Running with any SecurityManager blocks all file access
-------------------------------------------------------
Key: JRUBY-918
URL: http://jira.codehaus.org/browse/JRUBY-918
Project: JRuby
Issue Type: Bug
Components: Core Classes/Modules
Environment: OS X 10.4.9, Java 1.5.0_07
Reporter: Steen Lehmann
Attachments: sm.patch
In order for JRuby to be able to run as an applet, a check (in
Ruby.isSecurityRestricted) is made before any local file access, before reading
properties, and in other places where a security exception would otherwise
occur. The problem is that the check only reports if _any_ security manager is
set, and so even with a very lax security manager operations such as local file
access, are prohibited.
The attached patch is a quick fix which only returns true from
isSecurityRestricted if the security manager is set and is an instance of the
Applet security manager. In this way JRuby can still run in an Applet, but when
using other security managers security exceptions may be thrown, in which case
the security manager policy can be relaxed (or the client code altered).
In addition to this fix, SecurityExceptions in places like LoadService should
be caught and ignored in cases where several different methods of locating an
external resource are attempted. I can look into this, but for the time being
this patch enables JRuby to be used both in an applet, and in other
environments where a SecurityManager may be present, like an application server.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
