8025014: Enhance Security Policy
authorweijun
Thu, 17 Oct 2013 09:58:42 +0800
changeset 22334 e86fef5f34cb
parent 22332 fba4c66089bb
child 22335 c9cbd411816f
8025014: Enhance Security Policy 6727821: Enhance JAAS Configuration Reviewed-by: xuelei, hawtin
jdk/src/share/classes/javax/security/auth/Policy.java
jdk/src/share/classes/javax/security/auth/login/Configuration.java
--- a/jdk/src/share/classes/javax/security/auth/Policy.java	Mon Oct 21 15:00:56 2013 +0100
+++ b/jdk/src/share/classes/javax/security/auth/Policy.java	Thu Oct 17 09:58:42 2013 +0800
@@ -26,6 +26,10 @@
 package javax.security.auth;
 
 import java.security.Security;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.PrivilegedExceptionAction;
+import java.util.Objects;
 import sun.security.util.Debug;
 
 /**
@@ -155,22 +159,15 @@
 public abstract class Policy {
 
     private static Policy policy;
-    private static ClassLoader contextClassLoader;
     private final static String AUTH_POLICY =
         "sun.security.provider.AuthPolicyFile";
 
+    private final java.security.AccessControlContext acc =
+            java.security.AccessController.getContext();
+
     // true if a custom (not AUTH_POLICY) system-wide policy object is set
     private static boolean isCustomPolicy;
 
-    static {
-        contextClassLoader = java.security.AccessController.doPrivileged
-                (new java.security.PrivilegedAction<ClassLoader>() {
-                public ClassLoader run() {
-                    return Thread.currentThread().getContextClassLoader();
-                }
-        });
-    };
-
     /**
      * Sole constructor.  (For invocation by subclass constructors, typically
      * implicit.)
@@ -213,8 +210,8 @@
 
                 if (policy == null) {
                     String policy_class = null;
-                    policy_class = java.security.AccessController.doPrivileged
-                        (new java.security.PrivilegedAction<String>() {
+                    policy_class = AccessController.doPrivileged
+                        (new PrivilegedAction<String>() {
                         public String run() {
                             return java.security.Security.getProperty
                                 ("auth.policy.provider");
@@ -226,18 +223,28 @@
 
                     try {
                         final String finalClass = policy_class;
-                        policy = java.security.AccessController.doPrivileged
-                            (new java.security.PrivilegedExceptionAction<Policy>() {
-                            public Policy run() throws ClassNotFoundException,
-                                                InstantiationException,
-                                                IllegalAccessException {
-                                return (Policy) Class.forName
-                                        (finalClass,
-                                        true,
-                                        contextClassLoader).newInstance();
-                            }
-                        });
-                        isCustomPolicy = !finalClass.equals(AUTH_POLICY);
+
+                        Policy untrustedImpl = AccessController.doPrivileged(
+                                new PrivilegedExceptionAction<Policy>() {
+                                    public Policy run() throws ClassNotFoundException,
+                                            InstantiationException,
+                                            IllegalAccessException {
+                                        Class<? extends Policy> implClass = Class.forName(
+                                                finalClass, false,
+                                                Thread.currentThread().getContextClassLoader()
+                                        ).asSubclass(Policy.class);
+                                        return implClass.newInstance();
+                                    }
+                                });
+                        AccessController.doPrivileged(
+                                new PrivilegedExceptionAction<Void>() {
+                                    public Void run() {
+                                        setPolicy(untrustedImpl);
+                                        isCustomPolicy = !finalClass.equals(AUTH_POLICY);
+                                        return null;
+                                    }
+                                }, Objects.requireNonNull(untrustedImpl.acc)
+                        );
                     } catch (Exception e) {
                         throw new SecurityException
                                 (sun.security.util.ResourcesMgr.getString
--- a/jdk/src/share/classes/javax/security/auth/login/Configuration.java	Mon Oct 21 15:00:56 2013 +0100
+++ b/jdk/src/share/classes/javax/security/auth/login/Configuration.java	Thu Oct 17 09:58:42 2013 +0800
@@ -27,9 +27,6 @@
 
 import javax.security.auth.AuthPermission;
 
-import java.io.*;
-import java.util.*;
-import java.net.URI;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
 import java.security.PrivilegedExceptionAction;
@@ -38,7 +35,7 @@
 import java.security.NoSuchProviderException;
 import java.security.Provider;
 import java.security.Security;
-import java.security.SecurityPermission;
+import java.util.Objects;
 
 import sun.security.jca.GetInstance;
 
@@ -191,16 +188,9 @@
 public abstract class Configuration {
 
     private static Configuration configuration;
-    private static ClassLoader contextClassLoader;
 
-    static {
-        contextClassLoader = AccessController.doPrivileged
-                (new PrivilegedAction<ClassLoader>() {
-                public ClassLoader run() {
-                    return Thread.currentThread().getContextClassLoader();
-                }
-        });
-    };
+    private final java.security.AccessControlContext acc =
+            java.security.AccessController.getContext();
 
     private static void checkPermission(String type) {
         SecurityManager sm = System.getSecurityManager();
@@ -253,17 +243,26 @@
 
                 try {
                     final String finalClass = config_class;
-                    configuration = AccessController.doPrivileged
-                        (new PrivilegedExceptionAction<Configuration>() {
-                        public Configuration run() throws ClassNotFoundException,
-                                            InstantiationException,
-                                            IllegalAccessException {
-                            return (Configuration)Class.forName
-                                    (finalClass,
-                                    true,
-                                    contextClassLoader).newInstance();
-                        }
-                    });
+                    Configuration untrustedImpl = AccessController.doPrivileged(
+                            new PrivilegedExceptionAction<Configuration>() {
+                                public Configuration run() throws ClassNotFoundException,
+                                        InstantiationException,
+                                        IllegalAccessException {
+                                    Class<? extends Configuration> implClass = Class.forName(
+                                            finalClass, false,
+                                            Thread.currentThread().getContextClassLoader()
+                                    ).asSubclass(Configuration.class);
+                                    return implClass.newInstance();
+                                }
+                            });
+                    AccessController.doPrivileged(
+                            new PrivilegedExceptionAction<Void>() {
+                                public Void run() {
+                                    setConfiguration(untrustedImpl);
+                                    return null;
+                                }
+                            }, Objects.requireNonNull(untrustedImpl.acc)
+                    );
                 } catch (PrivilegedActionException e) {
                     Exception ee = e.getException();
                     if (ee instanceof InstantiationException) {