You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Gerrit van Brakel (JIRA)" <ji...@apache.org> on 2009/07/16 10:17:14 UTC
[jira] Created: (FELIX-1363) Stack overflow on Java 2 Security
evaluation of getLocation() in WebSphere
Stack overflow on Java 2 Security evaluation of getLocation() in WebSphere
---------------------------------------------------------------------------
Key: FELIX-1363
URL: https://issues.apache.org/jira/browse/FELIX-1363
Project: Felix
Issue Type: Bug
Components: Framework
Affects Versions: felix-1.8.1, felix-1.8.0, felix-1.4.1, felix-1.2.1
Environment: WebSphere 6.1 with Java 2 Security enabled
Reporter: Gerrit van Brakel
When the Felix framework is used in an application in WebSphere, the Java 2 Security permission evaluation of Felix.getLocation() causes a Stack Overflow.
The Stack Overflow is caused by an incompatiblity between classes of the Felix framework and the framework classes present in WebSphere.
When the permissions for Felix.getLocation() are evaluated, an AdminPermission object is created and evaluated. The AdminPermission permission object created is not the one supplied by the Felix framework, but one found higher on the classpath: the WebSphere/eclipse version of the AdminPermission class. This version of the class is incompatible with Felix, as it uses getLocation() in its evaluation.
ways to work around or solve this problem:
1) disable Java 2 Security (not acceptable by company policy)
2) grant a global AllPermissions (not acceptable by company policy): by specifying global AllPermissions, the evaluation of permissions seems to be avoided
3) modify the Felix Framework in such a way that no permissions are set/evaluated for getLocation()
4) modify the Websphere / eclipse version of AdminPermission in such a way that no getLocation() is used in its evaluation
A test for option 3 has been performed on Felix 1.2.1. If the permission test is removed from BundleImpl.getLocation() and Felix.getLocation(), the stack overflow does not appear. Of course the permission test is lost in the process.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (FELIX-1363) Stack overflow on Java 2 Security
evaluation of getLocation() in WebSphere
Posted by "Gerrit van Brakel (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/FELIX-1363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12735506#action_12735506 ]
Gerrit van Brakel commented on FELIX-1363:
------------------------------------------
It seems like the cause of the problem is not an incompatibility of Felix and WebSphere / Equinox, but is caused by nesting one framework in another, in combination with Java 2 Security. Security evaluation for the inner framework hits policy rules probably meant for bundles of the outer framework.
I can imagine that something like namespaces in policies are required to fix this.
> Stack overflow on Java 2 Security evaluation of getLocation() in WebSphere
> ---------------------------------------------------------------------------
>
> Key: FELIX-1363
> URL: https://issues.apache.org/jira/browse/FELIX-1363
> Project: Felix
> Issue Type: Bug
> Components: Framework
> Affects Versions: felix-1.2.1
, felix-1.4.1, felix-1.8.0, felix-1.8.1
> Environment: WebSphere 6.1 with Java 2 Security enabled
> Reporter: Gerrit van Brakel
>
> When the Felix framework is used in an application in WebSphere, the Java 2 Security permission evaluation of Felix.getLocation() causes a Stack Overflow.
>
> The Stack Overflow is caused by an incompatiblity between classes of the Felix framework and the framework classes present in WebSphere.
>
> When the permissions for Felix.getLocation() are evaluated, an AdminPermission object is created and evaluated. The AdminPermission permission object created is not the one supplied by the Felix framework, but one found higher on the classpath: the WebSphere/eclipse version of the AdminPermission class. This version of the class is incompatible with Felix, as it uses getLocation() in its evaluation.
