org.tanukisoftware.wrapper.security

Class WrapperServicePermission

java.lang.Object

java.security.Permission

org.tanukisoftware.wrapper.security.WrapperServicePermission

All Implemented Interfaces:

java.io.Serializable, java.security.Guard

public class WrapperServicePermission
extends java.security.Permission

WrapperServicePermissions are used to grant the right to start, stop, pause, continue, interrogate, or send custom codes to other services running on a Windows system.

These permissions are inherently quite dangerous so great care should be taken when granting them. When doing so, try to only grant permission to those services which really need to be controlled.

The following are examples of how to specify the permission within a policy file.

   grant codeBase "file:../lib/-" {
     // Grant various permissions to a specific service.
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "myservice", "interrogate";
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "myservice", "interrogate,start,stop";
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "myservice", "userCode";
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "myservice", "*";

     // Grant various permissions to any service starting with "my".
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "my*", "*";

     // Let the calling code do anything to any service on the system
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "*", "*";
     permission org.tanukisoftware.wrapper.security.WrapperServicePermission "*";
   };
 

Possible actions include the following:

Permission Action Name	What the Permission Allows	Risks of Allowing this Permission
start	Start a service which is installed but has not been started.	Malicious code could potentially start any service that is not currently running. This includes services which were previously stopped or that are configured to be started manually. Many Windows systems have several services stopped by default because of the security hazards that they pose. Starting such services could open the system up to attacks related to that service.
stop	Stop a service which is currently running.	Malicious code could potentially stop running service. This could result in a denial of service attack if the service is a web or database server. Or it result in more dangerous attacks if the service is a firewall or virus scanner.
pause	Pause a service which is currently running.	Malicious code could potentially pause running service. This could result in a denial of service attack if the service is a web or database server. Or it result in more dangerous attacks if the service is a firewall or virus scanner.
continue	Continue a service which was previously paused.	Malicious code could resume services which had been paused for a good reason.
interrogate	Interrogate a service as to its current state.	Malicious code learn a lot about a system and its weakness by probing which services are currently running.
userCode	Send any custom user code to a service.	The danger of this action depends on whether or not the service understands custom user codes, and what it does with them. This could potentially be a very dangerous permission to grant.

Author:

Tanuki Software Development Team <support@tanukisoftware.com>

See Also:

Serialized Form

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	ACTION_CONTINUE
static java.lang.String	ACTION_INTERROGATE
static java.lang.String	ACTION_PAUSE
static java.lang.String	ACTION_START
static java.lang.String	ACTION_STOP
static java.lang.String	ACTION_USER_CODE

Constructor Summary

Constructors

Constructor and Description
WrapperServicePermission(java.lang.String serviceName) Creates a new WrapperServicePermission for the specified service.
WrapperServicePermission(java.lang.String serviceName, java.lang.String actions) Creates a new WrapperServicePermission for the specified service.

Method Summary

Modifier and Type	Method and Description
boolean	equals(java.lang.Object obj) Checks two Permission objects for equality.
java.lang.String	getActions() Return the canonical string representation of the actions.
int	hashCode() Returns the hash code value for this object.
boolean	implies(java.security.Permission p2) Checks if this WrapperServicePermission object "implies" the specified permission.
java.security.PermissionCollection	newPermissionCollection() Returns a custom WSCollection implementation of a PermissionCollection.

Methods inherited from class java.security.Permission

checkGuard, getName, toString

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

ACTION_START

public static java.lang.String ACTION_START

ACTION_STOP

public static java.lang.String ACTION_STOP

ACTION_PAUSE

public static java.lang.String ACTION_PAUSE

ACTION_CONTINUE

public static java.lang.String ACTION_CONTINUE

ACTION_INTERROGATE

public static java.lang.String ACTION_INTERROGATE

ACTION_USER_CODE

public static java.lang.String ACTION_USER_CODE

Constructor Detail

WrapperServicePermission

public WrapperServicePermission(java.lang.String serviceName,
                                java.lang.String actions)

Creates a new WrapperServicePermission for the specified service.

Parameters:

serviceName - The name of the service whose access is being controlled.

actions - The action or actions to be performed.

WrapperServicePermission

public WrapperServicePermission(java.lang.String serviceName)

Creates a new WrapperServicePermission for the specified service. This version of the constructor grants all actions.

Parameters:

serviceName - The name of the service whose access is being controlled.

Method Detail

equals

public boolean equals(java.lang.Object obj)

Checks two Permission objects for equality.

Do not use the equals method for making access control decisions; use the implies method.

Specified by:

equals in class java.security.Permission

Parameters:

obj - The object we are testing for equality with this object.

Returns:

True if both Permission objects are equivalent.

getActions

public java.lang.String getActions()

Return the canonical string representation of the actions. Always returns present actions in the following order: start, stop, pause, continue, interrogate. userCode.

Specified by:

getActions in class java.security.Permission

Returns:

the canonical string representation of the actions.

implies

public boolean implies(java.security.Permission p2)

Checks if this WrapperServicePermission object "implies" the specified permission.

More specifically, this method returns true if:

• p2 is an instanceof FilePermission,
• p2's actions are a proper subset of this object's actions, and
• p2's service name is implied by this object's service name. For example, "MyApp*" implies "MyApp".

Specified by:

implies in class java.security.Permission

Parameters:

p2 - The permission to check against.

Returns:

True if the specified permission is implied by this object.

newPermissionCollection

public java.security.PermissionCollection newPermissionCollection()

Returns a custom WSCollection implementation of a PermissionCollection.

Overrides:

newPermissionCollection in class java.security.Permission

Returns:

A custom WSCollection implementation of a PermissionCollection.

hashCode

public int hashCode()

Returns the hash code value for this object.

Specified by:

hashCode in class java.security.Permission

Returns:

A hash code value for this object.