You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Karl Pauls (JIRA)" <ji...@apache.org> on 2013/02/01 22:16:13 UTC
[jira] [Resolved] (FELIX-3367) getClassloader permission
[ https://issues.apache.org/jira/browse/FELIX-3367?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Karl Pauls resolved FELIX-3367.
-------------------------------
Resolution: Fixed
I made it so that we call getParent in a secure action. This should fix this issues. Please close if it works for you.
> getClassloader permission
> -------------------------
>
> Key: FELIX-3367
> URL: https://issues.apache.org/jira/browse/FELIX-3367
> Project: Felix
> Issue Type: Bug
> Components: Framework
> Affects Versions: framework-3.2.2
> Reporter: Andie Similon
> Assignee: Karl Pauls
> Fix For: framework-4.2.0
>
>
> When I deny getClassloader with conditional permission admin for a specific bundle the bundle throws a securityexception when starting the bundle.
> org.osgi.framework.BundleException: Activator start error in bundle HelloBundle [3].
> at org.apache.felix.framework.Felix.activateBundle (Felix.java:1908)
> at org.apache.felix.framework.Felix.startBundle (Felix.java:1783)
> at org.apache.felix.framework.BundleImpl.start (BundleImpl.java:919)
> at com.technicolor.osgi.bundle.bm.tasks.StartTask.run (StartTask.java:77)
> at com.technicolor.osgi.bundle.bm.TaskQueue$1.run (TaskQueue.java:92)
> at java.lang.Thread.run (Unknown Source, bco=16)
> Caused by: java.lang.SecurityException: java.security.AccessControlException: permission failure
> at org.apache.felix.framework.Felix$1.checkPermission (Felix.java:586)
> at java.lang.ClassLoader.getParent (Unknown Source, bco=36)
> at org.apache.felix.framework.ModuleImpl.getBootDelegationClassLoader (ModuleImpl.java:1654)
> at org.apache.felix.framework.ModuleImpl.findClassOrResourceByDelegation (ModuleImpl.java:697)
> at org.apache.felix.framework.ModuleImpl.access$400 (ModuleImpl.java:71)
> at org.apache.felix.framework.ModuleImpl$ModuleClassLoader.loadClass (ModuleImpl.java:1768)
> at java.lang.ClassLoader.loadClass (Native Method)
> at java.lang.ClassLoader.handleLoadClass (Native Method)
> at java.lang.ClassLoader.handleLoadClass (Native Method)
> at HelloBundle.Activator.<init> (Activator.java:12)
> at org.apache.felix.framework.Felix.createBundleActivator (Felix.java:3716)
> at org.apache.felix.framework.Felix.activateBundle (Felix.java:1856)
> ... 5 more
> Caused by: java.security.AccessControlException: permission failure
> at java.security.AccessControlContext.checkPermission (Unknown Source, bco=47)
> at java.security.AccessController.checkPermission (Unknown Source, bco=21)
> at java.lang.SecurityManager.checkPermission (Unknown Source, bco=4)
> at org.apache.felix.framework.Felix$1.checkPermission (Felix.java:587)
> ... 16 more
> shouldn't "activator = (BundleActivator) clazz.newInstance();" in createBundleActivator happen in doPrivileged ? For example:
> try {
> activator = (BundleActivator) AccessController.doPrivileged(new PrivilegedExceptionAction() {
> public Object run() throws Exception {
> return (BundleActivator) clazz.newInstance();
> }
> });
> } catch (PrivilegedActionException e) {
> throw e.getException();
> }
> works.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira