--- a/modules/javafx.base/src/main/java/javafx/util/FXPermission.java +++ b/modules/javafx.base/src/main/java/javafx/util/FXPermission.java @@ -33,119 +33,14 @@ import java.security.BasicPermission; * no actions list; you either have the named permission * or you don't. * - *

- * The target name is the name of the JavaFX permission (see below). The naming - * convention follows the hierarchical property naming convention. - * Also, an asterisk can be used to represent all JavaFX permissions. - *

- * - *

- * The following table lists all the possible {@code FXPermission} - * target names, and for each provides a description of what the permission - * allows and a discussion of the risks of granting code the permission. - *

- * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - *
FXPermission Table
Permission Target NameWhat the Permission AllowsRisks of Allowing this Permission
accessClipboardPosting and retrieval of information to and from the system clipboardThis would allow a malicious application to share or read - * potentially sensitive or confidential information.
accessWindowListAccessing the list of all JavaFX WindowsProviding access to the complete list of all JavaFX windows could give - * a malicious application the ability to modify a security dialog.
createRobotCreating JavaFX Robot objectsThe JavaFX Robot object allows code to generate native-level - * mouse and keyboard events as well as read the screen. It could allow - * malicious code to control the system, run other programs, read the - * display, and deny mouse and keyboard access to the user.
createTransparentWindowCreating transparent windowsTransparent windows are not limited to a rectangular region that - * obscures what is underneath the window. - * This can make it difficult to distinguish parts of the window - * from other application windows or the platform desktop, and can be used - * to allow a malicious application to trick a user into entering - * sensitive data, especially in conjunction with either - * {@code setWindowAlwaysOnTop} or {@code unrestrictedFullScreen}.
loadFontLoading a custom font, either via the - * {@link javafx.scene.text.Font#loadFont} method or a jar file containing - * embedded fonts listed in the jar manifestLoading a custom font might allow a malicious application to provide a - * malformed font. Such a font could crash the application, allowing the - * malicious application to take control of the system, if there are any - * bugs in the underlying platform font implementation.
modifyFXMLClassLoaderSetting the ClassLoader used to load FXML objects, and removing the - * restriction against loading system classesAllowing an application to set an arbitrary ClassLoader might enable - * a malicious application to load classes with elevated permissions. Also - * removing the restriction against loading system classes with a null - * ClassLoader, might allow the application access to classes they would - * otherwise be denied from accessing.
setWindowAlwaysOnTopSetting the always-on-top property of a window: - * {@link javafx.stage.Stage#setAlwaysOnTop}The malicious window might make itself look and behave like the - * platform desktop, so that information entered by the unsuspecting user - * is captured and subsequently misused, - * especially in conjunction with the {@code createTransparentWindow} - * permission.
unrestrictedFullScreenAllow unrestricted full-screen access, including keyboard events - * and warning bannerThis permission allows an application to enter full-screen mode at any - * time, override the warning banner, and disable the function of - * the ESC key to exit from full-screen mode. - * All keyboard input will be delivered to the application while in - * full-screen mode, rather than being limited to KEY_PRESSED and - * KEY_RELEASED events for a subset of keys. See - * {@link javafx.stage.Stage#setFullScreen}. - * This could allow a malicious window to - * look and behave like the platform desktop, so that information entered - * by the unsuspecting user is captured and subsequently misused, - * especially in conjunction with the {@code createTransparentWindow} - * permission.
+ * @apiNote + * This permission cannot be used for controlling access to resources anymore + * as the Security Manager is no longer supported. * * @see java.security.BasicPermission * @see java.security.Permission * @see java.security.Permissions * @see java.security.PermissionCollection - * @see java.lang.SecurityManager * * @since 9 */ --- a/modules/javafx.graphics/src/main/java/javafx/application/ConditionalFeature.java +++ b/modules/javafx.graphics/src/main/java/javafx/application/ConditionalFeature.java @@ -133,15 +133,6 @@ public enum ConditionalFeature { * except Linux systems without the XComposite extension. The * XShape extension is used in that case, so the window edges are aliased. *

- *

- * If a security manager is present, the application must have - * the {@link javafx.util.FXPermission} "createTransparentWindow" - * in order to create a transparent window. - * If the application doesn't have the required permission, it - * won't be able to use this feature; it will appear as if the the platform - * doesn't support transparent windows, and - * {@code Platform.isSupported(TRANSPARENT_WINDOW)} will return {@code false}. - *

