public class SecureASTCustomizer extends CompilationCustomizer
Most of the security customization options found in this class work with either blacklist or whitelist. This means that, for a single option, you can set a whitelist OR a blacklist, but not both. You can mix whitelist/blacklist strategies for different options. For example, you can have import whitelist and tokens blacklist.
The recommended way of securing shells is to use whitelists because it is guaranteed that future features of the Groovy language won't be allowed by defaut. Using blacklists, you can limit the features of the languages by opting out, but new language features would require you to update your configuration.
If you set neither a whitelist nor a blacklist, then everything is authorized.
Combinations of import and star imports constraints are authorized as long as you use the same type of list for both. For example, you may use an import whitelist and a star import whitelist together, but you cannot use an import white list with a star import blacklist. static imports are handled separately, meaning that blacklisting an import does not prevent from using a static import.
Eventually, if the features provided here are not sufficient, you may implement custom AST filtering handlers, either
implementing the SecureASTCustomizer.StatementChecker
interface or SecureASTCustomizer.ExpressionChecker
interface then register your
handlers thanks to the addExpressionCheckers(org.codehaus.groovy.control.customizers.SecureASTCustomizer.ExpressionChecker...)
and addStatementCheckers(org.codehaus.groovy.control.customizers.SecureASTCustomizer.StatementChecker...)
methods.
Here is an example of usage. We will create a groovy classloader which only supports arithmetic operations and imports the java.lang.Math classes by default.
final ImportCustomizer imports = new ImportCustomizer().addStaticStars('java.lang.Math') // add static import of java.lang.Math final SecureASTCustomizer secure = new SecureASTCustomizer() secure.with { closuresAllowed = false methodDefinitionAllowed = false importsWhitelist = [] staticImportsWhitelist = [] staticStarImportsWhitelist = ['java.lang.Math'] // only java.lang.Math is allowed tokensWhitelist = [ PLUS, MINUS, MULTIPLY, DIVIDE, MOD, POWER, PLUS_PLUS, MINUS_MINUS, COMPARE_EQUAL, COMPARE_NOT_EQUAL, COMPARE_LESS_THAN, COMPARE_LESS_THAN_EQUAL, COMPARE_GREATER_THAN, COMPARE_GREATER_THAN_EQUAL, ].asImmutable() constantTypesClassesWhiteList = [ Integer, Float, Long, Double, BigDecimal, Integer.TYPE, Long.TYPE, Float.TYPE, Double.TYPE ].asImmutable() receiversClassesWhiteList = [ Math, Integer, Float, Double, Long, BigDecimal ].asImmutable() } CompilerConfiguration config = new CompilerConfiguration() config.addCompilationCustomizers(imports, secure) GroovyClassLoader loader = new GroovyClassLoader(this.class.classLoader, config)
Modifier and Type | Class and Description |
---|---|
static interface |
SecureASTCustomizer.ExpressionChecker
This interface allows the user to plugin custom expression checkers if expression blacklist or whitelist are not
sufficient
|
static interface |
SecureASTCustomizer.StatementChecker
This interface allows the user to plugin custom statement checkers if statement blacklist or whitelist are not
sufficient
|
Constructor and Description |
---|
SecureASTCustomizer() |
Modifier and Type | Method and Description |
---|---|
void |
addExpressionCheckers(SecureASTCustomizer.ExpressionChecker... checkers) |
void |
addStatementCheckers(SecureASTCustomizer.StatementChecker... checkers) |
void |
call(SourceUnit source,
GeneratorContext context,
ClassNode classNode) |
java.util.List<java.lang.String> |
getConstantTypesBlackList() |
java.util.List<java.lang.String> |
getConstantTypesWhiteList() |
java.util.List<java.lang.Class<? extends Expression>> |
getExpressionsBlacklist() |
java.util.List<java.lang.Class<? extends Expression>> |
getExpressionsWhitelist() |
java.util.List<java.lang.String> |
getImportsBlacklist() |
java.util.List<java.lang.String> |
getImportsWhitelist() |
java.util.List<java.lang.String> |
getReceiversBlackList() |
java.util.List<java.lang.String> |
getReceiversWhiteList() |
java.util.List<java.lang.String> |
getStarImportsBlacklist() |
java.util.List<java.lang.String> |
getStarImportsWhitelist() |
java.util.List<java.lang.Class<? extends Statement>> |
getStatementsBlacklist() |
java.util.List<java.lang.Class<? extends Statement>> |
getStatementsWhitelist() |
java.util.List<java.lang.String> |
getStaticImportsBlacklist() |
java.util.List<java.lang.String> |
getStaticImportsWhitelist() |
java.util.List<java.lang.String> |
getStaticStarImportsBlacklist() |
java.util.List<java.lang.String> |
getStaticStarImportsWhitelist() |
java.util.List<java.lang.Integer> |
getTokensBlacklist() |
java.util.List<java.lang.Integer> |
getTokensWhitelist() |
boolean |
isClosuresAllowed() |
boolean |
isIndirectImportCheckEnabled() |
boolean |
isMethodDefinitionAllowed() |
boolean |
isPackageAllowed() |
void |
setClosuresAllowed(boolean closuresAllowed) |
void |
setConstantTypesBlackList(java.util.List<java.lang.String> constantTypesBlackList) |
void |
setConstantTypesClassesBlackList(java.util.List<java.lang.Class> constantTypesBlackList)
An alternative way of setting constant types.
