[concurrency-interest] FutureTask.cancel(true) should run thread.interrupt within doPrivileged
Doug Lea
dl at cs.oswego.edu
Wed Oct 2 17:02:45 UTC 2013
On 10/02/2013 12:29 PM, Martin Buchholz wrote:
> FutureTask.cancel(true) invokes thread.interrupt on the thread (if any)
> currently running the task.
> This should succeed even if modifyThread permission is denied by the security
> manager.
>
We haven't interpreted "should" in this way in the past here or in
related contexts, but I don't see are reason not to, pending any
objections by security folks.
-Doug
> Here's a proposed fix for jdk8+:
>
> --- src/main/java/util/concurrent/FutureTask.java15 May 2013 02:39:59 -00001.103
> +++ src/main/java/util/concurrent/FutureTask.java2 Oct 2013 16:25:23 -0000
> @@ -132,6 +132,12 @@
> return state != NEW;
> }
> + private static void privilegedInterrupt(Thread t) {
> + java.security.PrivilegedAction<Void> doInterrupt =
> + () -> { t.interrupt(); return null; };
> + java.security.AccessController.doPrivileged(doInterrupt);
> + }
> +
> public boolean cancel(boolean mayInterruptIfRunning) {
> if (!(state == NEW &&
> UNSAFE.compareAndSwapInt(this, stateOffset, NEW,
> @@ -142,7 +148,11 @@
> try {
> Thread t = runner;
> if (t != null)
> - t.interrupt();
> + try {
> + t.interrupt();
> + } catch (SecurityException e) {
> + privilegedInterrupt(t);
> + }
> } finally { // final state
> UNSAFE.putOrderedInt(this, stateOffset, INTERRUPTED);
> }
>
>
>
> _______________________________________________
> Concurrency-interest mailing list
> Concurrency-interest at cs.oswego.edu
> http://cs.oswego.edu/mailman/listinfo/concurrency-interest
>
More information about the security-dev
mailing list