[JBoss JIRA] Created: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[JBoss JIRA] Created: (JBAOP-676)...

[JBoss JIRA] Created: (JBAS-6237)...

Anil Saldhana (JIRA)

Thursday, 20 November 2008 Thu, 20 Nov '08

8:23 a.m.

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Priority: Blocker Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

Show replies by date

Scott M Stark (JIRA)

Thursday, 20 November Thu, 20 Nov

8:30 a.m.

New subject: [JBoss JIRA] Commented: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Scott M Stark commented on JBAOP-675: ------------------------------------- Also note this discussion on vfs permission that brought up what the codebase of dynamically generated code under a vfsmemory: url would be: http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4189478 dynamically generated code should only have a privileged block if we can assign the code's code source to the deployment that created the vfsmemory: url. I doubt this is solvable in the scope of this issue, but its something to consider.

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Priority: Blocker Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

-- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

Flavia Rainone (JIRA)

2:03 p.m.

New subject: [JBoss JIRA] Assigned: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Flavia Rainone reassigned JBAOP-675: ------------------------------------ Assignee: Flavia Rainone

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Flavia Rainone (JIRA)

2:45 p.m.

New subject: [JBoss JIRA] Updated: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Flavia Rainone updated JBAOP-675: --------------------------------- Attachment: jboss-aop.jar This jar contains the fix in the GenericAspectFactory class. For testing purposes.

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Flavia Rainone (JIRA)

2:55 p.m.

New subject: [JBoss JIRA] Commented: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Flavia Rainone commented on JBAOP-675: -------------------------------------- Scott, thanks for bringing that to my attention. I decided to wait till next Monday so we can see what Kabir says about it: http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4189478

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Flavia Rainone (JIRA)

2:59 p.m.

New subject: [JBoss JIRA] Commented: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Flavia Rainone commented on JBAOP-675: -------------------------------------- The fix needs to be applied in other classes of JBoss AOP that call Class<?>.getClassLoader(). I'll wait for feedback on the jar I attached before doing this, though.

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Anil Saldhana (JIRA)

4:51 p.m.

New subject: [JBoss JIRA] Updated: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Anil Saldhana updated JBAOP-675: -------------------------------- JBoss Forum Reference: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=146015

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Flavia Rainone (JIRA)

8:25 p.m.

New subject: [JBoss JIRA] Updated: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Flavia Rainone updated JBAOP-675: --------------------------------- Attachment: jboss-aop.jar All calls to Class.getClassLoader are fixed in this .jar.

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Flavia Rainone (JIRA)

Friday, 21 November Fri, 21 Nov

7:23 p.m.

New subject: [JBoss JIRA] Resolved: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Flavia Rainone resolved JBAOP-675. ---------------------------------- Resolution: Done

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Kabir Khan (JIRA)

Monday, 24 November Mon, 24 Nov

3:17 p.m.

New subject: [JBoss JIRA] Reopened: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Kabir Khan reopened JBAOP-675: ------------------------------

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Kabir Khan (JIRA)

3:19 p.m.

New subject: [JBoss JIRA] Updated: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Kabir Khan updated JBAOP-675: ----------------------------- Fix Version/s: 2.0.0.SP1 2.0.1.GA

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Fix For: 2.0.0.SP1, 2.0.1.GA Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Kabir Khan (JIRA)

3:19 p.m.

New subject: [JBoss JIRA] Closed: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Kabir Khan closed JBAOP-675. ---------------------------- Resolution: Done

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Fix For: 2.0.0.SP1, 2.0.1.GA Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Kabir Khan (JIRA)

3:52 p.m.

New subject: [JBoss JIRA] Reopened: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Kabir Khan reopened JBAOP-675: ------------------------------

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Fix For: 2.0.0.SP1, 2.0.1.GA Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

Kabir Khan (JIRA)

3:54 p.m.

New subject: [JBoss JIRA] Closed: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks

[ https://jira.jboss.org/jira/browse/JBAOP-675?page=com.atlassian.jira.plug... ] Kabir Khan closed JBAOP-675. ---------------------------- Fix Version/s: 2.1.0.GA (was: 2.0.1.GA) Resolution: Done

...

AOP weaved code needs to appropriately generate Privileged Blocks ----------------------------------------------------------------- Key: JBAOP-675 URL: https://jira.jboss.org/jira/browse/JBAOP-675 Project: JBoss AOP Issue Type: Bug Security Level: Public(Everyone can see) Affects Versions: 2.0.0.GA Reporter: Anil Saldhana Assignee: Flavia Rainone Priority: Blocker Fix For: 2.0.0.SP1, 2.1.0.GA Attachments: jboss-aop.jar, jboss-aop.jar Please generate a SP release asap. http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190733 http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4190726 When a pointcut is applied, the aop generated code calls instanceadvisor (and other aop baggage) inducing a security manager "getClassLoader" permission check. You need to wrap the advisor call in a privileged block. ================= if(System.getSecurityManager() == null) //get your advisor else { advisor = AccessController.doPrivileged(new PrivilegedAction<Advisor>(){ public Advisor run() { //aop } } } ================================ I will probably be back with more jira issues. So a few SP versions added to your project may not be bad. ;)

5906

days inactive

5910

days old

jboss-jira@lists.jboss.org

Manage subscription

13 comments

4 participants

tags (0)

participants (4)

Anil Saldhana (JIRA)
Flavia Rainone (JIRA)
Kabir Khan (JIRA)
Scott M Stark (JIRA)

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

[JBoss JIRA] Created: (JBAOP-675) AOP weaved code needs to appropriately generate Privileged Blocks