7169888: Narrowing resource definitions in JMX RMI connector
CPU bug, we can't put offending calls outside doPrivileged, but narrow granted permissions. Reviewed-by: ahgross, fparain
This commit is contained in:
Dmitry Samersoff
parent
9a307c8287
commit
5e84600efc
@ -25,6 +25,30 @@
|
||||
|
||||
package javax.management.remote.rmi;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.rmi.MarshalledObject;
|
||||
import java.rmi.UnmarshalException;
|
||||
import java.rmi.server.Unreferenced;
|
||||
import java.security.AccessControlContext;
|
||||
import java.security.AccessController;
|
||||
import java.security.Permission;
|
||||
import java.security.PermissionCollection;
|
||||
import java.security.Permissions;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.PrivilegedActionException;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.security.ProtectionDomain;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.management.*;
|
||||
import javax.management.remote.JMXServerErrorException;
|
||||
import javax.management.remote.NotificationResult;
|
||||
import javax.management.remote.TargetedNotification;
|
||||
import javax.security.auth.Subject;
|
||||
|
||||
import static com.sun.jmx.mbeanserver.Util.cast;
|
||||
import com.sun.jmx.remote.internal.ServerCommunicatorAdmin;
|
||||
import com.sun.jmx.remote.internal.ServerNotifForwarder;
|
||||
@ -35,44 +59,6 @@ import com.sun.jmx.remote.util.ClassLogger;
|
||||
import com.sun.jmx.remote.util.EnvHelp;
|
||||
import com.sun.jmx.remote.util.OrderClassLoaders;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.rmi.MarshalledObject;
|
||||
import java.rmi.UnmarshalException;
|
||||
import java.rmi.server.Unreferenced;
|
||||
import java.security.AccessControlContext;
|
||||
import java.security.AccessController;
|
||||
import java.security.PrivilegedAction;
|
||||
import java.security.PrivilegedActionException;
|
||||
import java.security.PrivilegedExceptionAction;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collections;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.management.Attribute;
|
||||
import javax.management.AttributeList;
|
||||
import javax.management.AttributeNotFoundException;
|
||||
import javax.management.InstanceAlreadyExistsException;
|
||||
import javax.management.InstanceNotFoundException;
|
||||
import javax.management.IntrospectionException;
|
||||
import javax.management.InvalidAttributeValueException;
|
||||
import javax.management.ListenerNotFoundException;
|
||||
import javax.management.MBeanException;
|
||||
import javax.management.MBeanInfo;
|
||||
import javax.management.MBeanRegistrationException;
|
||||
import javax.management.MBeanServer;
|
||||
import javax.management.NotCompliantMBeanException;
|
||||
import javax.management.NotificationFilter;
|
||||
import javax.management.ObjectInstance;
|
||||
import javax.management.ObjectName;
|
||||
import javax.management.QueryExp;
|
||||
import javax.management.ReflectionException;
|
||||
import javax.management.RuntimeOperationsException;
|
||||
import javax.management.remote.JMXServerErrorException;
|
||||
import javax.management.remote.NotificationResult;
|
||||
import javax.management.remote.TargetedNotification;
|
||||
import javax.security.auth.Subject;
|
||||
|
||||
/**
|
||||
* <p>Implementation of the {@link RMIConnection} interface. User
|
||||
* code will not usually reference this class.</p>
|
||||
@ -143,6 +129,7 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
|
||||
this.mbeanServer = rmiServer.getMBeanServer();
|
||||
|
||||
final ClassLoader dcl = defaultClassLoader;
|
||||
|
||||
this.classLoaderWithRepository =
|
||||
AccessController.doPrivileged(
|
||||
new PrivilegedAction<ClassLoaderWithRepository>() {
|
||||
@ -151,13 +138,29 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
|
||||
mbeanServer.getClassLoaderRepository(),
|
||||
dcl);
|
||||
}
|
||||
});
|
||||
},
|
||||
|
||||
withPermissions( new MBeanPermission("*", "getClassLoaderRepository"),
|
||||
new RuntimePermission("createClassLoader"))
|
||||
);
|
||||
|
||||
serverCommunicatorAdmin = new
|
||||
RMIServerCommunicatorAdmin(EnvHelp.getServerConnectionTimeout(env));
|
||||
|
||||
this.env = env;
|
||||
}
|
||||
|
||||
private static AccessControlContext withPermissions(Permission ... perms){
|
||||
Permissions col = new Permissions();
|
||||
|
||||
for (Permission thePerm : perms ) {
|
||||
col.add(thePerm);
|
||||
}
|
||||
|
||||
final ProtectionDomain pd = new ProtectionDomain(null, col);
|
||||
return new AccessControlContext( new ProtectionDomain[] { pd });
|
||||
}
|
||||
|
||||
private synchronized ServerNotifForwarder getServerNotifFwd() {
|
||||
// Lazily created when first use. Mainly when
|
||||
// addNotificationListener is first called.
|
||||
@ -1330,7 +1333,9 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
|
||||
public ClassLoader run() throws InstanceNotFoundException {
|
||||
return mbeanServer.getClassLoader(name);
|
||||
}
|
||||
});
|
||||
},
|
||||
withPermissions(new MBeanPermission("*", "getClassLoader"))
|
||||
);
|
||||
} catch (PrivilegedActionException pe) {
|
||||
throw (InstanceNotFoundException) extractException(pe);
|
||||
}
|
||||
@ -1345,7 +1350,9 @@ public class RMIConnectionImpl implements RMIConnection, Unreferenced {
|
||||
public Object run() throws InstanceNotFoundException {
|
||||
return mbeanServer.getClassLoaderFor(name);
|
||||
}
|
||||
});
|
||||
},
|
||||
withPermissions(new MBeanPermission("*", "getClassLoaderFor"))
|
||||
);
|
||||
} catch (PrivilegedActionException pe) {
|
||||
throw (InstanceNotFoundException) extractException(pe);
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user