Groovy 2.2.1

org.codehaus.groovy.control.customizers
[Java] Class SecureASTCustomizer

java.lang.Object
  org.codehaus.groovy.control.CompilationUnit.PrimaryClassNodeOperation
      org.codehaus.groovy.control.customizers.CompilationCustomizer
          org.codehaus.groovy.control.customizers.SecureASTCustomizer

public class SecureASTCustomizer
extends CompilationCustomizer

This customizer allows securing source code by controlling what code constructs are allowed. For example, if you only want to allow arithmetic operations in a groovy shell, you can configure this customizer to restrict package imports, method calls and so on.

Most of the securization options found in this class work with either blacklist or whitelist. This means that, for a single option, you can set a whitelist OR a blacklist, but not both. You can mix whitelist/blacklist strategies for different options. For example, you can have import whitelist and tokens blacklist.

The recommanded way of securing shells is to use whitelists because it is guaranteed that future features of the Groovy language won't be allowed by defaut. Using blacklists, you can limit the features of the languages by opting out, but new language features would require you to update your configuration.

If you set neither a whitelist nor a blacklist, then everything is authorized.

Combinations of import and star imports constraints are authorized as long as you use the same type of list for both. For example, you may use an import whitelist and a star import whitelist together, but you cannot use an import white list with a star import blacklist. static imports are handled separately, meaning that blacklisting an import does not prevent from using a static import.

Eventually, if the features provided here are not sufficient, you may implement custom AST filtering handlers, either implementing the StatementChecker interface or ExpressionChecker interface then register your handlers thanks to the addExpressionCheckers(org.codehaus.groovy.control.customizers.SecureASTCustomizer.ExpressionChecker...) and addStatementCheckers(org.codehaus.groovy.control.customizers.SecureASTCustomizer.StatementChecker...) methods.

Here is an example of usage. We will create a groovy classloader which only supports arithmetic operations and imports the java.lang.Math classes by default.

 final ImportCustomizer imports = new ImportCustomizer().addStaticStars('java.lang.Math') // add static import of java.lang.Math
             final SecureASTCustomizer secure = new SecureASTCustomizer()
             secure.with {
                 closuresAllowed = false
                 methodDefinitionAllowed = false

                 importsWhitelist = []
                 staticImportsWhitelist = []
                 staticStarImportsWhitelist = ['java.lang.Math'] // only java.lang.Math is allowed

                 tokensWhitelist = [
                         PLUS,
                         MINUS,
                         MULTIPLY,
                         DIVIDE,
                         MOD,
                         POWER,
                         PLUS_PLUS,
                         MINUS_MINUS,
                         COMPARE_EQUAL,
                         COMPARE_NOT_EQUAL,
                         COMPARE_LESS_THAN,
                         COMPARE_LESS_THAN_EQUAL,
                         COMPARE_GREATER_THAN,
                         COMPARE_GREATER_THAN_EQUAL,
                 ].asImmutable()

                 constantTypesClassesWhiteList = [
                         Integer,
                         Float,
                         Long,
                         Double,
                         BigDecimal,
                         Integer.TYPE,
                         Long.TYPE,
                         Float.TYPE,
                         Double.TYPE
                 ].asImmutable()

                 receiversClassesWhiteList = [
                         Math,
                         Integer,
                         Float,
                         Double,
                         Long,
                         BigDecimal
                 ].asImmutable()
             }
             CompilerConfiguration config = new CompilerConfiguration()
             config.addCompilationCustomizers(imports, secure)
             GroovyClassLoader loader = new GroovyClassLoader(this.class.classLoader, config)
  
Authors:
Cedric Champeau
Guillaume Laforge
Hamlet D'Arcy
Since:
1.8.0


Nested Class Summary
static interface SecureASTCustomizer.ExpressionChecker

static interface SecureASTCustomizer.StatementChecker

 
Constructor Summary
SecureASTCustomizer()

 
Method Summary
void addExpressionCheckers(SecureASTCustomizer.ExpressionChecker... checkers)

void addStatementCheckers(SecureASTCustomizer.StatementChecker... checkers)

void call(SourceUnit source, GeneratorContext context, ClassNode classNode)

List getConstantTypesBlackList()

List getConstantTypesWhiteList()

List getExpressionsBlacklist()

List getExpressionsWhitelist()

List getImportsBlacklist()

List getImportsWhitelist()

List getReceiversBlackList()

List getReceiversWhiteList()

Sets the list of classes which may accept method calls.

