2009Scape/2009Scape-mobile
1
0
Fork 0
mirror of https://github.com/2009scape/2009Scape-mobile.git synced 2025-12-21 09:01:56 -07:00
Code Issues Projects Releases Packages Wiki Activity

[Java Runtime Sandbox] Use pro-grade to restrict access to files

Browse source
This commit is contained in:
khanhduytran0 2020-12-20 05:11:27 +07:00
parent e8fd43dc5f
commit c8ba710509
6 changed files with 35 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

10
app_pojavlauncher/src/main/assets/about_en.txt
View file

@ -1,22 +1,16 @@
%s (Minecraft Java Launcher for Android), version %s by Tran Khanh Duy (based on "Boardwalk" app)<br> %s (Minecraft Java Launcher for Android), version %s by Tran Khanh Duy (based on "Boardwalk" app)<br>
* Using libraries:<br>
• ClassWrapperMC: A simple wrapper to help launching Minecraft LaunchWrapper on JRE9 and later.<br>
• gl4es: OpenGL for OpenGL ES devices by lunixbochs and ptitSeb.<br>
• Apache Commons Compress.<br>
• exp4j.<br>
• LWJGL2 and LWJGL3.<br>
* License:<br> * License:<br>
• This application is licensed under <a href="https://github.com/khanhduytran0/PojavLauncher/blob/master/LICENSE">GNU GPLv3</a>.<br> • This application is licensed under <a href="https://github.com/khanhduytran0/PojavLauncher/blob/master/LICENSE">GNU GPLv3</a>.<br>
* Third party licenses:<br> * Third party components and their licenses:<br>
• Apache Commons Compress (unknown or Apache License 2.0).<br> • Apache Commons Compress (unknown or Apache License 2.0).<br>
• exp4j: <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License 2.0</a>.<br> • exp4j: <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License 2.0</a>.<br>
• GL4ES: <a href="https://github.com/ptitSeb/gl4es/blob/master/LICENSE">MIT License</a>.<br> • GL4ES: <a href="https://github.com/ptitSeb/gl4es/blob/master/LICENSE">MIT License</a>.<br>
• LegacyLauncher: (unknown license).<br> • LegacyLauncher: (unknown license).<br>
• OpenJDK: <a href="https://openjdk.java.net/legal/gplv2+ce.html">GNU GPLv2 License</a>.<br> • OpenJDK: <a href="https://openjdk.java.net/legal/gplv2+ce.html">GNU GPLv2 License</a>.<br>
• LWJGL: <a href="http://legacy.lwjgl.org/license.php.html">LWJGL 2's License</a>.<br><br> • LWJGL: <a href="http://legacy.lwjgl.org/license.php.html">LWJGL 2's License</a>.<br><br>
• pro-gradle: <a href="https://github.com/pro-grade/pro-grade/blob/master/LICENSE.txt">Apache License 2.0</a>.<br>
* Notes:<br> * Notes:<br>
- This app is under development and will not be stable.<br> - This app is under development and will not be stable.<br>

16
app_pojavlauncher/src/main/assets/components/security/java_sandbox.policy Normal file
View file

@ -0,0 +1,16 @@
// PojavLauncher JRE Sandbox
// DO NOT EDIT THIS FILE WITHOUT KNOWLEDGE!
// This file is important to protect you against viruses/malwares that could be come from unknown Java Programs (run on mod install) or a mod.
priority "grant";
grant {
permission java.io.FilePermission "${java.io.tmpdir}/-", "read, write, delete";
permission java.io.FilePermission "${user.home}/-", "read, write, delete";
};
deny {
permission java.io.FilePermission "${pojav.path.private.account}/-", "read, write, delete";
permission java.io.FilePermission "<<ALL FILES>>", "write, delete, execute";
};

BIN
app_pojavlauncher/src/main/assets/components/security/pro-grade.jar Normal file
View file

Binary file not shown.

18
app_pojavlauncher/src/main/java/net/kdt/pojavlaunch/PojavLoginActivity.java
View file