|
void |
setConstantTypesClassesWhiteList(java.util.List<java.lang.Class> constantTypesWhiteList)
An alternative way of setting constant types.
|
void |
setConstantTypesWhiteList(java.util.List<java.lang.String> constantTypesWhiteList) |
void |
setExpressionsBlacklist(java.util.List<java.lang.Class<? extends Expression>> expressionsBlacklist) |
void |
setExpressionsWhitelist(java.util.List<java.lang.Class<? extends Expression>> expressionsWhitelist) |
void |
setImportsBlacklist(java.util.List<java.lang.String> importsBlacklist) |
void |
setImportsWhitelist(java.util.List<java.lang.String> importsWhitelist) |
void |
setIndirectImportCheckEnabled(boolean indirectImportCheckEnabled)
Set this option to true if you want your import rules to be checked against every class node.
|
void |
setMethodDefinitionAllowed(boolean methodDefinitionAllowed) |
void |
setPackageAllowed(boolean packageAllowed) |
void |
setReceiversBlackList(java.util.List<java.lang.String> receiversBlackList)
Sets the list of classes which deny method calls.
|
void |
setReceiversClassesBlackList(java.util.List<java.lang.Class> receiversBlacklist)
An alternative way of setting
receiver classes . |
void |
setReceiversClassesWhiteList(java.util.List<java.lang.Class> receiversWhitelist)
An alternative way of setting
receiver classes . |
void |
setReceiversWhiteList(java.util.List<java.lang.String> receiversWhiteList)
Sets the list of classes which may accept method calls.
|
void |
setStarImportsBlacklist(java.util.List<java.lang.String> starImportsBlacklist) |
void |
setStarImportsWhitelist(java.util.List<java.lang.String> starImportsWhitelist) |
void |
setStatementsBlacklist(java.util.List<java.lang.Class<? extends Statement>> statementsBlacklist) |
void |
setStatementsWhitelist(java.util.List<java.lang.Class<? extends Statement>> statementsWhitelist) |
void |
setStaticImportsBlacklist(java.util.List<java.lang.String> staticImportsBlacklist) |
void |
setStaticImportsWhitelist(java.util.List<java.lang.String> staticImportsWhitelist) |
void |
setStaticStarImportsBlacklist(java.util.List<java.lang.String> staticStarImportsBlacklist) |
void |
setStaticStarImportsWhitelist(java.util.List<java.lang.String> staticStarImportsWhitelist) |
void |
setTokensBlacklist(java.util.List<java.lang.Integer> tokensBlacklist)
Sets the list of tokens which are blacklisted.
|
void |
setTokensWhitelist(java.util.List<java.lang.Integer> tokensWhitelist)
Sets the list of tokens which are whitelisted.
