java-classmate icon indicating copy to clipboard operation
java-classmate copied to clipboard

Published 20 hours ago verified publisher icon FasterXML

Consider adding PrivilegedAction (java security manager) check for com.fasterxml.classmate.ResolvedType._getMethods

Open scottmarlow opened this issue 11 years ago • 6 comments

a Java security manager (when using a Java security manager) exception that I am seeing is shown at https://gist.github.com/scottmarlow/30a83514b4d0e0fde901

Could we wrap PrivilegedAction (http://docs.oracle.com/javase/7/docs/api/java/security/PrivilegedAction.html) around code that accesses resources that need permissions? I think that would help. Example is shown at http://docs.oracle.com/javase/tutorial/ext/security/policy.html

Is this something that you are already planning or would like help with?

scottmarlow avatar Jun 26 '14 20:06 scottmarlow

I am not against code to help make ClassMate more usable on sandbox environments. I haven't had similar problems myself, so I have no current plans to work on this, but I would be interested in helping if you you or someone else wanted to submit a patch.

cowtowncoder avatar Jul 10 '14 19:07 cowtowncoder

Cool @cowtowncoder, it would make more sense to fix this on classmate. Maybe one of us will be able to help out.

hferentschik avatar Jul 10 '14 20:07 hferentschik

@hferentschik Yes, that would be great. Apologies for slow response as well; I just came back from 2 week vacation, and am trying to go over accumulated correspondence. :)

cowtowncoder avatar Jul 10 '14 20:07 cowtowncoder

no worries :-)

hferentschik avatar Jul 10 '14 20:07 hferentschik

If we were to use PrivilegedAction's around code that accesses resources that need permissions, that would allow (potentially naughty) external code to invoke the privileged code (assuming its accessible directly/indirectly). Instead, for code that is accessible (outside of ClassMate), no PrivilegedAction action should be used. For code that is only internally accessible, we could safely use PrivilegedAction (for the specific permissions needed).

I'm thinking that this issue can be closed and the callers into ClassMate, can arrange for the needed permissions to be allowed. This is not perfect, as the permissions needed, could change in the future, as the ClassMate code changes. The alternative, would be to ensure that all ClassMate code that needs privileges for certain permissions, is not accessible outside of ClassMate.

What do others think?

scottmarlow avatar Jul 24 '14 18:07 scottmarlow

@scottmarlow I concur with concerns on automatic wrapping of PrivilegedAction. Perhaps a way to register a callback (provided by caller, which could do whatever is needed), and then caller implementing that, would be reasonable compromise.

cowtowncoder avatar Jul 24 '14 21:07 cowtowncoder