On 30/09/16 14:27, Rafael Winterhalter wrote:
> A Java agent ends up on the class path. The Byte Buddy agent (or any
> similar library) basically adds a single class:
>
> package net.bytebuddy.agent;
> public class Installer {
> public static volatile Instrumentation instrumentation;
> public static void agentMain(String argument, Instrumentation
> instrumentation) {
> Agent.instrumentation = instrumentation
> }
> }
>
> Since the class is added using self-attachment, the agentmain method is
> called by the VM and the field value is set. In order to keep the field
> accessible, it needs to be public such that any class loader can call:
>
> Instrumentation instrumentation = (Instrumentation)
> Class.forName("net.bytebuddy.agent.Installer", false,
> ClassLoader.getSystemClassLoader()).getDeclaredField("instrumentation").get(null);
>
> Any library on the class path can now also call the above code without
> requiring any priviledges as the Instrumentation instance is exposed
> without constraints. Adding a proper method for reading an instance of
> Instrumentation would prevent this.
Well, that's easily fixed. Make the agent push the Instrumentation
instance to the class which loaded the agent.
For example, provide the name of the class and name of a public setter
method as arguments to agentMain (and, if you want, a shared key to
validate the set). Then get the agent to locate the class, lookup the
setter method and hand over the instance.
regards,
Andrew Dinn
-----------