|
getPhase
needSortedInput
public boolean isMethodDefinitionAllowed()
public void setMethodDefinitionAllowed(boolean methodDefinitionAllowed)
public boolean isPackageAllowed()
public boolean isClosuresAllowed()
public void setClosuresAllowed(boolean closuresAllowed)
public void setPackageAllowed(boolean packageAllowed)
public java.util.List<java.lang.String> getImportsBlacklist()
public void setImportsBlacklist(java.util.List<java.lang.String> importsBlacklist)
public java.util.List<java.lang.String> getImportsWhitelist()
public void setImportsWhitelist(java.util.List<java.lang.String> importsWhitelist)
public java.util.List<java.lang.String> getStarImportsBlacklist()
public void setStarImportsBlacklist(java.util.List<java.lang.String> starImportsBlacklist)
public java.util.List<java.lang.String> getStarImportsWhitelist()
public void setStarImportsWhitelist(java.util.List<java.lang.String> starImportsWhitelist)
public java.util.List<java.lang.String> getStaticImportsBlacklist()
public void setStaticImportsBlacklist(java.util.List<java.lang.String> staticImportsBlacklist)
public java.util.List<java.lang.String> getStaticImportsWhitelist()
public void setStaticImportsWhitelist(java.util.List<java.lang.String> staticImportsWhitelist)
public java.util.List<java.lang.String> getStaticStarImportsBlacklist()
public void setStaticStarImportsBlacklist(java.util.List<java.lang.String> staticStarImportsBlacklist)
public java.util.List<java.lang.String> getStaticStarImportsWhitelist()
public void setStaticStarImportsWhitelist(java.util.List<java.lang.String> staticStarImportsWhitelist)
public java.util.List<java.lang.Class<? extends Expression>> getExpressionsBlacklist()
public void setExpressionsBlacklist(java.util.List<java.lang.Class<? extends Expression>> expressionsBlacklist)
public java.util.List<java.lang.Class<? extends Expression>> getExpressionsWhitelist()
public void setExpressionsWhitelist(java.util.List<java.lang.Class<? extends Expression>> expressionsWhitelist)
public java.util.List<java.lang.Class<? extends Statement>> getStatementsBlacklist()
public void setStatementsBlacklist(java.util.List<java.lang.Class<? extends Statement>> statementsBlacklist)
public java.util.List<java.lang.Class<? extends Statement>> getStatementsWhitelist()
public void setStatementsWhitelist(java.util.List<java.lang.Class<? extends Statement>> statementsWhitelist)
public java.util.List<java.lang.Integer> getTokensBlacklist()
public boolean isIndirectImportCheckEnabled()
public void setIndirectImportCheckEnabled(boolean indirectImportCheckEnabled)
indirectImportCheckEnabled
- set to true to enable indirect checkspublic void setTokensBlacklist(java.util.List<java.lang.Integer> tokensBlacklist)
tokensBlacklist
- the tokens. The values of the tokens must be those of Types
public java.util.List<java.lang.Integer> getTokensWhitelist()
public void setTokensWhitelist(java.util.List<java.lang.Integer> tokensWhitelist)
tokensWhitelist
- the tokens. The values of the tokens must be those of Types
public void addStatementCheckers(SecureASTCustomizer.StatementChecker... checkers)
public void addExpressionCheckers(SecureASTCustomizer.ExpressionChecker... checkers)
public java.util.List<java.lang.String> getConstantTypesBlackList()
public void setConstantTypesBlackList(java.util.List<java.lang.String> constantTypesBlackList)
public java.util.List<java.lang.String> getConstantTypesWhiteList()
public void setConstantTypesWhiteList(java.util.List<java.lang.String> constantTypesWhiteList)
public void setConstantTypesClassesWhiteList(java.util.List<java.lang.Class> constantTypesWhiteList)
constantTypesWhiteList
- a list of classes.public void setConstantTypesClassesBlackList(java.util.List<java.lang.Class> constantTypesBlackList)
constantTypesBlackList
- a list of classes.public java.util.List<java.lang.String> getReceiversBlackList()
public void setReceiversBlackList(java.util.List<java.lang.String> receiversBlackList)
receiversBlackList
- the list of refused classes, as fully qualified namespublic void setReceiversClassesBlackList(java.util.List<java.lang.Class> receiversBlacklist)
receiver classes
.receiversBlacklist
- a list of classes.public java.util.List<java.lang.String> getReceiversWhiteList()
public void setReceiversWhiteList(java.util.List<java.lang.String> receiversWhiteList)
receiversWhiteList
- the list of accepted classes, as fully qualified namespublic void setReceiversClassesWhiteList(java.util.List<java.lang.Class> receiversWhitelist)
receiver classes
.receiversWhitelist
- a list of classes.public void call(SourceUnit source, GeneratorContext context, ClassNode classNode) throws CompilationFailedException
call
in class CompilationUnit.PrimaryClassNodeOperation
CompilationFailedException