* * @since JavaFX 2.2 */ --- a/modules/javafx.graphics/src/main/java/javafx/print/JobSettings.java +++ b/modules/javafx.graphics/src/main/java/javafx/print/JobSettings.java @@ -492,8 +492,6 @@ public final class JobSettings { * a user writable file, when printing the results are platform-dependent. * Possible behaviours might include replacement with a default output file location, * printing to the printer instead, or a platform printing error. - * If a {@code SecurityManager} is installed and it denies access to the - * specified file a {@code SecurityException} may be thrown. * * @defaultValue an empty string * --- a/modules/javafx.graphics/src/main/java/javafx/print/Printer.java +++ b/modules/javafx.graphics/src/main/java/javafx/print/Printer.java @@ -66,8 +66,6 @@ public final class Printer { * the application may want to query the status of a printer * before using it. * @return may be null if there are no printers. - * @throws SecurityException if the application does not - * have permission to browse printers. */ public static ObservableSet getAllPrinters() { @SuppressWarnings("removal") @@ -100,8 +98,6 @@ public final class Printer { * A read only object property representing the current default printer. * If there are no installed printers, the wrapped value will be null. * @return the current default printer - * @throws SecurityException if the application does not - * have permission to browse printers. */ public static ReadOnlyObjectProperty defaultPrinterProperty() { return defaultPrinterImpl().getReadOnlyProperty(); @@ -117,8 +113,6 @@ public final class Printer { * a result of the default changing in the environment of the * application. * @return default printer or null. - * @throws SecurityException if the application does not - * have permission to browse printers. */ public static Printer getDefaultPrinter() { return defaultPrinterProperty().get(); --- a/modules/javafx.graphics/src/main/java/javafx/print/PrinterJob.java +++ b/modules/javafx.graphics/src/main/java/javafx/print/PrinterJob.java @@ -107,8 +107,6 @@ public final class PrinterJob { * a document. These will be enumerated here so long as the * platform also enumerates them as if they are printers. * @return a new PrinterJob instance, or null. - * @throws SecurityException if a job does not have permission - * to initiate a printer job. */ public static final PrinterJob createPrinterJob() { @SuppressWarnings("removal") @@ -131,8 +129,6 @@ public final class PrinterJob { * @param printer to use for the job. If the printer is currently * unavailable (eg offline) then this may return null. * @return a new PrinterJob, or null. - * @throws SecurityException if a job does not have permission - * to initiate a printer job. */ public static final PrinterJob createPrinterJob(Printer printer) { @SuppressWarnings("removal") --- a/modules/javafx.graphics/src/main/java/javafx/scene/input/Clipboard.java +++ b/modules/javafx.graphics/src/main/java/javafx/scene/input/Clipboard.java @@ -115,16 +115,7 @@ import com.sun.javafx.tk.Toolkit; * accessible from outside the JavaFX application. *

*

- * If a security manager is present, the application must have the - * {@link javafx.util.FXPermission} "accessClipboard" in order for the - * Clipboard returned from Clipboard.getSystemClipboard() to be - * accessible from outside the JavaFX application. For compatibility with - * previous versions of the JDK the equivalent {@code AWTPermission} - * "accessClipboard" will also allow the FX clipboard to be accessible from - * outside the JavaFX application. - *

- *

- * If the application lacks permission or if the platform doesn't support + * If the platform doesn't support * a shared clipboard, the clipboard * returned by Clipboard.getSystemClipboard() can be used for exchange of data * between different parts of one JavaFX application but cannot be used to --- a/modules/javafx.graphics/src/main/java/javafx/scene/robot/Robot.java +++ b/modules/javafx.graphics/src/main/java/javafx/scene/robot/Robot.java @@ -56,15 +56,10 @@ public final class Robot { /** * Constructs a new {@code Robot} that can be used for simulating user - * interactions. If a security manager is present, the application must - * have the {@link javafx.util.FXPermission} {@code "createRobot"} permission - * in order to construct a {@code Robot} object. + * interactions. * * @throws IllegalStateException if this object is constructed on a thread * other than the JavaFX Application Thread. - * @throws SecurityException if a security manager exists and the application - * does not have the {@link javafx.util.FXPermission} {@code "createRobot"} - * permission. */ public Robot() { Application.checkEventThread(); --- a/modules/javafx.graphics/src/main/java/javafx/scene/text/Font.java +++ b/modules/javafx.graphics/src/main/java/javafx/scene/text/Font.java @@ -368,14 +368,6 @@ public final class Font { * such that the location is readable, and it represents a supported * font format then a Font object will be returned. *

