[
http://issues.apache.org/jira/browse/HARMONY-121?page=comments#action_12368262
]
Mikhail Loenko commented on HARMONY-121:
----------------------------------------
At the first call of custom SecurityManager.checkPermission() the classes
required for permission check are not initialized.
Initialization of these classes (e.g. reading system properties or loading of
the policy file) causes other permissions checks and thus falls into an
infinite recursion.
I see the following way to fix the problem: Initialize Policy (e.g. call
Policy.getPolicy()) at the first System.setSecurityManager call.
Currently IBM's System calls 's.checkPackageAccess("java.lang")' that might
work well with some
security managers and don't work with others.
If all agree I'll submit a patch for both System and Policy.
> Stack overflow running security manager test
> --------------------------------------------
>
> Key: HARMONY-121
> URL: http://issues.apache.org/jira/browse/HARMONY-121
> Project: Harmony
> Type: Bug
> Components: Classlib
> Reporter: Tim Ellison
>
> The following test case runs ok on the reference impl.but fails with a stack
> overflow on Harmony code.
> private static class MySecurityManager extends SecurityManager {
> private static final RuntimePermission SET_MANAGER_PERMISSION =
> new RuntimePermission("setSecurityManager");
>
> public void checkPermission(Permission perm) {
> if (!perm.equals(SET_MANAGER_PERMISSION)) {
> super.checkPermission(perm);
> }
> }
> }
> public void test_getProperties() {
> System.setSecurityManager(new MySecurityManager());
> try {
> System.getProperties();
> } catch (SecurityException e) {
> // Expected
> } finally {
> System.setSecurityManager(null);
> }
> }
> The stack overflow is as follows:
> java.lang.StackOverflowError
> at java.util.PropertyPermission.equals(PropertyPermission.java:78)
> at
> org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:44)
> at
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at
> org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at
> java.security.AccessController.doPrivileged(AccessController.java:183)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at
> java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at
> org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at
> org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at
> java.security.AccessController.doPrivileged(AccessController.java:183)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at
> java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at
> org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> <snip>
> at
> org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at
> java.security.AccessController.doPrivileged(AccessController.java:183)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at
> java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at
> org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at
> org.apache.harmony.security.fortress.PolicyUtils$SystemKit.run(PolicyUtils.java:84)
> at
> java.security.AccessController.doPrivileged(AccessController.java:183)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.refresh(DefaultPolicy.java:272)
> at
> org.apache.harmony.security.fortress.DefaultPolicy.getPermissions(DefaultPolicy.java:194)
> at java.security.Policy.implies(Policy.java:77)
> at java.security.ProtectionDomain.implies(ProtectionDomain.java:118)
> at
> java.security.AccessController.checkPermission(AccessController.java:88)
> at java.lang.SecurityManager.checkPermission(SecurityManager.java:704)
> at
> org.apache.harmony.tests.java.lang.SecurityManagerTest$MySecurityManager.checkPermission(SecurityManagerTest.java:45)
> at
> java.lang.SecurityManager.checkPropertiesAccess(SecurityManager.java:343)
> at java.lang.System.getProperties(System.java:519)
> at
> org.apache.harmony.tests.java.lang.SecurityManagerTest.test_getProperties(SecurityManagerTest.java:53)
> at java.lang.reflect.AccessibleObject.invokeV(AccessibleObject.java:211)
> at java.lang.reflect.Method.invoke(Method.java:248)
> at junit.framework.TestCase.runTest(TestCase.java:154)
> at junit.framework.TestCase.runBare(TestCase.java:127)
> at junit.framework.TestResult$1.protect(TestResult.java:106)
> at junit.framework.TestResult.runProtected(TestResult.java:124)
> at junit.framework.TestResult.run(TestResult.java:109)
> at junit.framework.TestCase.run(TestCase.java:118)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at junit.framework.TestSuite.runTest(TestSuite.java:208)
> at junit.framework.TestSuite.run(TestSuite.java:203)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:478)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:344)
> at
> org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:196)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