> ways to work around or solve this problem:
> 1) disable Java 2 Security (not acceptable by company policy)
> 2) grant a global AllPermissions (not acceptable by company policy): by specifying global AllPermissions, the evaluation of permissions seems to be avoided
> 3) modify the Felix Framework in such a way that no permissions are set/evaluated for getLocation()
> 4) modify the Websphere / eclipse version of AdminPermission in such a way that no getLocation() is used in its evaluation
> A test for option 3 has been performed on Felix 1.2.1. If the permission test is removed from BundleImpl.getLocation() and Felix.getLocation(), the stack overflow does not appear. Of course the permission test is lost in the process.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (FELIX-1363) Stack overflow on Java 2 Security
evaluation of getLocation() in WebSphere
Posted by "Gerrit van Brakel (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/FELIX-1363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12732563#action_12732563 ]
Gerrit van Brakel commented on FELIX-1363:
------------------------------------------
Felix,
I can understand that Felix prefers to use its own classes. However, the AdminPermission class resides in org.osgi.framework-package, and is probably present in each OSGi implemenation. OSGi is all about avoiding dependency problems like these. I would expect that OSGi implementors do not only provide a more or less problem free environment, but also try to avoid depency problems in the environment they run in themselves. This includes to my opinion agreeing with the OSGi specificators or other implementors on what can be expected from shared classes and on what they are allowed to do.
Is it allowed and can it be expected for AdminPermission implementations () to call getLocation()?
Either it is, and then getLocation should not use AdminPermission
Or it isn't, and then no AdminPermission implementation is allowed to call it.
The Felix source of AdminPermission suggests that there is a 'standard' implementation of AdminPermission that is replaced. I don't know the details about what and why, but it could be that it is just this replacement that enabled the use of AdminPermission in getLocation().
> Stack overflow on Java 2 Security evaluation of getLocation() in WebSphere
> ---------------------------------------------------------------------------
>
> Key: FELIX-1363
> URL: https://issues.apache.org/jira/browse/FELIX-1363
> Project: Felix
> Issue Type: Bug
> Components: Framework
> Affects Versions: felix-1.2.1
, felix-1.4.1, felix-1.8.0, felix-1.8.1
> Environment: WebSphere 6.1 with Java 2 Security enabled
> Reporter: Gerrit van Brakel
>
> When the Felix framework is used in an application in WebSphere, the Java 2 Security permission evaluation of Felix.getLocation() causes a Stack Overflow.
>
> The Stack Overflow is caused by an incompatiblity between classes of the Felix framework and the framework classes present in WebSphere.
>
> When the permissions for Felix.getLocation() are evaluated, an AdminPermission object is created and evaluated. The AdminPermission permission object created is not the one supplied by the Felix framework, but one found higher on the classpath: the WebSphere/eclipse version of the AdminPermission class. This version of the class is incompatible with Felix, as it uses getLocation() in its evaluation.
> ways to work around or solve this problem:
> 1) disable Java 2 Security (not acceptable by company policy)
> 2) grant a global AllPermissions (not acceptable by company policy): by specifying global AllPermissions, the evaluation of permissions seems to be avoided
> 3) modify the Felix Framework in such a way that no permissions are set/evaluated for getLocation()
> 4) modify the Websphere / eclipse version of AdminPermission in such a way that no getLocation() is used in its evaluation
> A test for option 3 has been performed on Felix 1.2.1. If the permission test is removed from BundleImpl.getLocation() and Felix.getLocation(), the stack overflow does not appear. Of course the permission test is lost in the process.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (FELIX-1363) Stack overflow on Java 2 Security
evaluation of getLocation() in WebSphere
Posted by "Felix Meschberger (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/FELIX-1363?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12731900#action_12731900 ]
Felix Meschberger commented on FELIX-1363:
------------------------------------------
Hmm, The problem is probably, that the AdminPermission class of the WebSphere framework (Equinox) should not be used if the Felix library provides its on implementation.
The reason is the servlet spec itself, which IIRC that web application class loaders should first inspect the web applications for classes before going into the parent class loader.
WebSphere in particular has a setting (on web application) level which allows configuring whether to prefer parentloader-first (Java default) or parentloader-last (preferred here). You should enable that configuration.
Another option, which is what we use in Apache Sling to be sure, is to have the web application create its own classloader in which we load the framework and the rest. That custom classloader implements the parentloader-last strategy and as such would then use the Felix framework AdminPermission class instead of the that of WebSphere.
