RFR: 7152800: All tests using the attach API fail with "well-known file is not secure" on Mac OS X

[Dmitry Samersoff]

Dean,

In all cases it is good to set required mode/owner explicitly.


PS: RESTARTABLE is not necessary around chmod & chown as neither of them
could be interrupted.

-Dmitry

On 2012-03-19 23:38, Dean Long wrote:
> On linux, you can control this behavior with the setgid mode bit on the
> parent directory.  Does that also work on OSX?
> 
> dl
> 
> On 3/19/2012 6:03 AM, Staffan Larsen wrote:
>> Please review the following fix:
>>
>> Webrev: http://cr.openjdk.java.net/~sla/7152800/webrev.00/
>> <http://cr.openjdk.java.net/%7Esla/7152800/webrev.00/>
>> Bug: http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=7152800
>>
>> We sometimes get an error say "well-known file is not secure" when
>> running attach-tests on mac osx. The reason is a difference in how
>> files are created between linux and mac osx (and that the mac code in
>> HotSpot originates from the linux code):
>>
>> * On linux, the default group owner of a newly created file will be
>> user's effective group (id -g).
>>
>> * On macos, the default group owner of a newly created file will be
>> group owner of the directory the file is in.
>>
>> The attach framework will verify that the file has the same effective
>> owner and group as the currently running process. This will be true on
>> linux, since files are created with the effective user and group as
>> owner. This will NOT be true always on macos, since the file can have
>> a different group if the temporary directory has a different group
>> than what we are currently running as.
>>
>> The fix on macos is to change the group ownership of the well-known
>> file to the effective group when the file is created.
>>
>> The fix has been verified by manually changing the effective group of
>> the launching user.
>>
>> Thanks,
>> /Staffan


-- 
Dmitry Samersoff
Java Hotspot development team, SPB04
* There will come soft rains ...