You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2017/09/27 14:56:00 UTC

[Bug 61568] New: [Security Manager] InnocuousThread raises SecurityException for some HTTP requests

https://bz.apache.org/bugzilla/show_bug.cgi?id=61568

            Bug ID: 61568
           Summary: [Security Manager] InnocuousThread raises
                    SecurityException for some HTTP requests
           Product: Tomcat 8
           Version: 8.5.20
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Catalina
          Assignee: dev@tomcat.apache.org
          Reporter: 1ax@gmx.net
  Target Milestone: ----

I am running two webapps with two servlets on my server with security manager
enabled. When manually testing the servlets, they respond just fine to HTTP
post and get requests. When stress testing (e.g. multiple simultaneous
requests) some requests fail (<1%) and raise the exception pasted below. When
adding the permission java.security.AllPermission to the webapps, the exception
still occurs. Therefore, I assume, this is a bug directly related to the
security manager.

Without the security manager enabled, all requests are handled fine, even when
stress testing.


Exception:

Exception in thread "anInnocuousThread" java.lang.SecurityException:
setContextClassLoader
at sun.misc.InnocuousThread.setContextClassLoader(InnocuousThread.java:64)
at
org.apache.tomcat.util.security.PrivilegedSetTccl.run(PrivilegedSetTccl.java:31)
at
org.apache.tomcat.util.security.PrivilegedSetTccl.run(PrivilegedSetTccl.java:21)
at java.security.AccessController.doPrivileged(Native Method)
at
org.apache.tomcat.util.threads.TaskThreadFactory.newThread(TaskThreadFactory.java:66)
at
java.util.concurrent.ThreadPoolExecutor$Worker.<init>(ThreadPoolExecutor.java:610)
at
java.util.concurrent.ThreadPoolExecutor.addWorker(ThreadPoolExecutor.java:924)
at
java.util.concurrent.ThreadPoolExecutor.execute(ThreadPoolExecutor.java:1371)

at
org.apache.tomcat.util.threads.ThreadPoolExecutor.execute(ThreadPoolExecutor.java:167)
at
org.apache.tomcat.util.threads.ThreadPoolExecutor.execute(ThreadPoolExecutor.java:145)
at
sun.nio.ch.AsynchronousChannelGroupImpl.executeOnPooledThread(AsynchronousChannelGroupImpl.java:188)
at sun.nio.ch.Invoker.invokeIndirectly(Invoker.java:212)
at
sun.nio.ch.UnixAsynchronousSocketChannelImpl.finishRead(UnixAsynchronousSocketChannelImpl.java:432)
at
sun.nio.ch.UnixAsynchronousSocketChannelImpl.finish(UnixAsynchronousSocketChannelImpl.java:191)
at
sun.nio.ch.UnixAsynchronousSocketChannelImpl.onEvent(UnixAsynchronousSocketChannelImpl.java:213)
at sun.nio.ch.EPollPort$EventHandlerTask.run(EPollPort.java:293)
at java.lang.Thread.run(Thread.java:745)
at sun.misc.InnocuousThread.run(InnocuousThread.java:74)


Environment:

# uname -a
Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u1 (2017-06-18) x86_64
GNU/Linux

# java -version
java version "1.7.0_131"
OpenJDK Runtime Environment (IcedTea 2.6.9) (7u131-2.6.9-2~deb8u1)
OpenJDK 64-Bit Server VM (build 24.131-b00, mixed mode)

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 61568] [Security Manager] InnocuousThread raises SecurityException on HTTP requests

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61568

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
         Resolution|---                         |FIXED
             Status|NEW                         |RESOLVED

--- Comment #3 from Mark Thomas <ma...@apache.org> ---
The ultimate aim of the code is to make sure that any thread doesn't end up
with the web application class loader as its context class loader. Rather than
setting the class loader for the current thread that is then picked up by the
new thread, I went for setting it on the new thread. That should meet the
overall objective and avoid the issue with InnocuousThread.

Fixed in:
- trunk for 9.0.2 onwards
- 8.5.x for 8.5.24 onwards
- 8.0.x for 8.0.48 onwards

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 61568] [Security Manager] InnocuousThread raises SecurityException on HTTP requests

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61568

--- Comment #2 from Remy Maucherat <re...@apache.org> ---
I had no idea about that weird behavior ... Catch the exception and ignore
maybe, or get the thread name and avoid calling it for that "Innocuous" ? You
moved the code there for performance reasons originally.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 61568] [Security Manager] InnocuousThread raises SecurityException on HTTP requests

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61568

--- Comment #1 from Mark Thomas <ma...@apache.org> ---
InnocuousThread is hard-coded to throw a SecurityException if you try and set
the context class loader.

I can reproduce this with a clean 8.5.x build configured to use NIO2, a
SecurityManager and JMeter running 100 threads POSTing data to one of the
example servlets.

Looking at fix options now...

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org

[Bug 61568] [Security Manager] InnocuousThread raises SecurityException on HTTP requests

Posted by bu...@apache.org.

https://bz.apache.org/bugzilla/show_bug.cgi?id=61568

1ax@gmx.net changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|[Security Manager]          |[Security Manager]
                   |InnocuousThread raises      |InnocuousThread raises
                   |SecurityException for some  |SecurityException on HTTP
                   |HTTP requests               |requests

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org