RFR: 8327114: Attach in Linux may have wrong behaviour when pid == ns_pid (Kubernetes debug container) [v7]
Severin Gehwolf
sgehwolf at openjdk.org
Tue Oct 1 09:09:45 UTC 2024
On Tue, 1 Oct 2024 07:33:16 GMT, David Holmes <dholmes at openjdk.org> wrote:
> We are seeing a number of test failures after this was integrated. Failing tests:
>
> * containers/docker/TestJcmdWithSideCar.java
What's the failure?
> * com/sun/tools/attach/PermissionTest.java
>
> I will file bugs, but the permission test fails because the new code throws a SecurityException when the SecurityManager is enabled:
>
> ```
> Caused by: java.security.AccessControlException: access denied ("java.io.FilePermission" "/proc/self/ns/mnt" "readlink")
> at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:488)
> at java.base/java.security.AccessController.checkPermission(AccessController.java:1085)
> at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:411)
> at java.base/sun.nio.fs.UnixFileSystemProvider.readSymbolicLink(UnixFileSystemProvider.java:554)
> at java.base/java.nio.file.Files.readSymbolicLink(Files.java:1474)
> at jdk.attach/sun.tools.attach.VirtualMachineImpl.<clinit>(VirtualMachineImpl.java:66)
> ```
This is handled here: https://git.openjdk.org/jdk/pull/21269
-------------
PR Comment: https://git.openjdk.org/jdk/pull/19055#issuecomment-2385229823
More information about the serviceability-dev
mailing list