[jira] Created: (LOGGING-130) Potential missing privileged block for class loader

Tue, 05 May 2009 18:57:55 -0700 

Potential missing privileged block for class loader
---------------------------------------------------

                 Key: LOGGING-130
                 URL: https://issues.apache.org/jira/browse/LOGGING-130
             Project: Commons Logging
          Issue Type: Bug
    Affects Versions: 1.1.1
         Environment: Windows 7 under Sun JRE 6 Update 13, 64-bit
Running Commons HttpClient 3,1 w/ Commons Logging 1.1.1
            Reporter: Matthew P. Del Buono


When attempting to instantiate a HttpClient, a call to LogFactory.getLog() is 
made. Going deeper, Commons Logging later attempts to make an unprivileged call 
to java.lang.ClassLoader.getParent(). Under systems with an installed 
SecurityManager (like mine), this may be forbidden.

In particular, this call will require the RuntimePermission getClassLoader. In 
my particular case, I am attempting to sandbox specific segments of code, and 
thus cannot grant this permission to the user of HttpClient (and, thus, Commons 
Logging). However, I feel that Commons Logging should be able to trust itself 
to make a self-checked call to ClassLoader.getParent().

The stack trace for my situation (trimmed off to assist you) is as follows:

Caused by: org.apache.commons.logging.LogConfigurationException: 
java.lang.SecurityException: Cannot request this permission from a tainted 
execution path (Caused by java.lang.SecurityException: Cannot request this 
permission from a tainted execution path)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:637)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:336)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:310)
        at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:685)
        at org.apache.commons.httpclient.HttpClient.<clinit>(HttpClient.java:66)
        ... 11 more
Caused by: java.lang.SecurityException: Cannot request this permission from a 
tainted execution path
        at 
com.mmoui.manager.MinionSecurityManager.verifyUntainted(MinionSecurityManager.java:507)
        at 
com.mmoui.manager.MinionSecurityManager.checkPermission(MinionSecurityManager.java:263)
        at 
com.mmoui.manager.MinionSecurityManager.checkPermission(MinionSecurityManager.java:474)
        at java.lang.ClassLoader.getParent(ClassLoader.java:1233)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1327)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1247)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:1048)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:914)
        at 
org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:604)
        ... 15 more


I feel that LogFactoryImpl.getLowestClassLoader's call to 
java.lang.ClassLoader.getParent() should be wrapped by 
AccessController.doPrivileged(). I can't think of any reason not to do this 
currently. This would allow my application to trust Commons Logging and not 
have to grant the RuntimePermission getClassLoader to the users of HttpClient.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

Reply via email to