List getStarImportsBlacklist()

List getStarImportsWhitelist()

List getStatementsBlacklist()

List getStatementsWhitelist()

List getStaticImportsBlacklist()

List getStaticImportsWhitelist()

List getStaticStarImportsBlacklist()

List getStaticStarImportsWhitelist()

List getTokensBlacklist()

List getTokensWhitelist()

boolean isClosuresAllowed()

boolean isIndirectImportCheckEnabled()

boolean isMethodDefinitionAllowed()

boolean isPackageAllowed()

void setClosuresAllowed(boolean closuresAllowed)

void setConstantTypesBlackList(List constantTypesBlackList)

void setConstantTypesClassesBlackList(List constantTypesBlackList)

void setConstantTypesClassesWhiteList(List constantTypesWhiteList)

void setConstantTypesWhiteList(List constantTypesWhiteList)

void setExpressionsBlacklist(List expressionsBlacklist)

void setExpressionsWhitelist(List expressionsWhitelist)

void setImportsBlacklist(List importsBlacklist)

void setImportsWhitelist(List importsWhitelist)

void setIndirectImportCheckEnabled(boolean indirectImportCheckEnabled)

Sets the list of tokens which are blacklisted.

void setMethodDefinitionAllowed(boolean methodDefinitionAllowed)

void setPackageAllowed(boolean packageAllowed)

void setReceiversBlackList(List receiversBlackList)

An alternative way of setting receiver classes.

void setReceiversClassesBlackList(List receiversBlacklist)

void setReceiversClassesWhiteList(List receiversWhitelist)

void setReceiversWhiteList(List receiversWhiteList)

An alternative way of setting receiver classes.

void setStarImportsBlacklist(List starImportsBlacklist)

void setStarImportsWhitelist(List starImportsWhitelist)

Ensures that every star import ends with .* as this is the expected syntax in import checks.

void setStatementsBlacklist(List statementsBlacklist)

void setStatementsWhitelist(List statementsWhitelist)

void setStaticImportsBlacklist(List staticImportsBlacklist)

void setStaticImportsWhitelist(List staticImportsWhitelist)

void setStaticStarImportsBlacklist(List staticStarImportsBlacklist)

void setStaticStarImportsWhitelist(List staticStarImportsWhitelist)

void setTokensBlacklist(List tokensBlacklist)

void setTokensWhitelist(List tokensWhitelist)

 
Methods inherited from class CompilationCustomizer
getPhase
 

Constructor Detail

SecureASTCustomizer

public SecureASTCustomizer()


 
Method Detail

addExpressionCheckers

public void addExpressionCheckers(SecureASTCustomizer.ExpressionChecker... checkers)


addStatementCheckers

public void addStatementCheckers(SecureASTCustomizer.StatementChecker... checkers)


call

@OverrideassertImportIsAllowed(className);
public void call(SourceUnit source, GeneratorContext context, ClassNode classNode)


getConstantTypesBlackList

public List getConstantTypesBlackList()


getConstantTypesWhiteList

public List getConstantTypesWhiteList()


getExpressionsBlacklist

public List getExpressionsBlacklist()


getExpressionsWhitelist

public List getExpressionsWhitelist()


getImportsBlacklist

public List getImportsBlacklist()


getImportsWhitelist

public List getImportsWhitelist()


getReceiversBlackList

public List getReceiversBlackList()


getReceiversWhiteList

public List getReceiversWhiteList()
Sets the list of classes which may accept method calls.
Parameters:
receiversWhiteList - the list of accepted classes, as fully qualified names