@ -331,8 +331,9 @@ public class PojavLoginActivity extends BaseActivity
new CustomControls(this).save(Tools.CTRLDEF_FILE); new CustomControls(this).save(Tools.CTRLDEF_FILE);
Tools.copyAssetFile(this, "components/ForgeInstallerHeadless/forge-installer-headless-1.0.1.jar", Tools.DIR_GAME_NEW + "/config", "forge-installer-headless.jar", true); Tools.copyAssetFile(this, "components/ForgeInstallerHeadless/forge-installer-headless-1.0.1.jar", Tools.DIR_GAME_NEW + "/config", "forge-installer-headless.jar", true);
Tools.copyAssetFile(this, "components/security/pro-grade.jar", Tools.DIR_DATA, true);
Tools.copyAssetFile(this, "components/security/java_sandbox.policy", Tools.DIR_DATA, true);
Tools.copyAssetFile(this, "options.txt", Tools.DIR_GAME_NEW, false); Tools.copyAssetFile(this, "options.txt", Tools.DIR_GAME_NEW, false);
// Tools.copyAssetFile(this, "java_sandbox.policy", Tools.DIR_DATA, true);
// TODO: Remove after implement. // TODO: Remove after implement.
Tools.copyAssetFile(this, "launcher_profiles.json", Tools.DIR_GAME_NEW, false); Tools.copyAssetFile(this, "launcher_profiles.json", Tools.DIR_GAME_NEW, false);
@ -342,20 +343,17 @@ public class PojavLoginActivity extends BaseActivity
if(!new File(Tools.DIR_GAME_NEW + "/lwjgl3/version").exists()) { if(!new File(Tools.DIR_GAME_NEW + "/lwjgl3/version").exists()) {
Log.i("LWJGL3Prep","Pack was installed manually, or does not exist, unpacking new..."); Log.i("LWJGL3Prep","Pack was installed manually, or does not exist, unpacking new...");
String[] lwjglFileList = am.list("components/lwjgl3"); String[] lwjglFileList = am.list("components/lwjgl3");
FileOutputStream fos; // FileOutputStream fos;
InputStream iis; // InputStream iis;
for(String s : lwjglFileList) { for(String s : lwjglFileList) {
Tools.copyAssetFile(this, "components/lwjgl3/" + s, Tools.DIR_GAME_NEW + "/lwjgl3", true);
/*
iis = am.open("components/lwjgl3/"+s); iis = am.open("components/lwjgl3/"+s);
fos = new FileOutputStream(new File(Tools.DIR_GAME_NEW+"/lwjgl3/"+s)); fos = new FileOutputStream(new File(Tools.DIR_GAME_NEW+"/lwjgl3/"+s));
/*
int i; byte[] buf = new byte[1024];
while((i = iis.read(buf)) != -1) {
fos.write(buf,0,i);
}
*/
IOUtils.copy(iis,fos); IOUtils.copy(iis,fos);
fos.close(); fos.close();
iis.close(); iis.close();
*/
} }
} else { } else {
FileInputStream fis = new FileInputStream(new File(Tools.DIR_GAME_NEW + "/lwjgl3/version")); FileInputStream fis = new FileInputStream(new File(Tools.DIR_GAME_NEW + "/lwjgl3/version"));
@ -364,7 +362,7 @@ public class PojavLoginActivity extends BaseActivity
if (!release1.equals(release2)) { if (!release1.equals(release2)) {
String[] lwjglFileList = am.list("components/lwjgl3"); String[] lwjglFileList = am.list("components/lwjgl3");
for (String s : lwjglFileList) { for (String s : lwjglFileList) {
Tools.copyAssetFile(this, "components/lwjgl3/" + s, Tools.DIR_GAME_NEW+"/lwjgl3/",s, true); Tools.copyAssetFile(this, "components/lwjgl3/" + s, Tools.DIR_GAME_NEW + "/lwjgl3", true);
} }
} else { } else {
Log.i("LWJGL3Prep","Pack is up-to-date with the launcher, continuing..."); Log.i("LWJGL3Prep","Pack is up-to-date with the launcher, continuing...");

7
app_pojavlauncher/src/main/java/net/kdt/pojavlaunch/Tools.java
View file

@ -130,8 +130,9 @@ public final class Tools
javaArgList.addAll(overrideableArgList); javaArgList.addAll(overrideableArgList);
// Run java on sandbox, non-overrideable. // Run java on sandbox, non-overrideable.
// javaArgList.add("-Djava.security.manager"); javaArgList.add("-Xbootclasspath/a:" + Tools.DIR_DATA + "/pro-grade.jar");
// javaArgList.add("-Djava.security.policy==" + Tools.DIR_DATA + "/java_sandbox.policy"); javaArgList.add("-Djava.security.manager=net.sourceforge.prograde.sm.ProGradeJSM");
javaArgList.add("-Djava.security.policy==" + Tools.DIR_DATA + "/java_sandbox.policy");
} }
public static String[] getMinecraftArgs(MinecraftAccount profile, JMinecraftVersionList.Version versionInfo) { public static String[] getMinecraftArgs(MinecraftAccount profile, JMinecraftVersionList.Version versionInfo) {
@ -325,7 +326,7 @@ public final class Tools
} }
public static void copyAssetFile(Context ctx, String fileName, String output, boolean overwrite) throws IOException { public static void copyAssetFile(Context ctx, String fileName, String output, boolean overwrite) throws IOException {
copyAssetFile(ctx, fileName, output, fileName, overwrite); copyAssetFile(ctx, fileName, output, new File(fileName).getName(), overwrite);
} }
public static void copyAssetFile(Context ctx, String fileName, String output, String outputName, boolean overwrite) throws IOException public static void copyAssetFile(Context ctx, String fileName, String output, String outputName, boolean overwrite) throws IOException

6
jre_securitymanager/src/main/java/net/pojavlauncher/security/PojavSecurityManager.java
View file

@ -1,6 +1,10 @@
package net.pojavlauncher.security; package net.pojavlauncher.security;
import java.security.*;
public class PojavSecurityManager extends SecurityManager public class PojavSecurityManager extends SecurityManager
{ {
@Override
public void checkPermission(Permission perm, Object obj) {
super.checkPermission(perm, obj);
}
} }