You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by ma...@apache.org on 2023/01/05 10:00:57 UTC

[tomcat] branch 8.5.x updated: Fix BZ 66370 Change default for GET_CLASSLOADER_USE_PRIVILEGED

This is an automated email from the ASF dual-hosted git repository.

markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git


The following commit(s) were added to refs/heads/8.5.x by this push:
     new 057158231c Fix BZ 66370 Change default for GET_CLASSLOADER_USE_PRIVILEGED
057158231c is described below

commit 057158231c6b6c3cd7e273668ebcae6fa3c2d9c5
Author: Mark Thomas <ma...@apache.org>
AuthorDate: Thu Dec 15 17:17:04 2022 +0000

    Fix BZ 66370 Change default for GET_CLASSLOADER_USE_PRIVILEGED
    
    When running on Tomcat the EL library is called from within a
    privileged block so the additional privileged block is unnecessary.
    When not on Tomcat, use the additional privileged block
    https://bz.apache.org/bugzilla/show_bug.cgi?id=66370
---
 conf/catalina.properties   |  4 ++++
 java/javax/el/Util.java    | 26 +++++++++++++++++++++++---
 webapps/docs/changelog.xml | 12 ++++++++++++
 3 files changed, 39 insertions(+), 3 deletions(-)

diff --git a/conf/catalina.properties b/conf/catalina.properties
index a6c423a272..7a7184551e 100644
--- a/conf/catalina.properties
+++ b/conf/catalina.properties
@@ -215,3 +215,7 @@ tomcat.util.buf.StringCache.byte.enabled=true
 # Allow for changes to HTTP request validation
 # WARNING: Using this option may expose the server to CVE-2016-6816
 #tomcat.util.http.parser.HttpParser.requestTargetAllow=|
+
+# Disable use of some privilege blocks Tomcat doesn't need since calls to the
+# code in question are always already inside a privilege block
+org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED=false
diff --git a/java/javax/el/Util.java b/java/javax/el/Util.java
index 58d16e8d77..70675f8eb7 100644
--- a/java/javax/el/Util.java
+++ b/java/javax/el/Util.java
@@ -43,8 +43,28 @@ class Util {
     private static final Class<?>[] EMPTY_CLASS_ARRAY = new Class<?>[0];
     private static final Object[] EMPTY_OBJECT_ARRAY = new Object[0];
 
-    private static final boolean GET_CLASSLOADER_USE_PRIVILEGED =
-            Boolean.getBoolean("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED");
+    private static final boolean IS_SECURITY_ENABLED = (System.getSecurityManager() != null);
+
+    private static final boolean GET_CLASSLOADER_USE_PRIVILEGED;
+
+    static {
+        if (IS_SECURITY_ENABLED) {
+            // Defaults to using a privileged block
+            // When running on Tomcat this will be set to false in
+            // $CATALINA_BASE/conf/catalina.properties
+            String value = AccessController.doPrivileged(new PrivilegedAction<String>() {
+                @Override
+                public String run() {
+                    return System.getProperty("org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED", "true");
+                }
+            });
+            GET_CLASSLOADER_USE_PRIVILEGED = Boolean.parseBoolean(value);
+        } else {
+            // No security manager - no need to use a privileged block.
+            GET_CLASSLOADER_USE_PRIVILEGED = false;
+        }
+    }
+
 
     /**
      * Checks whether the supplied Throwable is one that needs to be
@@ -652,7 +672,7 @@ class Util {
 
     static ClassLoader getContextClassLoader() {
         ClassLoader tccl;
-        if (System.getSecurityManager() != null && GET_CLASSLOADER_USE_PRIVILEGED) {
+        if (IS_SECURITY_ENABLED && GET_CLASSLOADER_USE_PRIVILEGED) {
             PrivilegedAction<ClassLoader> pa = new PrivilegedGetTccl();
             tccl = AccessController.doPrivileged(pa);
         } else {
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index f755cdaaf4..bae4a80798 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -149,6 +149,18 @@
       </fix>
     </changelog>
   </subsection>
+  <subsection name="Jasper">
+    <changelog>
+      <fix>
+        <bug>66370</bug>: Change the default of the
+        <code>org.apache.el.GET_CLASSLOADER_USE_PRIVILEGED</code> system
+        property to <code>true</code> unless the EL library is running on Tomcat
+        in which case the default remains <code>false</code> as the EL library
+        is already called from within a privileged block and skipping the
+        unnecessary privileged block improves performance. (markt)
+      </fix>
+    </changelog>
+  </subsection>
   <subsection name="Web applications">
     <changelog>
       <fix>


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org