[jira] [Created] (FELIX-3367) getClassloader permission

[Andie Similon (Created) (JIRA)]

getClassloader permission
-------------------------

                 Key: FELIX-3367
                 URL: https://issues.apache.org/jira/browse/FELIX-3367
             Project: Felix
          Issue Type: Bug
          Components: Framework
    Affects Versions: framework-3.2.2
            Reporter: Andie Similon


When I deny getClassloader with conditional permission admin for a specific 
bundle the bundle throws a securityexception when starting the bundle. 

org.osgi.framework.BundleException: Activator start error in bundle HelloBundle 
[3].
        at org.apache.felix.framework.Felix.activateBundle (Felix.java:1908)
        at org.apache.felix.framework.Felix.startBundle (Felix.java:1783)
        at org.apache.felix.framework.BundleImpl.start (BundleImpl.java:919)
        at com.technicolor.osgi.bundle.bm.tasks.StartTask.run 
(StartTask.java:77)
        at com.technicolor.osgi.bundle.bm.TaskQueue$1.run (TaskQueue.java:92)
        at java.lang.Thread.run (Unknown Source, bco=16)
Caused by: java.lang.SecurityException: java.security.AccessControlException: 
permission failure
        at org.apache.felix.framework.Felix$1.checkPermission (Felix.java:586)
        at java.lang.ClassLoader.getParent (Unknown Source, bco=36)
        at org.apache.felix.framework.ModuleImpl.getBootDelegationClassLoader 
(ModuleImpl.java:1654)
        at 
org.apache.felix.framework.ModuleImpl.findClassOrResourceByDelegation 
(ModuleImpl.java:697)
        at org.apache.felix.framework.ModuleImpl.access$400 (ModuleImpl.java:71)
        at org.apache.felix.framework.ModuleImpl$ModuleClassLoader.loadClass 
(ModuleImpl.java:1768)
        at java.lang.ClassLoader.loadClass (Native Method)
        at java.lang.ClassLoader.handleLoadClass (Native Method)
        at java.lang.ClassLoader.handleLoadClass (Native Method)
        at HelloBundle.Activator.<init> (Activator.java:12)
        at org.apache.felix.framework.Felix.createBundleActivator 
(Felix.java:3716)
        at org.apache.felix.framework.Felix.activateBundle (Felix.java:1856)
        ... 5 more
Caused by: java.security.AccessControlException: permission failure
        at java.security.AccessControlContext.checkPermission (Unknown Source, 
bco=47)
        at java.security.AccessController.checkPermission (Unknown Source, 
bco=21)
        at java.lang.SecurityManager.checkPermission (Unknown Source, bco=4)
        at org.apache.felix.framework.Felix$1.checkPermission (Felix.java:587)
        ... 16 more

shouldn't "activator = (BundleActivator) clazz.newInstance();" in 
createBundleActivator happen in doPrivileged ? For example:
            try {
              activator = (BundleActivator) AccessController.doPrivileged(new 
PrivilegedExceptionAction() {
              public Object run() throws Exception {
                return (BundleActivator) clazz.newInstance();
              }
            });
            } catch (PrivilegedActionException e) {
              throw e.getException();
            }     
works.


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira