[concurrency-interest] FutureTask.cancel(true) should run thread.interrupt within doPrivileged

√iktor Ҡlang viktor.klang at gmail.com
Wed Oct 2 13:40:56 PDT 2013


My ignorance made me surprised that this wasn't the default of the
Thread.interrupt method.

Cheers,
√


On Wed, Oct 2, 2013 at 7:02 PM, Doug Lea <dl at cs.oswego.edu> wrote:

> On 10/02/2013 12:29 PM, Martin Buchholz wrote:
>
>> FutureTask.cancel(true) invokes thread.interrupt on the thread (if any)
>> currently running the task.
>> This should succeed even if modifyThread permission is denied by the
>> security
>> manager.
>>
>>
> We haven't interpreted "should" in this way in the past here or in
> related contexts, but I don't see are reason not to,  pending any
> objections by security folks.
>
> -Doug
>
>
>  Here's a proposed fix for jdk8+:
>>
>> --- src/main/java/util/concurrent/**FutureTask.java15 May 2013 02:39:59
>> -00001.103
>> +++ src/main/java/util/concurrent/**FutureTask.java2 Oct 2013 16:25:23
>> -0000
>>
>> @@ -132,6 +132,12 @@
>>           return state != NEW;
>>       }
>> +    private static void privilegedInterrupt(Thread t) {
>> +        java.security.**PrivilegedAction<Void> doInterrupt =
>> +            () -> { t.interrupt(); return null; };
>> +        java.security.**AccessController.doPrivileged(**doInterrupt);
>> +    }
>> +
>>       public boolean cancel(boolean mayInterruptIfRunning) {
>>           if (!(state == NEW &&
>>                 UNSAFE.compareAndSwapInt(this, stateOffset, NEW,
>> @@ -142,7 +148,11 @@
>>                   try {
>>                       Thread t = runner;
>>                       if (t != null)
>> -                        t.interrupt();
>> +                        try {
>> +                            t.interrupt();
>> +                        } catch (SecurityException e) {
>> +                            privilegedInterrupt(t);
>> +                        }
>>                   } finally { // final state
>>                       UNSAFE.putOrderedInt(this, stateOffset,
>> INTERRUPTED);
>>                   }
>>
>>
>>
>> ______________________________**_________________
>> Concurrency-interest mailing list
>> Concurrency-interest at cs.**oswego.edu <Concurrency-interest at cs.oswego.edu>
>> http://cs.oswego.edu/mailman/**listinfo/concurrency-interest<http://cs.oswego.edu/mailman/listinfo/concurrency-interest>
>>
>>
> ______________________________**_________________
> Concurrency-interest mailing list
> Concurrency-interest at cs.**oswego.edu <Concurrency-interest at cs.oswego.edu>
> http://cs.oswego.edu/mailman/**listinfo/concurrency-interest<http://cs.oswego.edu/mailman/listinfo/concurrency-interest>
>



-- 
*Viktor Klang*
*Director of Engineering*
Typesafe <http://www.typesafe.com/>

Twitter: @viktorklang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.openjdk.java.net/pipermail/security-dev/attachments/20131002/a70686d1/attachment.html 


More information about the security-dev mailing list