[
https://issues.apache.org/jira/browse/HADOOP-5731?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12701959#action_12701959
]
Steve Loughran commented on HADOOP-5731:
----------------------------------------
catching and logging the setAccessible operation allows the method call to
proceed, but other problems surface
1. I get some access control problems
{code}
[sf-startdaemon-debug] java.io.IOException:
java.security.AccessControlException: access denied
(javax.security.auth.AuthPermission getSubject)
[sf-startdaemon-debug] at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
[sf-startdaemon-debug] at
java.security.AccessController.checkPermission(AccessController.java:546)
[sf-startdaemon-debug] at
java.lang.SecurityManager.checkPermission(SecurityManager.java:532)
[sf-startdaemon-debug] at
javax.security.auth.Subject.getSubject(Subject.java:268)
[sf-startdaemon-debug] at
org.apache.hadoop.security.UserGroupInformation.getCurrentUser(UserGroupInformation.java:84)
[sf-startdaemon-debug] at
org.apache.hadoop.security.UserGroupInformation.getCurrentUGI(UserGroupInformation.java:44)
[sf-startdaemon-debug] at
org.apache.hadoop.hdfs.server.namenode.NameNode.mkdirs(NameNode.java:642)
[sf-startdaemon-debug] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
[sf-startdaemon-debug] at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
[sf-startdaemon-debug] at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
[sf-startdaemon-debug] at java.lang.reflect.Method.invoke(Method.java:597)
[sf-startdaemon-debug] at org.apache.hadoop.ipc.RPC$Server.call(RPC.java:516)
[sf-startdaemon-debug] at
org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:959)
[sf-startdaemon-debug] at
org.apache.hadoop.ipc.Server$Handler$1.run(Server.java:955)
[sf-startdaemon-debug] at javax.security.auth.Subject.doAs(Subject.java:396)
[sf-startdaemon-debug] at
org.apache.hadoop.ipc.Server$Handler.run(Server.java:953)
{code}
2. RMI stops working
{code}
java.lang.SecurityException: attempt to add a Permission to a readonly
Permissions object
at java.security.Permissions.add(Permissions.java:110)
at java.security.Policy$UnsupportedEmptyCollection.add(Policy.java:790)
at
sun.rmi.server.LoaderHandler.getLoaderAccessControlContext(LoaderHandler.java:985)
at sun.rmi.server.LoaderHandler.lookupLoader(LoaderHandler.java:861)
at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:385)
at sun.rmi.server.LoaderHandler.loadClass(LoaderHandler.java:165)
at java.rmi.server.RMIClassLoader$2.loadClass(RMIClassLoader.java:620)
at
org.smartfrog.sfcore.security.SFRMIClassLoaderSpi.loadClass(SFRMIClassLoaderSpi.java:90)
at java.rmi.server.RMIClassLoader.loadClass(RMIClassLoader.java:247)
at sun.rmi.server.MarshalInputStream.resolveClass(MarshalInputStream.java:197)
at java.io.ObjectInputStream.readNonProxyDesc(ObjectInputStream.java:1575)
at java.io.ObjectInputStream.readClassDesc(ObjectInputStream.java:1496)
at java.io.ObjectInputStream.readOrdinaryObject(ObjectInputStream.java:1732)
at java.io.ObjectInputStream.readObject0(ObjectInputStream.java:1329)
at java.io.ObjectInputStream.readObject(ObjectInputStream.java:351)
at sun.rmi.server.UnicastRef.unmarshalValue(UnicastRef.java:306)
at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:290)
at sun.rmi.transport.Transport$1.run(Transport.java:159)
at sun.rmi.transport.Transport.serviceCall(Transport.java:155)
at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:535)
at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:790)
at
sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:649)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:907)
at java.lang.Thread.run(Thread.java:619)
at
sun.rmi.transport.StreamRemoteCall.exceptionReceivedFromServer(StreamRemoteCall.java:255)
at sun.rmi.transport.StreamRemoteCall.executeCall(StreamRemoteCall.java:233)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:142)
{code}
Now, this could be my fault for using RMI, but I think a trigger for a lot of
this trouble is line 959 of hadoop.ipc.Server, which invokes things as the user
who made the remote call. And that somehow switching to a new user for the call
is causing problems when running under a security manager, because the user
making the call isnt trusted enough.
> IPC call can raise security exceptions when the remote node is running under
> a security manager
> -----------------------------------------------------------------------------------------------
>
> Key: HADOOP-5731
> URL: https://issues.apache.org/jira/browse/HADOOP-5731
> Project: Hadoop Core
> Issue Type: Bug
> Components: ipc
> Affects Versions: 0.21.0
> Reporter: Steve Loughran
> Assignee: Steve Loughran
> Priority: Minor
>
> I'm getting a security exception (java.lang.reflect.ReflectPermission
> suppressAccessChecks) in RPC.Server.call(), when calling a datanode brought
> up under a security manager, in method.setAccessible(true)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
