Author: remy.maucherat(a)jboss.com Date: 2008-12-01 08:37:34 -0500 (Mon, 01 Dec 2008) New Revision: 870 Modified: trunk/PATCHES.txt trunk/conf/catalina.policy trunk/java/org/apache/catalina/core/DefaultInstanceManager.java trunk/java/org/apache/catalina/security/SecurityClassLoad.java trunk/java/org/apache/jasper/runtime/JspApplicationContextImpl.java trunk/webapps/docs/changelog.xml Log: - Various security manager fixes. Modified: trunk/PATCHES.txt =================================================================== --- trunk/PATCHES.txt 2008-11-28 16:17:45 UTC (rev 869) +++ trunk/PATCHES.txt 2008-12-01 13:37:34 UTC (rev 870) @@ -26,3 +26,7 @@ 720728 Multiple pollers, which adds the complexity of needing a map to track to which poller a connection belongs (needed in IO event mode). There are 3 pollers already, which should be able to handle a lot of traffic. + +various +All changesets introducing generics, which have small value (new code or refactorings should use generics, +however) Modified: trunk/conf/catalina.policy =================================================================== --- trunk/conf/catalina.policy 2008-11-28 16:17:45 UTC (rev 869) +++ trunk/conf/catalina.policy 2008-12-01 13:37:34 UTC (rev 870) @@ -1,5 +1,20 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more +// contributor license agreements. See the NOTICE file distributed with +// this work for additional information regarding copyright ownership. +// The ASF licenses this file to You under the Apache License, Version 2.0 +// (the "License"); you may not use this file except in compliance with +// the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + // ============================================================================ -// catalina.corepolicy - Security Policy Permissions for Tomcat 5 +// catalina.corepolicy - Security Policy Permissions for JBoss Web // // This file contains a default set of security policies to be enforced (by the // JVM) when Catalina is executed with the "-security" option. In addition @@ -49,7 +64,7 @@ grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" { permission java.util.PropertyPermission "java.util.logging.config.class", "read"; permission java.util.PropertyPermission "java.util.logging.config.file", "read"; - permission java.io.FilePermission "${java.home}${file.separator}lib${file.separator}logging.properties", "read"; + permission java.io.FilePermission "${java.home}${file.separator}lib${file.separator}logging.properties", "read"; permission java.lang.RuntimePermission "shutdownHooks"; permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read"; permission java.util.PropertyPermission "catalina.base", "read"; @@ -102,27 +117,31 @@ permission java.util.PropertyPermission "java.vendor", "read"; permission java.util.PropertyPermission "java.vendor.url", "read"; permission java.util.PropertyPermission "java.class.version", "read"; - permission java.util.PropertyPermission "java.specification.version", "read"; - permission java.util.PropertyPermission "java.specification.vendor", "read"; - permission java.util.PropertyPermission "java.specification.name", "read"; + permission java.util.PropertyPermission "java.specification.version", "read"; + permission java.util.PropertyPermission "java.specification.vendor", "read"; + permission java.util.PropertyPermission "java.specification.name", "read"; - permission java.util.PropertyPermission "java.vm.specification.version", "read"; - permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; - permission java.util.PropertyPermission "java.vm.specification.name", "read"; - permission java.util.PropertyPermission "java.vm.version", "read"; - permission java.util.PropertyPermission "java.vm.vendor", "read"; - permission java.util.PropertyPermission "java.vm.name", "read"; + permission java.util.PropertyPermission "java.vm.specification.version", "read"; + permission java.util.PropertyPermission "java.vm.specification.vendor", "read"; + permission java.util.PropertyPermission "java.vm.specification.name", "read"; + permission java.util.PropertyPermission "java.vm.version", "read"; + permission java.util.PropertyPermission "java.vm.vendor", "read"; + permission java.util.PropertyPermission "java.vm.name", "read"; // Required for OpenJMX permission java.lang.RuntimePermission "getAttribute"; - // Allow read of JAXP compliant XML parser debug - permission java.util.PropertyPermission "jaxp.debug", "read"; + // Allow read of JAXP compliant XML parser debug + permission java.util.PropertyPermission "jaxp.debug", "read"; - // Precompiled JSPs need