Teodor Todorov created ARIES-963:
------------------------------------
Summary: Spi-fly requires the bundle, whose class is being woven,
to have AdaptPermission for a successful weaving.
Key: ARIES-963
URL: https://issues.apache.org/jira/browse/ARIES-963
Project: Aries
Issue Type: Bug
Reporter: Teodor Todorov
Hello Colleagues,
The spi-fly weaving hook inserts in the byte code of the woven class execution
of the method "org.apache.aries.spifly.Util.fixContextClassloader(String cls,
String method, Class<?> clsArg, ClassLoader bundleLoader)"
This method in its turn calls the method
"org.apache.aries.spifly.Util.findContextClassloader(Bundle consumerBundle,
String className, String methodName, Class<?> clsArg)". The latter internally
calls "BundleWiring bundleWiring =
(BundleWiring)consumerBundle.adapt(BundleWiring.class);" on line 137, which
requires the caller to have the AdaptPermission
("org.osgi.framework.AdaptPermission" "org.osgi.framework.wiring.BundleWiring"
"adapt").
Option1)
Since the spi-fly weaving hook has the WovenClass object, it may obtain the
BundleWiring without any security checks through the
WovenClass.getBundleWiring() call and may pass this BundleWiring object to the
Util methods, which are inserted in the woven class byte code. This would
require changes in the signature of the Util.fixContextClassloader(...) and
Util.findContextClassloader(...) and in the code in the weaving hook, that uses
it.
Option2)
Execute the call bundle.adapt(BundleRevision.class) in an
AccessController.doPrivileged block.
This was observed during the execution of the osgi test case for the
serviceloader.secure on the spi-fly on top of the OSGi R5 compatible
implementation from ProSyst. Here is the stack trace:
java.security.AccessControlException: access denied
("org.osgi.framework.AdaptPermission" "org.osgi.framework.wiring.BundleWiring"
"adapt")
at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:366)
at
com.prosyst.mbs.impl.framework.module.security.SecurityManagerImpl.checkPermission(SecurityManagerImpl.java:110)
at
com.prosyst.mbs.impl.framework.module.security.SecurityManagerImpl.checkPermission(SecurityManagerImpl.java:71)
at
com.prosyst.mbs.impl.framework.module.security.BasicSecurityImpl.checkAdaptPermission(BasicSecurityImpl.java:445)
at com.prosyst.mbs.impl.framework.BundleImpl.adapt(BundleImpl.java:7437)
at com.prosyst.mbs.impl.framework.BundleImpl.adapt(BundleImpl.java:7430)
at org.apache.aries.spifly.Util.findContextClassloader(Util.java:137)
at org.apache.aries.spifly.Util.fixContextClassloader(Util.java:84)
at
org.osgi.test.cases.serviceloader.secure.client.ColorProviderClient.$$FCCL$$java#util#ServiceLoader$load$java#lang#Class(ColorProviderClient.java)
at
org.osgi.test.cases.serviceloader.secure.client.ColorProviderClient.run(ColorProviderClient.java:38)
at
org.osgi.test.cases.serviceloader.secure.junit.ServiceLoaderSecureTest.testLegacyClientWithPermission(ServiceLoaderSecureTest.java:292)
...
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
