[jira] [Resolved] (FELIX-4975) fileinstall's ConfigInstaller leaks it's permission checks to caller

Tue, 15 Dec 2015 01:50:34 -0800 

     [ 
https://issues.apache.org/jira/browse/FELIX-4975?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Guillaume Nodet resolved FELIX-4975.
------------------------------------
    Resolution: Fixed
      Assignee: Guillaume Nodet

Committing to https://svn.apache.org/repos/asf/felix/trunk ...
        M       
fileinstall/src/main/java/org/apache/felix/fileinstall/internal/ConfigInstaller.java
Committed r1720103


> fileinstall's ConfigInstaller leaks it's permission checks to caller
> --------------------------------------------------------------------
>
>                 Key: FELIX-4975
>                 URL: https://issues.apache.org/jira/browse/FELIX-4975
>             Project: Felix
>          Issue Type: Bug
>          Components: File Install
>    Affects Versions: fileinstall-3.5.0
>         Environment: any with security enabled
>            Reporter: Raymond Augé
>            Assignee: Guillaume Nodet
>             Fix For: fileinstall-3.5.2
>
>
> The following stack trace shows ConfigInstaller's permission leaking and 
> failing for configadmin (the caller)
> {code}
> java.security.AccessControlException: access denied 
> ("java.util.PropertyPermission" "felix.fileinstall.enableConfigSave" "read")
>       at 
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
>       at 
> org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
>       at 
> com.liferay.portal.security.pacl.PortalSecurityManagerImpl$PermissionAction.run(PortalSecurityManagerImpl.java:1465)
>       at 
> com.liferay.portal.security.pacl.PortalSecurityManagerImpl$PermissionAction.run(PortalSecurityManagerImpl.java:1451)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at 
> com.liferay.portal.security.pacl.PortalSecurityManagerImpl.checkPermission(PortalSecurityManagerImpl.java:331)
>       at 
> java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1298)
>       at 
> org.eclipse.osgi.internal.framework.BundleContextImpl.getProperty(BundleContextImpl.java:117)
>       at 
> org.apache.felix.fileinstall.internal.ConfigInstaller.shouldSaveConfig(ConfigInstaller.java:163)
>       at 
> org.apache.felix.fileinstall.internal.ConfigInstaller.configurationEvent(ConfigInstaller.java:93)
>       at 
> org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.sendEvent(ConfigurationManager.java:2046)
>       at 
> org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.run(ConfigurationManager.java:2014)
>       at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:131)
>       at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:128)
>       at java.security.AccessController.doPrivileged(Native Method)
>       at org.apache.felix.cm.impl.UpdateThread.run0(UpdateThread.java:127)
>       at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:110)
>       at java.lang.Thread.run(Thread.java:745)
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to