {`
			`return compiledScript.getEngine();`
			`}`
* update samples 2013-10-17 03:11:32 -04:00
+ support episode --filter CLI option 2012-03-24 22:50:28 -04:00			`}`