[cp-patches] FYI: PR46775: Ensure setPolicy calls are reflected by the default SecurityManager

Thu, 02 Dec 2010 17:05:43 -0800 

I've just pushed the attached fix for a bug in the reference
VMAccessController implementation (PR46775).  When Policy.setPolicy
was used to set a new Policy object, the default SecurityManager
should reflect this change.  This wasn't the case prior to this
patch as VMAccessController creates ProtectionDomain objects
with the two argument constructor which enforces static permissions.
This fix replaces these calls with the four argument constructor
so the Policy is consulted.

2010-12-02  Andrew John Hughes  <ahug...@redhat.com>

        PR classpath/46775
        * vm/reference/java/security/VMAccessController.java:
        (DEFAULT_CONTEXT): Create ProtectionDomain with
        four argument constructor (arguments are the same
        as those implied by the two argument constructor).
        (getContext()): Create ProtectionDomain instances
        with four argument constructor using a null Principal
        array (as before) but including the classloader, which
        was always null before.

-- 
Andrew :)

Free Java Software Engineer
Red Hat, Inc. (http://www.redhat.com)

Support Free Java!
Contribute to GNU Classpath and IcedTea
http://www.gnu.org/software/classpath
http://icedtea.classpath.org
PGP Key: 94EFD9D8 (http://subkeys.pgp.net)
Fingerprint = F8EF F1EA 401E 2E60 15FA  7927 142C 2591 94EF D9D8

Index: vm/reference/java/security/VMAccessController.java
===================================================================
RCS file: 
/sources/classpath/classpath/vm/reference/java/security/VMAccessController.java,v
retrieving revision 1.8
diff -u -u -r1.8 VMAccessController.java
--- vm/reference/java/security/VMAccessController.java  3 Jun 2010 19:14:41 
-0000       1.8
+++ vm/reference/java/security/VMAccessController.java  3 Dec 2010 00:45:15 
-0000
@@ -71,7 +71,7 @@
     Permissions permissions = new Permissions();
     permissions.add(new AllPermission());
     ProtectionDomain[] domain = new ProtectionDomain[] {
-      new ProtectionDomain(source, permissions)
+      new ProtectionDomain(source, permissions, null, null)
     };
     DEFAULT_CONTEXT = new AccessControlContext(domain);
   }
@@ -188,12 +188,13 @@
       {
         Class clazz = classes[i];
         String method = methods[i];
+        ClassLoader loader = clazz.getClassLoader();
 
         if (DEBUG)
           {
             debug("checking " + clazz + "." + method);
             // subject to getClassLoader RuntimePermission
-            debug("loader = " + clazz.getClassLoader());
+            debug("loader = " + loader);
           }
 
         // If the previous frame was a call to doPrivileged, then this is
@@ -225,7 +226,8 @@
         // Create a static snapshot of this domain, which may change over time
         // if the current policy changes.
         domains.add(new ProtectionDomain(domain.getCodeSource(),
-                                         domain.getPermissions()));
+                                         domain.getPermissions(),
+                                         loader, null));
       }
 
     if (DEBUG)

Reply via email to