Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Equinox » Security Manager confusion(someone adding AllPermissions to my context?)
Security Manager confusion [message #558211] Fri, 10 September 2010 14:17
Peter M. Murray is currently offline Peter M. Murray
Messages: 24
Registered: July 2009
Junior Member
Please excuse me if this is an obvious question, but I'm a bit of a noob on java security framework issues.

I'm trying to ensure a strict sandbox for running groovy scripts within my application, but am running into what appears to be rogue insertion of AllPermissions into my stack's AccessControlContext when running within Equinox. This does not appear to happen when running without Equinox.

Below is some code that demonstrates the issue. When run directly as a Java Application, it runs property - the script Context does not have the tested permission. However, when run as an Eclipse IApplication, the script context DOES have the tested permission. Examination in the debugger shows that when run within Equinox, the /groovy/script ProtectionDomain has all of the "generic" ProtectionDomain permissions plus AllPermissions.

package test;

import groovy.lang.GroovyShell;

import java.security.AccessControlContext;

import org.eclipse.equinox.app.IApplication;
import org.eclipse.equinox.app.IApplicationContext;

public class TestSecurity implements IApplication
{
	public static void main(String[] args)
	{
		System.out.println("STARTING!");

		if (System.getSecurityManager() != null)
			throw new RuntimeException("Already configured!");

		System.setProperty("java.security.policy", "/tmp/test.policy");
		System.setSecurityManager(new SecurityManager());

		check(java.security.AccessController.getContext());
		System.out.println("Inline has permission - GOOD");

		GroovyShell shell = new GroovyShell();
		try
		{
			check((AccessControlContext) shell.evaluate("java.security.AccessController.getContext();"));
			System.out.println("Script has permission - BAD!!!");
		}
		catch (java.security.AccessControlException e)
		{
			System.out.println("Script has NO permission - GOOD");
		}
	}

	private static void check(AccessControlContext context)
	{
		context.checkPermission(new java.io.FilePermission("/tmp/foo", "read"));
	}

	@Override
	public Object start(IApplicationContext context) throws Exception
	{
		main(null);
		return IApplication.EXIT_OK;
	}

	@Override
	public void stop()
	{
	}
}


Here is /tmp/test.policy:
grant codebase "file:/home/pete/-" { permission java.security.AllPermission; };


All of the groovy code is generated with a code source url of "file:/groovy/script" or "file:/groovy/shell" - so it should not match my uber grant in test.policy (and doesn't when run via direct main() invocation.

Does anyone have any insight into this? Seems like I must be missing something.

Thanks,

pete

Previous Topic:Software updates - can't add update sites
Next Topic:Software updates in p2 product - giving up
Goto Forum:
  


Current Time: Tue Sep 16 13:24:18 GMT 2014

Powered by FUDForum. Page generated in 0.02737 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software