You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@river.apache.org by "Mark Brouwer (JIRA)" <ji...@apache.org> on 2007/05/10 10:43:15 UTC
[jira] Created: (RIVER-26) Make UmbrellaGrantPermission work with
DynamicPolicy
Make UmbrellaGrantPermission work with DynamicPolicy
----------------------------------------------------
Key: RIVER-26
URL: https://issues.apache.org/jira/browse/RIVER-26
Project: River
Issue Type: Improvement
Reporter: Mark Brouwer
Priority: Minor
{{net.jini.security.policy.UmbrellaGrantPermission}} is only applicable to {{net.jini.security.policy.PolicyFileProvider}}, see http://archives.java.sun.com/cgi-bin/wa?A2=ind0607&L=jini-users&F=&S=&P=14665 for more detailed information.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RIVER-26) Make UmbrellaGrantPermission work with
DynamicPolicy
Posted by "Mark Brouwer (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RIVER-26?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Brouwer updated RIVER-26:
------------------------------
Component/s: net_jini_security
Affects Version/s: jtsk_2.1
> Make UmbrellaGrantPermission work with DynamicPolicy
> ----------------------------------------------------
>
> Key: RIVER-26
> URL: https://issues.apache.org/jira/browse/RIVER-26
> Project: River
> Issue Type: Improvement
> Components: net_jini_security
> Affects Versions: jtsk_2.1
> Reporter: Mark Brouwer
> Priority: Minor
>
> {{net.jini.security.policy.UmbrellaGrantPermission}} is only applicable to {{net.jini.security.policy.PolicyFileProvider}}, see http://archives.java.sun.com/cgi-bin/wa?A2=ind0607&L=jini-users&F=&S=&P=14665 for more detailed information.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RIVER-26) Make UmbrellaGrantPermission work with
DynamicPolicy
Posted by "Peter Firmstone (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RIVER-26?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796922#action_12796922 ]
Peter Firmstone commented on RIVER-26:
--------------------------------------
access: access denied (net.jini.security.GrantPermission java.net.SocketPermission "*:1024-", "connect,resolve";)
java.lang.Exception: Stack trace
at java.lang.Thread.dumpStack(Thread.java:1064)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:258)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:524)
at net.jini.security.policy.DynamicPolicyProvider.grant(DynamicPolicyProvider.java:210)
at org.cheiron.seven.security.ContextPolicyProvider.grant(ContextPolicyProvider.java:145)
at net.jini.security.Security.grant(Security.java:695)
at net.jini.security.Security.grant(Security.java:640)
at net.jini.security.BasicProxyPreparer.grant(BasicProxyPreparer.java:334)
at net.jini.security.BasicProxyPreparer.prepareProxy(BasicProxyPreparer.java:260)
at net.jini.discovery.LookupDiscovery$3.run(LookupDiscovery.java:2409)
at org.cheiron.seven.security.ContextSecurityManager$5.run(ContextSecurityManager.java:439)
at java.security.AccessController.doPrivileged(Native Method)
at net.jini.discovery.LookupDiscovery.maybeAddNewRegistrar(LookupDiscovery.java:2405)
at net.jini.discovery.LookupDiscovery.access$3700(LookupDiscovery.java:674)
at net.jini.discovery.LookupDiscovery$UnicastDiscoveryTask.run(LookupDiscovery.java:1542)
at org.cheiron.util.thread.VirtualTaskManager$ShareableTask.run(VirtualTaskManager.java:416)
at org.cheiron.util.thread.ThreadPoolImpl$ContextTask$1.run(ThreadPoolImpl.java:1527)
at org.cheiron.seven.security.ContextSecurityManager$4.run(ContextSecurityManager.java:410)
at java.security.AccessController.doPrivileged(Native Method)
at org.cheiron.util.thread.ThreadPoolImpl$ContextTask.run(ThreadPoolImpl.java:1522)
at org.cheiron.util.thread.ThreadPoolImpl$WorkerThread.run(ThreadPoolImpl.java:2657)
access: access allowed (java.util.PropertyPermission java.security.debug read)
access: access allowed (java.io.FilePermission D:\workspace\cheiron\seven_0.1\services\1.3.6.1.4.12543.2.1\v0.1.1\lib\services.jar read)
access: access allowed (java.io.FilePermission D:\workspace\cheiron\seven_0.1\services\1.3.6.1.4.12543.2.1\v0.1.1\lib\services.jar read)
access: access allowed (java.io.FilePermission D:\workspace\cheiron\seven_0.1\services\1.3.6.1.4.12543.2.1\v0.1.1\lib\services.jar read)
access: domain that failed ProtectionDomain (dfile:/D:/workspace/cheiron/seven_0.1/services/1.3.6.1.4.12543.2.1/v0.1.1/lib/services.jar <no certificates>)
org.cheiron.seven.loader.ContextClassLoader@12524b0["dfile:/D:/workspace/cheiron/seven_0.1/lib/preferred.jar dfile:/D:/workspace/cheiron/seven_0.1/services/1.3.6.1.4.12543.2.1/v0.1.1/lib/services.jar"]
<no principals>
java.security.Permissions@f7cbcc (
(net.jini.security.policy.UmbrellaGrantPermission )
(java.net.SocketPermission localhost:1024- listen,resolve)
(java.net.SocketPermission *:1024- connect,accept,resolve)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission java.vm.specification.vendor read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission java.specification.vendor read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission os.arch read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission line.separator read)
(java.io.FilePermission \D:\workspace\cheiron\seven_0.1\services\1.3.6.1.4.12543.2.1\v0.1.1\lib\services.jar read)
(net.jini.discovery.DiscoveryPermission *)
)
> Make UmbrellaGrantPermission work with DynamicPolicy
> ----------------------------------------------------
>
> Key: RIVER-26
> URL: https://issues.apache.org/jira/browse/RIVER-26
> Project: River
> Issue Type: Improvement
> Components: net_jini_security
> Affects Versions: jtsk_2.1
> Reporter: Mark Brouwer
> Priority: Minor
>
> {{net.jini.security.policy.UmbrellaGrantPermission}} is only applicable to {{net.jini.security.policy.PolicyFileProvider}}, see http://archives.java.sun.com/cgi-bin/wa?A2=ind0607&L=jini-users&F=&S=&P=14665 for more detailed information.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RIVER-26) Make UmbrellaGrantPermission work with
DynamicPolicy
Posted by "Peter Firmstone (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RIVER-26?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12885940#action_12885940 ]
Peter Firmstone commented on RIVER-26:
--------------------------------------
It would appear that this is a desirable feature for a RevokeableDynamicPolicy, which in order to allow Permission's to be Revoked, must not return dynamic grants via Policy.getPermissions(ProtectionDomain), lest they become merged with the ProtectionDomain's private Permissions, PermissionCollection.
