[JBoss JIRA] (WFLY-11365) Test JSONBTestCase fails with security manager

Tuesday, 8 January 2019

    [
https://issues.jboss.org/browse/WFLY-11365?page=com.atlassian.jira.plugin...
] 

Bartosz Baranowski edited comment on WFLY-11365 at 1/8/19 2:16 AM:
-------------------------------------------------------------------

{noformat}
<<ALL FILES >> perms are there because you cant wildcard file permissions to
match part of execution path.  So you cant match */modules/-/specific.jar, you either have
to specify either root prefix of path ( with /-) or whole URL. Distribution method( IMHO)
is mute point as securing container/granting access is not something OS/installation
should do, it should be handled by admin.
{noformat}

was (Author: baranowb):
<<ALL FILES >> perms are there because you cant wildcard file permissions to
match part of execution path.  So you cant match */modules/-/specific.jar, you either have
to specify either root prefix of path ( with /-) or whole URL. Distribution method( IMHO)
is mute point as securing container/granting access is not something OS/installation
should do, it should be handled by admin.

...
 Test JSONBTestCase fails with security manager
 ----------------------------------------------

                 Key: WFLY-11365
                 URL: https://issues.jboss.org/browse/WFLY-11365
             Project: WildFly
          Issue Type: Bug
          Components: EE, Test Suite
    Affects Versions: 15.0.0.Beta1
            Reporter: Martin Choma
            Assignee: Bartosz Baranowski
            Priority: Major
              Labels: security-manager
         Attachments: sm-fix.patch

 {noformat}
 org.jboss.as.test.integration.json (1)
     JSONBTestCase.testJsonbServlet
 {noformat}
 {noformat}
 java.security.AccessControlException: WFSM000001: Permission check failed (permission
"("java.io.FilePermission"
"/store/repository/org/eclipse/yasson/1.0.2/yasson-1.0.2.jar"
"read")" in code source
"(vfs:/content/jsonb10-test.war/WEB-INF/classes &lt;no signer
certificates&gt;)" of "ModuleClassLoader for Module
"deployment.jsonb10-test.war" from Service Module Loader")
  at
org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:294)
  at
org.wildfly.security.manager.WildFlySecurityManager.checkPermission(WildFlySecurityManager.java:191)
  at java.lang.SecurityManager.checkRead(SecurityManager.java:888)
  at
org.wildfly.security.manager.WildFlySecurityManager.checkRead(WildFlySecurityManager.java:359)
  at java.util.zip.ZipFile.&lt;init&gt;(ZipFile.java:216)
  at java.util.zip.ZipFile.&lt;init&gt;(ZipFile.java:155)
  at java.util.jar.JarFile.&lt;init&gt;(JarFile.java:166)
  at java.util.jar.JarFile.&lt;init&gt;(JarFile.java:103)
  at sun.net.www.protocol.jar.URLJarFile.&lt;init&gt;(URLJarFile.java:93)
  at sun.net.www.protocol.jar.URLJarFile.getJarFile(URLJarFile.java:69)
  at sun.net.www.protocol.jar.JarFileFactory.get(JarFileFactory.java:99)
  at sun.net.www.protocol.jar.JarURLConnection.connect(JarURLConnection.java:122)
  at sun.net.www.protocol.jar.JarURLConnection.getInputStream(JarURLConnection.java:152)
  at java.net.URL.openStream(URL.java:1045)
  at java.util.ServiceLoader.parse(ServiceLoader.java:304)
  at java.util.ServiceLoader.access$200(ServiceLoader.java:185)
  at java.util.ServiceLoader$LazyIterator.hasNextService(ServiceLoader.java:357)
  at java.util.ServiceLoader$LazyIterator.access$600(ServiceLoader.java:323)
  at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:396)
  at java.util.ServiceLoader$LazyIterator$1.run(ServiceLoader.java:395)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.util.ServiceLoader$LazyIterator.hasNext(ServiceLoader.java:398)
  at java.util.ServiceLoader$1.hasNext(ServiceLoader.java:474)
  at javax.json.bind.spi.JsonbProvider.provider(JsonbProvider.java:112)
  at javax.json.bind.JsonbBuilder.create(JsonbBuilder.java:108)
  at org.jboss.as.test.integration.json.JSONBServlet.doGet(JSONBServlet.java:46)	...
 {noformat}
 Looks to me similar to WFLY-11337
 [1]
https://ci.wildfly.org/viewLog.html?buildId=128138&buildTypeId=WF_Mas...

--
This message was sent by Atlassian Jira
(v7.12.1#712002)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006