Whatever: I don't think that this problem is something that the Felix framework proper should care about inside its code.
Just my CHF.02
> Stack overflow on Java 2 Security evaluation of getLocation() in WebSphere
> ---------------------------------------------------------------------------
>
> Key: FELIX-1363
> URL: https://issues.apache.org/jira/browse/FELIX-1363
> Project: Felix
> Issue Type: Bug
> Components: Framework
> Affects Versions: felix-1.2.1
, felix-1.4.1, felix-1.8.0, felix-1.8.1
> Environment: WebSphere 6.1 with Java 2 Security enabled
> Reporter: Gerrit van Brakel
>
> When the Felix framework is used in an application in WebSphere, the Java 2 Security permission evaluation of Felix.getLocation() causes a Stack Overflow.
>
> The Stack Overflow is caused by an incompatiblity between classes of the Felix framework and the framework classes present in WebSphere.
>
> When the permissions for Felix.getLocation() are evaluated, an AdminPermission object is created and evaluated. The AdminPermission permission object created is not the one supplied by the Felix framework, but one found higher on the classpath: the WebSphere/eclipse version of the AdminPermission class. This version of the class is incompatible with Felix, as it uses getLocation() in its evaluation.
> ways to work around or solve this problem:
> 1) disable Java 2 Security (not acceptable by company policy)
> 2) grant a global AllPermissions (not acceptable by company policy): by specifying global AllPermissions, the evaluation of permissions seems to be avoided
> 3) modify the Felix Framework in such a way that no permissions are set/evaluated for getLocation()
> 4) modify the Websphere / eclipse version of AdminPermission in such a way that no getLocation() is used in its evaluation
> A test for option 3 has been performed on Felix 1.2.1. If the permission test is removed from BundleImpl.getLocation() and Felix.getLocation(), the stack overflow does not appear. Of course the permission test is lost in the process.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (FELIX-1363) Stack overflow on Java 2 Security
evaluation of getLocation() in WebSphere
Posted by "Gerrit van Brakel (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/FELIX-1363?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gerrit van Brakel closed FELIX-1363.
------------------------------------
Resolution: Fixed
Fix Version/s: felix-2.0.0
Issue has been fixed by introduction of ThreadLocal recurse in AdminPermission, and it's use in AdminPermission.getProperties()
> Stack overflow on Java 2 Security evaluation of getLocation() in WebSphere
> ---------------------------------------------------------------------------
>
> Key: FELIX-1363
> URL: https://issues.apache.org/jira/browse/FELIX-1363
> Project: Felix
> Issue Type: Bug
> Components: Framework
> Affects Versions: felix-1.2.1
, felix-1.4.1, felix-1.8.0, felix-1.8.1
> Environment: WebSphere 6.1 with Java 2 Security enabled
> Reporter: Gerrit van Brakel
> Fix For: felix-2.0.0
>
>
> When the Felix framework is used in an application in WebSphere, the Java 2 Security permission evaluation of Felix.getLocation() causes a Stack Overflow.
>
> The Stack Overflow is caused by an incompatiblity between classes of the Felix framework and the framework classes present in WebSphere.
>
> When the permissions for Felix.getLocation() are evaluated, an AdminPermission object is created and evaluated. The AdminPermission permission object created is not the one supplied by the Felix framework, but one found higher on the classpath: the WebSphere/eclipse version of the AdminPermission class. This version of the class is incompatible with Felix, as it uses getLocation() in its evaluation.
> ways to work around or solve this problem:
> 1) disable Java 2 Security (not acceptable by company policy)
> 2) grant a global AllPermissions (not acceptable by company policy): by specifying global AllPermissions, the evaluation of permissions seems to be avoided
> 3) modify the Felix Framework in such a way that no permissions are set/evaluated for getLocation()
> 4) modify the Websphere / eclipse version of AdminPermission in such a way that no getLocation() is used in its evaluation
> A test for option 3 has been performed on Felix 1.2.1. If the permission test is removed from BundleImpl.getLocation() and Felix.getLocation(), the stack overflow does not appear. Of course the permission test is lost in the process.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.