[jboss-jira] [JBoss JIRA] (WFLY-2394) AccessControlContext and management users Subject leaking into thread pool of host controller executor.
RH Bugzilla Integration (JIRA)
jira-events at lists.jboss.org
Mon Nov 4 03:59:02 EST 2013
[ https://issues.jboss.org/browse/WFLY-2394?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12829685#comment-12829685 ]
RH Bugzilla Integration commented on WFLY-2394:
-----------------------------------------------
Ladislav Thon <lthon at redhat.com> made a comment on [bug 1024072|https://bugzilla.redhat.com/show_bug.cgi?id=1024072]
> AccessControlContext and management users Subject leaking into thread pool of host controller executor.
> -------------------------------------------------------------------------------------------------------
>
> Key: WFLY-2394
> URL: https://issues.jboss.org/browse/WFLY-2394
> Project: WildFly
> Issue Type: Sub-task
> Security Level: Public(Everyone can see)
> Components: Domain Management, Security
> Affects Versions: 8.0.0.Beta1
> Reporter: Darran Lofthouse
> Assignee: Darran Lofthouse
> Priority: Blocker
> Fix For: 8.0.0.CR1
>
>
> The JBossThreadFactory in use for the executor service is allowing for the AccessControlContext of the thread submitting the Runnable task to the executor to be associated with the Thread created.
> Additional precautions should be taken within the HostController to prevent this association.
> Where a Subject does need to be associated this should be handled manually.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list