security-manager minimum-set for MBeanServerPermission createMBeanServer not working but permissions.xml does ------------------------------------------------------------------------------------------------------------- Key: WFCORE-4374 URL: https://issues.jboss.org/browse/WFCORE-4374 Project: WildFly Core Issue Type: Bug Components: Security Reporter: Bartosz Spyrko-Śmietanko Assignee: Bartosz Spyrko-Śmietanko Priority: Major When configuring a jdbc driver deployment jar with permissions.xml it I was able to resolve all of the needed permissions. But then when I remove the permissions.xml from the deployment and define the same permissions in the security-manager, it fails saying it requires the javax.management.MBeanServerPermission createMBeanServer even though it is defined in the subsystem. {code} 23:41:13,007 ERROR [stderr] (ServerService Thread Pool -- 81) java.security.AccessControlException: WFSM000001: Permission check failed (permission "("javax.management.MBeanServerPermission" "createMBeanServer")" in code source "(vfs:/Users/bmaxwell/Downloads/02291781/jboss-eap-7.3/standalone/deployments/createMBeanServer.jar <no signer certificates>)" of "ModuleClassLoader for Module "deployment.createMBeanServer.jar" from Service Module Loader") {code} {code} <minimum-set> <permission class="javax.management.MBeanServerPermission" name="createMBeanServer"/> </minimum-set> {code} If you put a permissions.xml in the deployment's META-INF with this below then it works fine. The other permissions I used for the jdbc driver seemed to work fine, it is just this one that seems inconsistent for some reason. {code} <?xml version="1.0" encoding="UTF-8"?> <permissions xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/permissions_7.xsd" version="7"> <permission> <class-name>javax.management.MBeanServerPermission</class-name> <name>createMBeanServer</name> </permission> </permissions> {code}