7169888: Narrowing resource definitions in JMX RMI connector
Summary: CPU bug, we can't put offending calls outside doPrivileged, but narrow granted permissions.
Reviewed-by: ahgross, fparain
--- a/jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java Fri Jun 22 16:22:22 2012 +0400
+++ b/jdk/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java Fri Jun 22 18:19:48 2012 +0400
@@ -25,6 +25,30 @@
package javax.management.remote.rmi;
+import java.io.IOException;
+import java.rmi.MarshalledObject;
+import java.rmi.UnmarshalException;
+import java.rmi.server.Unreferenced;
+import java.security.AccessControlContext;
+import java.security.AccessController;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
+import java.security.ProtectionDomain;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.Map;
+import java.util.Set;
+
+import javax.management.*;
+import javax.management.remote.JMXServerErrorException;
+import javax.management.remote.NotificationResult;
+import javax.management.remote.TargetedNotification;
+import javax.security.auth.Subject;
+
import static com.sun.jmx.mbeanserver.Util.cast;
import com.sun.jmx.remote.internal.ServerCommunicatorAdmin;
import com.sun.jmx.remote.internal.ServerNotifForwarder;
@@ -35,44 +59,6 @@
import com.sun.jmx.remote.util.EnvHelp;
import com.sun.jmx.remote.util.OrderClassLoaders;
-import java.io.IOException;
-import java.rmi.MarshalledObject;
-import java.rmi.UnmarshalException;
-import java.rmi.server.Unreferenced;
-import java.security.AccessControlContext;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Map;
-import java.util.Set;
-
-import javax.management.Attribute;
-import javax.management.AttributeList;
-import javax.management.AttributeNotFoundException;
-import javax.management.InstanceAlreadyExistsException;
-import javax.management.InstanceNotFoundException;
-import javax.management.IntrospectionException;
-import javax.management.InvalidAttributeValueException;
-import javax.management.ListenerNotFoundException;
-import javax.management.MBeanException;
-import javax.management.MBeanInfo;
-import javax.management.MBeanRegistrationException;
-import javax.management.MBeanServer;
-import javax.management.NotCompliantMBeanException;
-import javax.management.NotificationFilter;
-import javax.management.ObjectInstance;
-import javax.management.ObjectName;
-import javax.management.QueryExp;
-import javax.management.ReflectionException;
-import javax.management.RuntimeOperationsException;
-import javax.management.remote.JMXServerErrorException;
-import javax.management.remote.NotificationResult;
-import javax.management.remote.TargetedNotification;
-import javax.security.auth.Subject;
-
/**
* <p>Implementation of the {@link RMIConnection} interface. User
* code will not usually reference this class.</p>
@@ -143,6 +129,7 @@
this.mbeanServer = rmiServer.getMBeanServer();
final ClassLoader dcl = defaultClassLoader;
+
this.classLoaderWithRepository =
AccessController.doPrivileged(
new PrivilegedAction<ClassLoaderWithRepository>() {
@@ -151,13 +138,29 @@
mbeanServer.getClassLoaderRepository(),
dcl);
}
- });
+ },
+
+ withPermissions( new MBeanPermission("*", "getClassLoaderRepository"),
+ new RuntimePermission("createClassLoader"))
+ );
+
serverCommunicatorAdmin = new
RMIServerCommunicatorAdmin(EnvHelp.getServerConnectionTimeout(env));
this.env = env;
}
+ private static AccessControlContext withPermissions(Permission ... perms){
+ Permissions col = new Permissions();
+
+ for (Permission thePerm : perms ) {
+ col.add(thePerm);
+ }
+
+ final ProtectionDomain pd = new ProtectionDomain(null, col);
+ return new AccessControlContext( new ProtectionDomain[] { pd });
+ }
+
private synchronized ServerNotifForwarder getServerNotifFwd() {
// Lazily created when first use. Mainly when
// addNotificationListener is first called.
@@ -1330,7 +1333,9 @@
public ClassLoader run() throws InstanceNotFoundException {
return mbeanServer.getClassLoader(name);
}
- });
+ },
+ withPermissions(new MBeanPermission("*", "getClassLoader"))
+ );
} catch (PrivilegedActionException pe) {
throw (InstanceNotFoundException) extractException(pe);
}
@@ -1345,7 +1350,9 @@
public Object run() throws InstanceNotFoundException {
return mbeanServer.getClassLoaderFor(name);
}
- });
+ },
+ withPermissions(new MBeanPermission("*", "getClassLoaderFor"))
+ );
} catch (PrivilegedActionException pe) {
throw (InstanceNotFoundException) extractException(pe);
}