package com.ibm.iaccess.base;

import com.ibm.iaccess.Copyright;
import com.ibm.iaccess.baselite.AcsBaseUtilities;
import com.ibm.iaccess.baselite.AcsConstants;
import java.io.FileDescriptor;
import java.io.IOException;
import java.security.Permission;
import java.security.SecurityPermission;
import java.util.PropertyPermission;
import java.util.concurrent.atomic.AtomicInteger;

@Copyright("Licensed Materials - Property of IBM\n5733-XJ1\n(C) Copyright IBM Corp. 2012, 2014.\nAll Rights Reserved.\nUS Government Users Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.\n")
/* loaded from: input_file:lib/acsbase.jar:com/ibm/iaccess/base/AcsSecurityManager.class */
public class AcsSecurityManager extends SecurityManager implements AcsConstants {
    private static final String[] m_badProps = {"javax.net.ssl.trustStore", AcsConstants.JT_USESSLIGHT, "com.ibm.jsse2.JSSEFIPS", AcsConstants.JXSA_USESUBJCREDSONLY, AcsConstants.JSA_LOGIN_CONFIG, "java.awt.headless", "java.net.preferIPv4Stack", AcsConstants.JN_PREFERIPV6ADDRS};
    private static final AtomicInteger m_numDumpsCreated = new AtomicInteger(0);
    private static final int MAX_DUMPS_TO_CREATE = 8;

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission) {
        try {
            checkPermissionHelper(permission);
        } catch (SecurityException e) {
            AcsLogUtil.logSevere(e);
            if (AcsBaseUtilities.isRunningInternal()) {
                e.printStackTrace();
                if (m_numDumpsCreated.getAndIncrement() <= 8) {
                    try {
                        AcsDumpManager.dumpImmed("secman", "Product security manager has detected unapproved activity", false);
                    } catch (IOException e2) {
                        AcsLogUtil.logSevere(e2);
                    }
                }
            }
        }
    }

    @Override // java.lang.SecurityManager
    public void checkPermission(Permission permission, Object obj) {
        checkPermission(permission);
    }

    private void checkPermissionHelper(Permission permission) throws SecurityException {
        if (permission instanceof PropertyPermission) {
            PropertyPermission propertyPermission = (PropertyPermission) permission;
            for (String str : m_badProps) {
                if (propertyPermission.getName().equals(str) && propertyPermission.getActions().contains("write")) {
                    throw new SecurityException(str);
                }
            }
            return;
        }
        if (!(permission instanceof RuntimePermission)) {
            if (permission instanceof SecurityPermission) {
                if (((SecurityPermission) permission).getActions().contains("write")) {
                    throw new SecurityException(permission.getName());
                }
                return;
            } else {
                if (permission.getClass().getSimpleName().equals("AttachPermission")) {
                    AcsLogUtil.logFine("Someone is trying to attach to this JVM. Detected " + permission);
                    return;
                }
                return;
            }
        }
        String name = ((RuntimePermission) permission).getName();
        if ("setIO".equals(name)) {
            for (StackTraceElement stackTraceElement : Thread.currentThread().getStackTrace()) {
                if (stackTraceElement.getClassName().replaceAll(".*\\.", "").equals("AcsMedic")) {
                    return;
                }
            }
        }
        if ("setContextClassLoader".equals(name)) {
            boolean z = false;
            StackTraceElement[] stackTrace = Thread.currentThread().getStackTrace();
            int length = stackTrace.length;
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (stackTrace[i].getClassName().startsWith("java.awt")) {
                    z = true;
                    break;
                }
                i++;
            }
            if (z) {
                try {
                    AcsDumpManager.dumpImmed("contextcl", "Someone's trying to set a thread context classloader (maybe creating a new EDT?)", false);
                } catch (IOException e) {
                    AcsLogUtil.logSevere(e);
                }
            }
        }
        for (String str2 : new String[]{"setDefaultUncaughtExceptionHandler", "setIO", "setSecurityManager"}) {
            if (name.equals(str2)) {
                throw new SecurityException(name);
            }
            if (name.startsWith(str2 + ".")) {
                throw new SecurityException(name);
            }
        }
    }

    @Override // java.lang.SecurityManager
    public void checkRead(FileDescriptor fileDescriptor) {
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str) {
    }

    @Override // java.lang.SecurityManager
    public void checkRead(String str, Object obj) {
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(FileDescriptor fileDescriptor) {
    }

    @Override // java.lang.SecurityManager
    public void checkWrite(String str) {
    }

    @Override // java.lang.SecurityManager
    public void checkDelete(String str) {
    }
}
