[jira] [Assigned] (FELIX-3992) Classloader access outside of a privileged block

Mon, 25 Mar 2013 04:45:18 -0700 

     [ 
https://issues.apache.org/jira/browse/FELIX-3992?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Karl Pauls reassigned FELIX-3992:
---------------------------------

    Assignee: Karl Pauls

Looks like something like your patch would make sense. Thanks, I'll try to get 
to it soon...
                
> Classloader access outside of a privileged block
> ------------------------------------------------
>
>                 Key: FELIX-3992
>                 URL: https://issues.apache.org/jira/browse/FELIX-3992
>             Project: Felix
>          Issue Type: Bug
>          Components: Framework
>    Affects Versions: framework-4.2.0
>            Reporter: Romain Dubois
>            Assignee: Karl Pauls
>            Priority: Minor
>              Labels: security
>
> In method 
> org.apache.felix.framework.ServiceRegistrationImpl.isClassAccessible(Class), 
> there is an access to the registered ServiceFactory classloader (lines 
> 163:169 in v4.2.1):
>         if ((m_factory != null)
>             && (m_factory.getClass().getClassLoader() instanceof 
> BundleReference)
>             && !((BundleReference) m_factory.getClass()
>                 .getClassLoader()).getBundle().equals(m_bundle))
>         {
>             return true;
>         }
> If a bundle registers a service through a ServiceFactory and if there is an 
> active ServiceListener matching this service, those lines are executed inside 
> the registering bundle's protection domain.
> If this bundle does not have the (java.util.RuntimePermission 
> 'getClassloader') privilege, the getClassLoader invocation throws a 
> SecurityException and the listener is always called because the exception is 
> catched at line 526 (isAssignableTo) of the same class.
> The comment inside the catch block does not seem to justify this case.
> I think a simple privileged block around the bundle comparison is harmless 
> and should fix this. It could be something like :
>         if (m_factory != null)
>         {
>             Bundle bundle = null;
>             if (System.getSecurityManager() == null)
>             {
>                 if ((m_factory.getClass().getClassLoader() instanceof 
> BundleReference) {
>                     bundle = ((BundleReference) 
> m_factory.getClass().getClassLoader()).getBundle(); 
>                 }
>             }
>             else
>             {
>                 bundle = AccessController.doPrivileged(new 
> PrivilegedAction<Bundle>() {
>                     public Bundle run() {
>                         if ((m_factory.getClass().getClassLoader() instanceof 
> BundleReference) {
>                             return ((BundleReference) 
> m_factory.getClass().getClassLoader()).getBundle(); 
>                         }       
>                         return null;
>                     }
>                 });
>             }
>             
>             if (bundle != null && bundle.equals(m_bundle)) {
>                 return true;
>             }
>         }

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to