RFR 8197387: jcmd started by "root" must be allowed to access all VM processes

[Daniil Titov]

Hi Thomas,

Please review a new version of the fix that includes the changes suggested.

Webrev: http://cr.openjdk.java.net/~dtitov/8197387/webrev.02/
Bug: https://bugs.openjdk.java.net/browse/JDK-8197387 

Thank you,
Daniil


On 5/24/18, 10:51 PM, "Thomas Stüfe" <thomas.stuefe at gmail.com> wrote:

    Hi Daniil,
    
    here is my review:
    
    - Like Roger I would prefer to have the uid checks factored out. At
    least for the hotspot coding, I do not know where to put it in jdk
    coding. For the hotspot parts, I would add something like:
    
    os::Posix::is_root(uid_t uid) ;
    os::Posix::matches_effective_uid_or_root(uid_t uid) // return
    isroot(uid) || uid == geteuid
    os::Posix::matches_effective_group_id(gid_t gid)     // return gid == getegid
    
    to os_posix.hpp/os_posix.cpp
    
    Other than that, the changes make sense.
    
    Kind Regards, Thomas
    
    
    
    
    On Thu, May 24, 2018 at 3:11 AM, Daniil Titov <daniil.x.titov at oracle.com> wrote:
    > Please review the changes that fix JDK-8197387.
    >
    > There are 2 problems here:
    > 1. JVM ignores  .attach_pid<pid> file if it is owned by the user different from the one that owns this JVM process
    > 2. jcmd checks that .java_pid<pid> socket is owned by the same user that runs jcmd and reports an error otherwise
    >
    > The fix relaxes these checks to allow jcmd started by  "root"  (UID = 0) access JVMs started by another users.
    >
    > Bug: https://bugs.openjdk.java.net/browse/JDK-8197387
    > Webrev: http://cr.openjdk.java.net/~dtitov/8197387/webrev.01/
    >
    > Best regards,
    > Daniil
    >
    >