Class TrialPolicy.Permission

  • All Implemented Interfaces:
    Serializable, Guard
    Enclosing class:
    TrialPolicy

    public static final class TrialPolicy.Permission
    extends Permission
    A permission like java.security.AllPermission, but without any FilePermission (the real policy's sandboxed/unsandboxed grants should handle those), nor a couple dozen varieties of RuntimePermission, SecurityPermission, and ReflectPermission that would typically not be granted without clear intent.

    This permission can be granted in a TrialPolicy while identifying any straggling permissions needed by some existing code, without quite the excitement of granting AllPermission. Any of the permissions excluded from this one can also be granted in the TrialPolicy, of course, if there is reason to believe the code might need them.

    The proper spelling in a policy file is org.postgresql.pljava.policy.TrialPolicy$Permission.

    This permission will probably only work right in a TrialPolicy. Any permission whose implies method can return true for permissions of other classes than its own may be ineffective in a stock Java policy, where permission collections are kept segregated by the class of the permission to be checked. Java's AllPermission gets special-case treatment in the stock implementation, and this permission likewise has to be treated specially in TrialPolicy. The only kind of custom permission that can genuinely drop in and work is one whose implies method only imposes semantics on the names/actions of different instances of that permission class.

    A permission that does not live on the boot classpath is initially read from a policy file as an instance of UnresolvedPermission, and only gets resolved when a permission check is made, checking for an instance of its actual class. That is another complication when implementing a permission that may imply permissions of other classes.

    A permission implemented in a different named module must be in a package that is exported to java.base.

    See Also:
    Serialized Form