A RevokeableDyanamicPolicy must rely on an underlying file based policy, to provide an initial set of Permission's, the utilisation of UmbrellaGrantPermission will minimise the number of Permission's that must be granted by the underlying file based policy and thus increasing the scope of Permission's able to be revoked, also minimising the penalty of the redundant implies call made to the ProtectionDomain's own Permissions after checking the Policy.
This feature has been added to ConcurrentDynamicPolicyProvider, pending testing, it will be committed shortly.
See also River-323
> Make UmbrellaGrantPermission work with DynamicPolicy
> ----------------------------------------------------
>
> Key: RIVER-26
> URL: https://issues.apache.org/jira/browse/RIVER-26
> Project: River
> Issue Type: Improvement
> Components: net_jini_security
> Affects Versions: jtsk_2.1
> Reporter: Mark Brouwer
> Priority: Minor
>
> {{net.jini.security.policy.UmbrellaGrantPermission}} is only applicable to {{net.jini.security.policy.PolicyFileProvider}}, see http://archives.java.sun.com/cgi-bin/wa?A2=ind0607&L=jini-users&F=&S=&P=14665 for more detailed information.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (RIVER-26) Make UmbrellaGrantPermission work with
DynamicPolicy
Posted by "Peter Firmstone (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RIVER-26?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12796921#action_12796921 ]
Peter Firmstone commented on RIVER-26:
--------------------------------------
Copied from link above:
Recently I've been reconstructing the security facilities within Seven
and I just ran into what I believe is an omission in
DynamicPolicyProvider with regard to dynamically granting permissions.
Please see the snippet attached that contains the output of running
Seven with "-Djava.security.debug=access:failure", as you can see it
reports it fails on not having a permission of:
net.jini.security.GrantPermission java.net.SocketPermission
"*:1024-", "connect,resolve"
But the failing protection domain has an UmbrellaGrantPermission and it
has the appropriate SocketPermission that should allow for being able to
grant the SocketPermission dynamically. So at first sight it seems that
somebody is lying during permission checks ...
I must admit that this really confused me, but digging the code and the
specs revealed that UmbrellaGrantPermission seems to be 'tied' to
PolicyFileProvider and the thing is that Seven dynamically grants
permissions to protection domains (in this case also the
UmbrellaGrantPermission) during deployment of services, and these
protection domains are responsible for dynamically granting permissions
to mobile code, etc.
The net effect is that expansion of the UmbrellaGrantPermission
doesn't take place as I hoped it would. I think this is a real bummer
and I really wonder why the support of UmbrellaGrantPermission was not
stretched to the specifications for DynamicPolicy (in the case dynamic
grants are supported) where it seems more appropriate than just
PolicyFileProvider. Or in other words why weren't the semantics of
UmbrellaGrantPermission generalized but tied (as it seems) to
PolicyFileProvider.
I solved it by granting GrantPermissions dynamically so in this case it
imposed no real problem as Seven can create a GrantPermission for all
the permissions dynamically granted (likely faster than expanding the
UmbrellaGrantPermission), but for permission used in proxy
preparation it would be nice if people don't have to handcraft these
GrantPermissions or I have to find another work around and could use
UmbrellaGrantPermission here too.
--
Mark
> Make UmbrellaGrantPermission work with DynamicPolicy
> ----------------------------------------------------
>
> Key: RIVER-26
> URL: https://issues.apache.org/jira/browse/RIVER-26
> Project: River
> Issue Type: Improvement
> Components: net_jini_security
> Affects Versions: jtsk_2.1
> Reporter: Mark Brouwer
> Priority: Minor
>
> {{net.jini.security.policy.UmbrellaGrantPermission}} is only applicable to {{net.jini.security.policy.PolicyFileProvider}}, see http://archives.java.sun.com/cgi-bin/wa?A2=ind0607&L=jini-users&F=&S=&P=14665 for more detailed information.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.