- * If a security manager is present, the application - * must have both permission to read from the specified URL location - * and the {@link javafx.util.FXPermission} "loadFont". - * If the application does not have permission to read from the specified - * URL location, then null is returned. - * If the application does not have the "loadFont" permission then this method - * will return the default system font with the specified font size. - *

* Any failure such as a malformed URL being unable to locate or read * from the resource, or if it doesn't represent a font, will result in * a null return. It is the application's responsibility @@ -414,15 +406,6 @@ public final class Font { * The use case for this method is for loading all fonts * from a TrueType Collection (TTC). *

- * If a security manager is present, the application - * must have both permission to read from the specified URL location - * and the {@link javafx.util.FXPermission} "loadFont". - * If the application does not have permission to read from the specified - * URL location, then null is returned. - * If the application does not have the "loadFont" permission then this method - * will return an array of one element which is the default - * system font with the specified font size. - *

* Any failure such as a malformed URL being unable to locate or read * from the resource, or if it doesn't represent a font, will result in * a null return. It is the application's responsibility @@ -513,11 +496,6 @@ public final class Font { * fully read, and it represents a supported font format then a * Font object will be returned. *

- * If a security manager is present, the application - * must have the {@link javafx.util.FXPermission} "loadFont". - * If the application does not have permission then this method - * will return the default system font with the specified font size. - *

* Any failure such as abbreviated input, or an unsupported font format * will result in a null return. It is the application's * responsibility to check this before use. @@ -556,11 +534,6 @@ public final class Font { * The use case for this method is for loading all fonts * from a TrueType Collection (TTC). *

- * If a security manager is present, the application - * must have the {@link javafx.util.FXPermission} "loadFont". - * If the application does not have permission then this method - * will return the default system font with the specified font size. - *

* Any failure such as abbreviated input, or an unsupported font format * will result in a null return. It is the application's * responsibility to check this before use. --- a/modules/javafx.graphics/src/main/java/javafx/stage/Stage.java +++ b/modules/javafx.graphics/src/main/java/javafx/stage/Stage.java @@ -623,35 +623,10 @@ public class Stage extends Window { * Further, setting this property might be ignored on some platforms. *

* + *

* The user can unconditionally exit full-screen mode * at any time by pressing {@code ESC}. - *

- * If a security manager is present, the application must have the - * {@link javafx.util.FXPermission} "unrestrictedFullScreen" in order - * to enter full-screen mode with no restrictions. Applications without - * permission will have the following restrictions: - *

- * + * * @defaultValue false */ private ReadOnlyBooleanWrapper fullScreen; @@ -856,13 +831,6 @@ public class Stage extends Window { * platform). *

*

- * If a security manager is present, the application must have the - * {@link javafx.util.FXPermission} "setWindowAlwaysOnTop" in order for - * this property to have any effect. If the application does not have - * permission, attempting to set this property will be ignored - * and the property value will be restored to {@code false}. - *

- *

* This property is read-only because it can be changed externally * by the underlying platform. * Further, setting this property might be ignored on some platforms. @@ -1290,11 +1258,6 @@ public class Stage extends Window { *

* An internal copy of this value is made when entering full-screen mode and will be * used to trigger the exit from the mode. - * If a security manager is present, the application must have the - * {@link javafx.util.FXPermission} "unrestrictedFullScreen" to modify the - * exit key combination. If the application does not have permission, the - * value of this property will be ignored, in which case the - * default key combination will be used. *

* @param keyCombination the key combination to exit on * @since JavaFX 8.0 @@ -1327,13 +1290,6 @@ public class Stage extends Window { * screen mode. A value of null will result in the default per-locale * message being displayed. * If set to the empty string, then no message will be displayed. - *

- * If a security manager is present, the application must have the - * {@link javafx.util.FXPermission} "unrestrictedFullScreen" to modify the - * exit hint. If the application does not have permission, the - * value of this property will be ignored, in which case the - * default message will be displayed. - *

* @since JavaFX 8.0 */ private final ObjectProperty fullScreenExitHint =