Hi Christoph,
It passed all my testing.
thanks,
Chris
On 5/8/18 5:25 AM, Langer, Christoph wrote:
Hi Chris,
thanks for reviewing and offering to test, I appreciate that. As Thomas has
reviewed it as well, could you please conduct your testing? I ran it through
our local testing and jdk-submit, no regressions observed.
Thanks & Best regards
Christoph
-----Original Message-----
From: Chris Plummer [mailto:chris.plum...@oracle.com]
Sent: Montag, 7. Mai 2018 20:30
To: Langer, Christoph <christoph.lan...@sap.com>; serviceability-
d...@openjdk.java.net
Cc: ppc-aix-port-...@openjdk.java.net; Martin Buchholz
<marti...@google.com>
Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
The changes look fine. There are some closed aod tests that should be
run. I can do this for you once the review is done.
thank,s
Chris
On 5/6/18 12:23 PM, Langer, Christoph wrote:
Hi,
with that information and Martins links to the specs, I suggest to add the
patch to linux as well. I played with the sgid functionality on Linux and it is
the
same as on AIX. So, if somebody configured the directory where the attach
listener file is created with sgid, the file will belong to the wrong group.
See my new webrev:
http://cr.openjdk.java.net/~clanger/webrevs/8202650.1/
Thanks
Christoph
-----Original Message-----
From: Chris Plummer [mailto:chris.plum...@oracle.com]
Sent: Freitag, 4. Mai 2018 23:34
To: Langer, Christoph <christoph.lan...@sap.com>; serviceability-
d...@openjdk.java.net
Cc: ppc-aix-port-...@openjdk.java.net
Subject: Re: RFR (S): 8202650: Enforce group for attach listener file
Hi Christoph,
It looks like for bsd this code was added to fix JDK-7152800. In that CR
I see the following:
"The attach framework will verify that the file has the same effective
owner and group as the currently running process. This will be true on
linux, since files are created with the effective user and group as
owner. This will NOT be true always on macos, since the file can have a
different group if the temporary directory has a different group than
what we are currently running as."
So it looks like the fix is not necessary for Linux. It wouldn't hurt to
experiment by setting the s-bit on the directory and see if you have the
same problem as macos and AIX.
thanks,
Chris
On 5/4/18 7:29 AM, Langer, Christoph wrote:
Hi,
please review a change for correctly setting the group for the attach
listener file:
Webrev: http://cr.openjdk.java.net/~clanger/webrevs/8202650.0/
<http://cr.openjdk.java.net/%7Eclanger/webrevs/8202650.0/>
Bug: https://bugs.openjdk.java.net/browse/JDK-8202650
<https://bugs.openjdk.java.net/browse/JDK-8202650>
The attach listener file, usually /tmp/.java_pid<pid> is created from
the hotspot JVM process. Usually it will belong to the process user
and group. However, when the directory where it is created has set the
s-bit for groups, the group of the directory is taken. This will cause
errors when the attach client tries to connect and it is checked
whether the group of the attach file matches the client processes'
group.
In my webrev I only implemented the change for AIX because we have
run
into an issue on that platform. But I can see this code already in
place for attachListener_bsd.cpp. And I’m wondering if this should
also be added to attachListener_linux.cpp because the sticky-bit could
be set with the same effects on Linux, too. Any opinions about that?
Thanks and best regards
Christoph