getStarImportsBlacklist

public List getStarImportsBlacklist()


getStarImportsWhitelist

public List getStarImportsWhitelist()


getStatementsBlacklist

public List getStatementsBlacklist()


getStatementsWhitelist

public List getStatementsWhitelist()


getStaticImportsBlacklist

public List getStaticImportsBlacklist()


getStaticImportsWhitelist

public List getStaticImportsWhitelist()


getStaticStarImportsBlacklist

public List getStaticStarImportsBlacklist()


getStaticStarImportsWhitelist

public List getStaticStarImportsWhitelist()


getTokensBlacklist

public List getTokensBlacklist()


getTokensWhitelist

public List getTokensWhitelist()


isClosuresAllowed

public boolean isClosuresAllowed()


isIndirectImportCheckEnabled

public boolean isIndirectImportCheckEnabled()


isMethodDefinitionAllowed

public boolean isMethodDefinitionAllowed()


isPackageAllowed

public boolean isPackageAllowed()


setClosuresAllowed

public void setClosuresAllowed(boolean closuresAllowed)


setConstantTypesBlackList

public void setConstantTypesBlackList(List constantTypesBlackList)


setConstantTypesClassesBlackList

public void setConstantTypesClassesBlackList(List constantTypesBlackList)


setConstantTypesClassesWhiteList

public void setConstantTypesClassesWhiteList(List constantTypesWhiteList)


setConstantTypesWhiteList

public void setConstantTypesWhiteList(List constantTypesWhiteList)


setExpressionsBlacklist

public void setExpressionsBlacklist(List expressionsBlacklist)


setExpressionsWhitelist

public void setExpressionsWhitelist(List expressionsWhitelist)


setImportsBlacklist

public void setImportsBlacklist(List importsBlacklist)


setImportsWhitelist

public void setImportsWhitelist(List importsWhitelist)


setIndirectImportCheckEnabled

public void setIndirectImportCheckEnabled(boolean indirectImportCheckEnabled)
Sets the list of tokens which are blacklisted.
Parameters:
tokensBlacklist - the tokens. The values of the tokens must be those of Types


setMethodDefinitionAllowed

public void setMethodDefinitionAllowed(boolean methodDefinitionAllowed)


setPackageAllowed

public void setPackageAllowed(boolean packageAllowed)


setReceiversBlackList

public void setReceiversBlackList(List receiversBlackList)
An alternative way of setting receiver classes.
Parameters:
receiversBlacklist - a list of classes.


setReceiversClassesBlackList

public void setReceiversClassesBlackList(List receiversBlacklist)


setReceiversClassesWhiteList

public void setReceiversClassesWhiteList(List receiversWhitelist)


setReceiversWhiteList

public void setReceiversWhiteList(List receiversWhiteList)
An alternative way of setting receiver classes.
Parameters:
receiversWhitelist - a list of classes.


setStarImportsBlacklist

public void setStarImportsBlacklist(List starImportsBlacklist)


setStarImportsWhitelist

public void setStarImportsWhitelist(List starImportsWhitelist)
Ensures that every star import ends with .* as this is the expected syntax in import checks.


setStatementsBlacklist

public void setStatementsBlacklist(List statementsBlacklist)


setStatementsWhitelist

public void setStatementsWhitelist(List statementsWhitelist)


setStaticImportsBlacklist

public void setStaticImportsBlacklist(List staticImportsBlacklist)


setStaticImportsWhitelist

public void setStaticImportsWhitelist(List staticImportsWhitelist)


setStaticStarImportsBlacklist

public void setStaticStarImportsBlacklist(List staticStarImportsBlacklist)


setStaticStarImportsWhitelist

public void setStaticStarImportsWhitelist(List staticStarImportsWhitelist)


setTokensBlacklist

public void setTokensBlacklist(List tokensBlacklist)


setTokensWhitelist

public void setTokensWhitelist(List tokensWhitelist)


 

Copyright © 2003-2013 The Codehaus. All rights reserved.