You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Carsten Ziegeler (JIRA)" <ji...@apache.org> on 2018/09/13 22:03:00 UTC

[jira] [Commented] (FELIX-5910) Set correct AccessControlContext when receiving configuration events

    [ https://issues.apache.org/jira/browse/FELIX-5910?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16614112#comment-16614112 ] 

Carsten Ziegeler commented on FELIX-5910:
-----------------------------------------

[~cnoelle] I've committed a potential fix to SCR in rev 1840868. It would be great if you could give this a try. Thanks!

> Set correct AccessControlContext when receiving configuration events
> --------------------------------------------------------------------
>
>                 Key: FELIX-5910
>                 URL: https://issues.apache.org/jira/browse/FELIX-5910
>             Project: Felix
>          Issue Type: Bug
>          Components: Declarative Services (SCR)
>    Affects Versions: scr-2.1.6
>         Environment: - Felix fwk 6.0.0 
> - Felix security 2.6.0
> - Felix config admin 1.9.4 and 1.9.5-SNAPSHOT
>            Reporter: Christoph Nölle
>            Assignee: Carsten Ziegeler
>            Priority: Major
>             Fix For: scr-2.1.8
>
>
> ConfigAdmin requests a restricted set of permissions by means of a permissions.perm file, which must not restrict the permissions of other bundles to which it sends events. There is in fact a mechanism in place to prevent this, using the protection domain of the bundle, in the class ManagedServiceTracker (resolving the related issue https://issues.apache.org/jira/browse/FELIX-4362). However, the UpdateThread class does not use this mechanism; instead it explicitly sets an AccessControlContext based on its own protection domain, hence enforcing its own restricted set of permissions to the event listeners. Below are two examples of the resulting AccessControlExceptions I get... there is just one additional bundle in the stack trace, felix-scr, which has all permissions and can be ignored from the permissions point of view. 
> By the way, removing the permissions.perm file from ConfigAdmin resolves the problem, confirming that the bug is indeed in ConfigAdmin. 
> rg.slf4j.osgi-over-slf4j[org.apache.felix.configadmin.1.9.4] : [[org.osgi.service.cm.ConfigurationAdmin]]Unexpected problem delivering configuration event to [org.osgi.service.cm.ConfigurationListener, id=18, bundle=24/mvn:org.apache.felix/org.apache.felix.configadmin/1.9.4]
> java.security.AccessControlException: access denied ("java.lang.RuntimePermission" "getClassLoader")
>  at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>  at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>  at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>  at java.base/java.lang.ClassLoader.checkClassLoaderPermission(ClassLoader.java:2042)
>  at java.base/java.lang.Class.getClassLoader(Class.java:807)
>  at org.apache.felix.scr.impl.inject.methods.BaseMethod.findMethod(BaseMethod.java:158)
>  at org.apache.felix.scr.impl.inject.methods.BaseMethod.access$400(BaseMethod.java:41)
>  at org.apache.felix.scr.impl.inject.methods.BaseMethod$NotResolved.resolve(BaseMethod.java:602)
>  at org.apache.felix.scr.impl.inject.methods.BaseMethod$NotResolved.methodExists(BaseMethod.java:626)
>  at org.apache.felix.scr.impl.inject.methods.BaseMethod.methodExists(BaseMethod.java:528)
>  at org.apache.felix.scr.impl.inject.methods.ActivateMethod.invoke(ActivateMethod.java:315)
>  at org.apache.felix.scr.impl.inject.methods.ActivateMethod.invoke(ActivateMethod.java:307)
>  at org.apache.felix.scr.impl.manager.SingleComponentManager.invokeModifiedMethod(SingleComponentManager.java:810)
>  at org.apache.felix.scr.impl.manager.SingleComponentManager.modify(SingleComponentManager.java:765)
>  at org.apache.felix.scr.impl.manager.SingleComponentManager.reconfigure(SingleComponentManager.java:683)
>  at org.apache.felix.scr.impl.manager.SingleComponentManager.reconfigure(SingleComponentManager.java:647)
>  at org.apache.felix.scr.impl.manager.ConfigurableComponentHolder.configurationUpdated(ConfigurableComponentHolder.java:435)
>  at org.apache.felix.scr.impl.manager.RegionConfigurationSupport.configurationEvent(RegionConfigurationSupport.java:288)
>  at org.apache.felix.scr.impl.manager.RegionConfigurationSupport$1.configurationEvent(RegionConfigurationSupport.java:91)
>  at org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.sendEvent(ConfigurationManager.java:1667)
>  at org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.run(ConfigurationManager.java:1635)
>  at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:126)
>  at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:123)
>  at java.base/java.security.AccessController.doPrivileged(Native Method)
>  at org.apache.felix.cm.impl.UpdateThread.run0(UpdateThread.java:122)
>  at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:105)
>  at java.base/java.lang.Thread.run(Thread.java:844)
> org.slf4j.osgi-over-slf4j[org.apache.felix.configadmin.1.9.4] : [[org.osgi.service.cm.ConfigurationAdmin]]Unexpected problem delivering configuration event to [org.osgi.service.cm.ConfigurationListener, id=18, bundle=24/mvn:org.apache.felix/org.apache.felix.configadmin/1.9.4]
> java.security.AccessControlException: access denied ("org.osgi.framework.ServicePermission" "java.lang.Runnable" "register")
>  at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>  at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>  at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>  at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:322)
>  at org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:891)
>  at org.apache.felix.scr.impl.manager.AbstractComponentManager$3.register(AbstractComponentManager.java:877)
>  at org.apache.felix.scr.impl.manager.RegistrationManager.changeRegistration(RegistrationManager.java:128)
>  at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:944)
>  at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:727)
>  at org.apache.felix.scr.impl.manager.AbstractComponentManager.enableInternal(AbstractComponentManager.java:661)
>  at org.apache.felix.scr.impl.manager.AbstractComponentManager.enable(AbstractComponentManager.java:427)
>  at org.apache.felix.scr.impl.manager.ConfigurableComponentHolder.configurationUpdated(ConfigurableComponentHolder.java:440)
>  at org.apache.felix.scr.impl.manager.RegionConfigurationSupport.configurationEvent(RegionConfigurationSupport.java:288)
>  at org.apache.felix.scr.impl.manager.RegionConfigurationSupport$1.configurationEvent(RegionConfigurationSupport.java:91)
>  at org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.sendEvent(ConfigurationManager.java:1667)
>  at org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.run(ConfigurationManager.java:1635)
>  at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:126)
>  at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:123)
>  at java.base/java.security.AccessController.doPrivileged(Native Method)
>  at org.apache.felix.cm.impl.UpdateThread.run0(UpdateThread.java:122)
>  at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:105)
>  at java.base/java.lang.Thread.run(Thread.java:844)



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)