svn commit: r1691981 - /felix/trunk/eventadmin/impl/src/main/java/org/apache/felix/eventadmin/impl/Configuration.java

Mon, 20 Jul 2015 10:08:13 -0700 

Author: cziegeler
Date: Mon Jul 20 17:07:07 2015
New Revision: 1691981

URL: http://svn.apache.org/r1691981
Log:
FELIX-4963 : Eventadmin leaks caller's security context downstream. Apply patch 
from Ray Auge

Modified:
    
felix/trunk/eventadmin/impl/src/main/java/org/apache/felix/eventadmin/impl/Configuration.java

Modified: 
felix/trunk/eventadmin/impl/src/main/java/org/apache/felix/eventadmin/impl/Configuration.java
URL: 
http://svn.apache.org/viewvc/felix/trunk/eventadmin/impl/src/main/java/org/apache/felix/eventadmin/impl/Configuration.java?rev=1691981&r1=1691980&r2=1691981&view=diff
==============================================================================
--- 
felix/trunk/eventadmin/impl/src/main/java/org/apache/felix/eventadmin/impl/Configuration.java
 (original)
+++ 
felix/trunk/eventadmin/impl/src/main/java/org/apache/felix/eventadmin/impl/Configuration.java
 Mon Jul 20 17:07:07 2015
@@ -18,6 +18,9 @@
  */
 package org.apache.felix.eventadmin.impl;
 
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
 
 import java.util.Dictionary;
 import java.util.Hashtable;
@@ -172,9 +175,13 @@ public class Configuration
 
     private ServiceRegistration m_managedServiceReg;
 
+    // the access control context
+    private final AccessControlContext acc;
+
     public Configuration( BundleContext bundleContext )
     {
         m_bundleContext = bundleContext;
+        this.acc = AccessController.getContext();
 
         // default configuration
         configure( null );
@@ -219,10 +226,24 @@ public class Configuration
             @Override
             public void run()
             {
-                synchronized ( Configuration.this )
+                if (System.getSecurityManager() != null)
+                {
+                    AccessController.doPrivileged(
+                        new PrivilegedAction<Void>() {
+
+                            @Override
+                            public Void run() {
+                                updateFromConfigAdmin0( config );
+                                return null;
+                            }
+
+                        },
+                        acc
+                    );
+                }
+                else
                 {
-                    Configuration.this.configure( config );
-                    Configuration.this.startOrUpdate();
+                    updateFromConfigAdmin0( config );
                 }
             }
 
@@ -230,6 +251,14 @@ public class Configuration
 
     }
 
+    void updateFromConfigAdmin0(final Dictionary<String, ?> config) {
+        synchronized ( Configuration.this )
+        {
+            Configuration.this.configure( config );
+            Configuration.this.startOrUpdate();
+        }
+    }
+
     /**
      * Configures this instance.
      */

Reply via email to