You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Guillaume Nodet (JIRA)" <ji...@apache.org> on 2014/07/09 08:16:05 UTC

[jira] [Resolved] (SSHD-332) Nio2 & security

     [ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Guillaume Nodet resolved SSHD-332.
----------------------------------

       Resolution: Fixed
    Fix Version/s: 0.12.0
         Assignee: Guillaume Nodet

> Nio2 & security
> ---------------
>
>                 Key: SSHD-332
>                 URL: https://issues.apache.org/jira/browse/SSHD-332
>             Project: MINA SSHD
>          Issue Type: Bug
>    Affects Versions: 0.11.0
>         Environment: Oracle Java 8
>            Reporter: Gaël Lalire
>            Assignee: Guillaume Nodet
>             Fix For: 0.12.0
>
>         Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, securesshd.zip
>
>   Original Estimate: 96h
>  Remaining Estimate: 96h
>
> I don't know if it is a JVM bug or normal behavior but a ProtectionDomain with no permission is associated with completionHandler thread by sun.misc.InnocuousThread class.
> As a result if a security manager is set all code in completionHandler has no permission (event if policy grants all permission).
> If the behavior of JVM is correct then you should add AccessController.doPrivileged() when entering completionHandler.
> You can also check if a SecurityManager is set and run without Nio2 as a quick fix.
>  



--
This message was sent by Atlassian JIRA
(v6.2#6252)