You are viewing a plain text version of this content. The canonical link for it is here.
Posted to log4net-dev@logging.apache.org by "Nicko Cadell (JIRA)" <ji...@apache.org> on 2006/02/20 20:48:42 UTC
[jira] Created: (LOG4NET-65) Unhandled SecurityException exception
for FileIOPermission while loading configuration file
Unhandled SecurityException exception for FileIOPermission while loading configuration file
-------------------------------------------------------------------------------------------
Key: LOG4NET-65
URL: http://issues.apache.org/jira/browse/LOG4NET-65
Project: Log4net
Type: Bug
Components: Core
Versions: 1.2.9
Reporter: Nicko Cadell
Assigned to: Nicko Cadell
Fix For: 1.2.10
If the calling application does not have the PathDiscovery FileIOPermission a SecurityException is generated from the XmlConfiguratorAttribute.Configure method. This is called from the first LoggerManager.GetLogger in a calling assembly.
The exception should be caught as we may potentially be injecting this exception into user code's class initialisation phase which the user would find unexpected.
An example stack trace for the exception is:
[SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
System.Security.CodeAccessPermission.Demand() +59
System.AppDomainSetup.VerifyDir(String dir, Boolean normalize) +110
System.AppDomain.get_BaseDirectory() +61
log4net.Util.SystemInfo.get_ApplicationBaseDirectory() +31
log4net.Config.XmlConfiguratorAttribute.Configure(Assembly sourceAssembly, ILoggerRepository targetRepository) +30
log4net.Core.DefaultRepositorySelector.ConfigureRepository(Assembly assembly, ILoggerRepository repository) +314
log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType, String repositoryName, Boolean readAssemblyAttributes) +532
log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType) +42
log4net.Core.DefaultRepositorySelector.GetRepository(Assembly repositoryAssembly) +80
log4net.Core.LoggerManager.GetLogger(Assembly repositoryAssembly, String name) +132
log4net.LogManager.GetLogger(Assembly repositoryAssembly, String name) +30
log4net.LogManager.GetLogger(String name) +34
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
[jira] Resolved: (LOG4NET-65) Unhandled SecurityException exception
for FileIOPermission while loading configuration file
Posted by "Nicko Cadell (JIRA)" <ji...@apache.org>.
[ http://issues.apache.org/jira/browse/LOG4NET-65?page=all ]
Nicko Cadell resolved LOG4NET-65:
---------------------------------
Resolution: Fixed
Checked in a code fix to this issue that adds additional try/catch blocks to check for the PathDiscovery permissions exception and to log more details of the error condition.
> Unhandled SecurityException exception for FileIOPermission while loading configuration file
> -------------------------------------------------------------------------------------------
>
> Key: LOG4NET-65
> URL: http://issues.apache.org/jira/browse/LOG4NET-65
> Project: Log4net
> Type: Bug
> Components: Core
> Versions: 1.2.9
> Reporter: Nicko Cadell
> Assignee: Nicko Cadell
> Fix For: 1.2.10
>
> If the calling application does not have the PathDiscovery FileIOPermission a SecurityException is generated from the XmlConfiguratorAttribute.Configure method. This is called from the first LoggerManager.GetLogger in a calling assembly.
> The exception should be caught as we may potentially be injecting this exception into user code's class initialisation phase which the user would find unexpected.
> An example stack trace for the exception is:
> [SecurityException: Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.]
> System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet) +0
> System.Security.CodeAccessPermission.Demand() +59
> System.AppDomainSetup.VerifyDir(String dir, Boolean normalize) +110
> System.AppDomain.get_BaseDirectory() +61
> log4net.Util.SystemInfo.get_ApplicationBaseDirectory() +31
> log4net.Config.XmlConfiguratorAttribute.Configure(Assembly sourceAssembly, ILoggerRepository targetRepository) +30
> log4net.Core.DefaultRepositorySelector.ConfigureRepository(Assembly assembly, ILoggerRepository repository) +314
> log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType, String repositoryName, Boolean readAssemblyAttributes) +532
> log4net.Core.DefaultRepositorySelector.CreateRepository(Assembly repositoryAssembly, Type repositoryType) +42
> log4net.Core.DefaultRepositorySelector.GetRepository(Assembly repositoryAssembly) +80
> log4net.Core.LoggerManager.GetLogger(Assembly repositoryAssembly, String name) +132
> log4net.LogManager.GetLogger(Assembly repositoryAssembly, String name) +30
> log4net.LogManager.GetLogger(String name) +34
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira