[JBoss JIRA] (WFCORE-1266) Incorreclty bypass the SecurityManager and call AccessControl.checkPermission() directly

Monday, 4 January 2016


Jason Shepherd created WFCORE-1266:
--------------------------------------

             Summary: Incorreclty bypass the SecurityManager and call
AccessControl.checkPermission() directly
                 Key: WFCORE-1266
                 URL: https://issues.jboss.org/browse/WFCORE-1266
             Project: WildFly Core
          Issue Type: Bug
          Components: Server
    Affects Versions: 2.0.5.Final
            Reporter: Jason Shepherd
            Assignee: Jason Greene


If we modify jboss-modules to remove the allPermissions by default, then change the
WildflySecurityManager to avoid throwing exceptions, we get this error when starting
Wildfly:


{code}
 org.jboss.msc.service.StartException in service jboss.as: Failed to start service
         at
org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1904)
         at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
         at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
         at java.lang.Thread.run(Thread.java:745)
 Caused by: java.security.AccessControlException: access denied
("org.jboss.as.server.security.ServerPermission"
"setCurrentServiceContainer")
         at
java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
         at java.security.AccessController.checkPermission(AccessController.java:884)
         at
org.jboss.as.server.CurrentServiceContainer.checkPermission(CurrentServiceContainer.java:63)
         at
org.jboss.as.server.CurrentServiceContainer.setServiceContainer(CurrentServiceContainer.java:56)
         at
org.jboss.as.server.ApplicationServerService.start(ApplicationServerService.java:137)
         at
org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1948)
         at
org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1881)
         ... 3 more
{code}


--
This message was sent by Atlassian JIRA
(v6.4.11#64026)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006