[rfc][icedtea-web][policyeditor] Reflection and Exec permissions
Jiri Vanek
jvanek at redhat.com
Wed Mar 26 09:06:26 UTC 2014
On 03/25/2014 08:34 PM, Andrew Azores wrote:
> On 03/25/2014 02:57 PM, Jiri Vanek wrote:
>> On 03/25/2014 02:39 PM, Andrew Azores wrote:
>>> On 03/25/2014 05:30 AM, Jiri Vanek wrote:
>>>> On 03/24/2014 09:05 PM, Andrew Azores wrote:
>>>>> Hi,
>>>>>
>>>>> This patch just adds Reflection and Exec permission options to PolicyEditor.
>>>>>
>>>>> Thanks,
>>>>>
>>>>
>>>> Looks good. Just not sure if it is enough:
>>>>
>>>> eg:
>>>> java.lang.NullPointerException
>>>> at geogebra.i.x.a(Unknown Source)
>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>> at geogebra.gui.a.a.a(Unknown Source)
>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>> at geogebra.GeoGebra.a(Unknown Source)
>>>> at geogebra.GeoGebra.main(Unknown Source)
>>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>>> at java.lang.reflect.Method.invoke(Method.java:616)
>>>> at net.sourceforge.jnlp.Launcher.launchApplication(Launcher.java:571)
>>>> at net.sourceforge.jnlp.Launcher$TgThread.run(Launcher.java:911)
>>>>
>>>> I think he class for name is not allowed by your permission.
>>>
>>> Aha! Thanks for catching this. [0] suggests there's only one permission needed for reflection,
>>> but [1] proves otherwise (and makes sense).
>>>
>>
>> Hmm still the same exception. It is geogebra which is causing this.
>
> Do you have exact reproduction steps?
yes, lunch geogebra from our testcases and sue any sandbox combination :) - or try to tune it to run:)
>
>>
>>> [0] http://docs.oracle.com/javase/7/docs/api/java/lang/reflect/ReflectPermission.html
>>> [1]
>>> http://docs.oracle.com/javase/7/docs/api/java/lang/Class.html#forName%28java.lang.String,%20boolean,%20java.lang.ClassLoader%29
>>>
>>>
>>>> For exec - are supported both runtimelexec and process builder?
>>>
>>> According to the documentation, they both go through SecurityManager#checkExec, which checks for
>>> "execute" action on the given file. So if granting <<ALL FILES>> as the target, it should allow
>>> executing anything (which sounds so, so scary - but that's why this is optional! :) )
>> hmhmh.. No granularity needed in policy editor level imho. Just allow all.
>
> Yea, that's what it is now. Just FilePermission with "execute" action on "<<ALL FILES>>" target.
>
>>>
>>>>
>>>> J.
>>>
>>>
>>> New patch adds the ClassLoader permission, as well as a bunch of others I figured might as well
>>> be added because they're likely to be needed in conjunction with it and each other. PolicyEditor
>>> doesn't really have a way to make a single checkbox handle multiple permissions, at least not
>>> right now, so the Reflection stuff is split up into four different permissions basically, but I
>>> think that's probably actually better anyway. It's just a little more cluttered looking. Maybe a
>>> future enhancement would be to add labels separating the checkboxes into groups eg File Access,
>>> Java Reflection, System Utility?
>>
>> This should be fixed. Eg all checkboxes from family of "allow unowned code execution" should be
>> gathered under one :((
>>
>> Not needed to do now, but later 100% needed fix.
>>>
>>> Thanks,
>>>
>>
>
> Thanks,
>
More information about the distro-pkg-dev
mailing list