[jira] [Created] (FELIX-5910) [ConfigAdmin] Set correct AccessControlContext when firing events or remove permissions.perm file

[JIRA]

Christoph Nölle created FELIX-5910:
--------------------------------------

             Summary: [ConfigAdmin] Set correct AccessControlContext when 
firing events or remove permissions.perm file
                 Key: FELIX-5910
                 URL: https://issues.apache.org/jira/browse/FELIX-5910
             Project: Felix
          Issue Type: Bug
          Components: Configuration Admin
    Affects Versions: configadmin-1.9.4
         Environment: - Felix fwk 6.0.0 
- Felix security 2.6.0
- Felix config admin 1.9.4 and 1.9.5-SNAPSHOT
            Reporter: Christoph Nölle


ConfigAdmin requests a restricted set of permissions by means of a 
permissions.perm file, which must not restrict the permissions of other bundles 
to which it sends events. There is in fact a mechanism in place to prevent 
this, using the protection domain of the bundle, in the class 
ManagedServiceTracker (resolving the related issue 
https://issues.apache.org/jira/browse/FELIX-4362). However, the UpdateThread 
class does not use this mechanism; instead it explicitly sets an 
AccessControlContext based on its own protection domain, hence enforcing its 
own restricted set of permissions to the event listeners. Below are two 
examples of the resulting AccessControlExceptions I get... there is just one 
additional bundle in the stack trace, felix-scr, which has all permissions and 
can be ignored from the permissions point of view. 
By the way, removing the permissions.perm file from ConfigAdmin resolves the 
problem, confirming that the bug is indeed in ConfigAdmin. 

rg.slf4j.osgi-over-slf4j[org.apache.felix.configadmin.1.9.4] : 
[[org.osgi.service.cm.ConfigurationAdmin]]Unexpected problem delivering 
configuration event to [org.osgi.service.cm.ConfigurationListener, id=18, 
bundle=24/mvn:org.apache.felix/org.apache.felix.configadmin/1.9.4]
java.security.AccessControlException: access denied 
("java.lang.RuntimePermission" "getClassLoader")
 at 
java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
 at 
java.base/java.security.AccessController.checkPermission(AccessController.java:895)
 at 
java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
 at 
java.base/java.lang.ClassLoader.checkClassLoaderPermission(ClassLoader.java:2042)
 at java.base/java.lang.Class.getClassLoader(Class.java:807)
 at 
org.apache.felix.scr.impl.inject.methods.BaseMethod.findMethod(BaseMethod.java:158)
 at 
org.apache.felix.scr.impl.inject.methods.BaseMethod.access$400(BaseMethod.java:41)
 at 
org.apache.felix.scr.impl.inject.methods.BaseMethod$NotResolved.resolve(BaseMethod.java:602)
 at 
org.apache.felix.scr.impl.inject.methods.BaseMethod$NotResolved.methodExists(BaseMethod.java:626)
 at 
org.apache.felix.scr.impl.inject.methods.BaseMethod.methodExists(BaseMethod.java:528)
 at 
org.apache.felix.scr.impl.inject.methods.ActivateMethod.invoke(ActivateMethod.java:315)
 at 
org.apache.felix.scr.impl.inject.methods.ActivateMethod.invoke(ActivateMethod.java:307)
 at 
org.apache.felix.scr.impl.manager.SingleComponentManager.invokeModifiedMethod(SingleComponentManager.java:810)
 at 
org.apache.felix.scr.impl.manager.SingleComponentManager.modify(SingleComponentManager.java:765)
 at 
org.apache.felix.scr.impl.manager.SingleComponentManager.reconfigure(SingleComponentManager.java:683)
 at 
org.apache.felix.scr.impl.manager.SingleComponentManager.reconfigure(SingleComponentManager.java:647)
 at 
org.apache.felix.scr.impl.manager.ConfigurableComponentHolder.configurationUpdated(ConfigurableComponentHolder.java:435)
 at 
org.apache.felix.scr.impl.manager.RegionConfigurationSupport.configurationEvent(RegionConfigurationSupport.java:288)
 at 
org.apache.felix.scr.impl.manager.RegionConfigurationSupport$1.configurationEvent(RegionConfigurationSupport.java:91)
 at 
org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.sendEvent(ConfigurationManager.java:1667)
 at 
org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.run(ConfigurationManager.java:1635)
 at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:126)
 at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:123)
 at java.base/java.security.AccessController.doPrivileged(Native Method)
 at org.apache.felix.cm.impl.UpdateThread.run0(UpdateThread.java:122)
 at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:105)
 at java.base/java.lang.Thread.run(Thread.java:844)

org.slf4j.osgi-over-slf4j[org.apache.felix.configadmin.1.9.4] : 
[[org.osgi.service.cm.ConfigurationAdmin]]Unexpected problem delivering 
configuration event to [org.osgi.service.cm.ConfigurationListener, id=18, 
bundle=24/mvn:org.apache.felix/org.apache.felix.configadmin/1.9.4]
java.security.AccessControlException: access denied 
("org.osgi.framework.ServicePermission" "java.lang.Runnable" "register")
 at 
java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
 at 
java.base/java.security.AccessController.checkPermission(AccessController.java:895)
 at 
java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
 at 
org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:322)
 at 
org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:891)
 at 
org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:877)
 at 
org.apache.felix.scr.impl.manager.RegistrationManager.changeRegistration(RegistrationManager.java:128)
 at 
org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:944)
 at 
org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:727)
 at 
org.apache.felix.scr.impl.manager.AbstractComponentManager.enableInternal(AbstractComponentManager.java:661)
 at 
org.apache.felix.scr.impl.manager.AbstractComponentManager.enable(AbstractComponentManager.java:427)
 at 
org.apache.felix.scr.impl.manager.ConfigurableComponentHolder.configurationUpdated(ConfigurableComponentHolder.java:440)
 at 
org.apache.felix.scr.impl.manager.RegionConfigurationSupport.configurationEvent(RegionConfigurationSupport.java:288)
 at 
org.apache.felix.scr.impl.manager.RegionConfigurationSupport$1.configurationEvent(RegionConfigurationSupport.java:91)
 at 
org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.sendEvent(ConfigurationManager.java:1667)
 at 
org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.run(ConfigurationManager.java:1635)
 at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:126)
 at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:123)
 at java.base/java.security.AccessController.doPrivileged(Native Method)
 at org.apache.felix.cm.impl.UpdateThread.run0(UpdateThread.java:122)
 at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:105)
 at java.base/java.lang.Thread.run(Thread.java:844)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)