access to this package. + // Precompiled JSPs need access to these packages. + permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.el"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime"; permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*"; + // Precompiled JSPs need access to these system properties. + permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read"; + permission java.util.PropertyPermission "org.apache.el.parser.COERCE_TO_ZERO", "read"; }; Modified: trunk/java/org/apache/catalina/core/DefaultInstanceManager.java =================================================================== --- trunk/java/org/apache/catalina/core/DefaultInstanceManager.java 2008-11-28 16:17:45 UTC (rev 869) +++ trunk/java/org/apache/catalina/core/DefaultInstanceManager.java 2008-12-01 13:37:34 UTC (rev 870) @@ -52,7 +52,7 @@ import org.apache.catalina.util.StringManager; /** - * @version $Rev:$ $Date:$ + * @version $Rev$ $Date$ */ public class DefaultInstanceManager implements InstanceManager { @@ -205,14 +205,24 @@ * @throws java.lang.reflect.InvocationTargetException * if call fails */ - protected void preDestroy(Object instance, Class<?> clazz) + protected void preDestroy(Object instance, final Class<?> clazz) throws IllegalAccessException, InvocationTargetException { Class<?> superClass = clazz.getSuperclass(); if (superClass != Object.class) { preDestroy(instance, superClass); } - Method[] methods = clazz.getDeclaredMethods(); + Method[] methods; + if (Globals.IS_SECURITY_ENABLED) { + methods = AccessController.doPrivileged( + new PrivilegedAction<Method[]>(){ + public Method[] run(){ + return clazz.getDeclaredMethods(); + } + }); + } else { + methods = clazz.getDeclaredMethods(); + } Method preDestroy = null; for (Method method : methods) { if (method.isAnnotationPresent(PreDestroy.class)) { Modified: trunk/java/org/apache/catalina/security/SecurityClassLoad.java =================================================================== --- trunk/java/org/apache/catalina/security/SecurityClassLoad.java 2008-11-28 16:17:45 UTC (rev 869) +++ trunk/java/org/apache/catalina/security/SecurityClassLoad.java 2008-12-01 13:37:34 UTC (rev 870) @@ -64,6 +64,21 @@ "core.ContainerBase$PrivilegedAddChild"); loader.loadClass (basePackage + + "core.DefaultInstanceManager$1"); + loader.loadClass + (basePackage + + "core.DefaultInstanceManager$2"); + loader.loadClass + (basePackage + + "core.DefaultInstanceManager$3"); + loader.loadClass + (basePackage + + "core.DefaultInstanceManager$4"); + loader.loadClass + (basePackage + + "core.DefaultInstanceManager$5"); + loader.loadClass + (basePackage + "core.ApplicationHttpRequest$AttributeNamesEnumerator"); } Modified: trunk/java/org/apache/jasper/runtime/JspApplicationContextImpl.java =================================================================== --- trunk/java/org/apache/jasper/runtime/JspApplicationContextImpl.java 2008-11-28 16:17:45 UTC (rev 869) +++ trunk/java/org/apache/jasper/runtime/JspApplicationContextImpl.java 2008-12-01 13:37:34 UTC (rev 870) @@ -16,6 +16,8 @@ */ package org.apache.jasper.runtime; +import java.security.AccessController; +import java.security.PrivilegedAction; import java.util.ArrayList; import java.util.Iterator; import java.util.List; @@ -37,6 +39,7 @@ import javax.servlet.jsp.el.ScopedAttributeELResolver; import org.apache.el.ExpressionFactoryImpl; +import org.apache.jasper.Constants; import org.apache.jasper.el.ELContextImpl; /** @@ -88,8 +91,18 @@ } // create ELContext for JspContext - ELResolver r = this.createELResolver(); - ELContextImpl ctx = new ELContextImpl(r); + final ELResolver r = this.createELResolver(); + ELContextImpl ctx; + if (Constants.IS_SECURITY_ENABLED) { + ctx = AccessController.doPrivileged( + new PrivilegedAction<ELContextImpl>() { + public ELContextImpl run() { + return new ELContextImpl(r); + } + }); + } else { + ctx = new ELContextImpl(r); + } ctx.putContext(JspContext.class, context); // alert all ELContextListeners Modified: trunk/webapps/docs/changelog.xml =================================================================== --- trunk/webapps/docs/changelog.xml 2008-11-28 16:17:45 UTC (rev 869) +++ trunk/webapps/docs/changelog.xml 2008-12-01 13:37:34 UTC (rev 870) @@ -51,8 +51,18 @@ <fix> Possible NPE on shutdown of ClusterListener. (remm) </fix> + <fix> + InstanceManager security manager fixes. (markt) + </fix> </changelog> </subsection> + <subsection name="Jasper"> + <changelog> + <fix> + EL security manager fixes. (markt) + </fix> + </changelog> + </subsection> </section> <section name="JBoss Web 2.1.1.GA (remm)">