[
https://issues.apache.org/jira/browse/FELIX-4975?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14644911#comment-14644911
]
ASF GitHub Bot commented on FELIX-4975:
---------------------------------------
GitHub user rotty3000 opened a pull request:
https://github.com/apache/felix/pull/30
FELIX-4975 fileinstall's ConfigInstaller leaks it's permission checks…
… to caller
Signed-off-by: Raymond Auge <raymond.a...@liferay.com>
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/rotty3000/felix FELIX-4975
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/felix/pull/30.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #30
----
commit 68e2a681ab6d45fb1c381632b8588df3e849850e
Author: Raymond Auge <raymond.a...@liferay.com>
Date: 2015-07-28T19:39:53Z
FELIX-4975 fileinstall's ConfigInstaller leaks it's permission checks to
caller
Signed-off-by: Raymond Auge <raymond.a...@liferay.com>
----
> fileinstall's ConfigInstaller leaks it's permission checks to caller
> --------------------------------------------------------------------
>
> Key: FELIX-4975
> URL: https://issues.apache.org/jira/browse/FELIX-4975
> Project: Felix
> Issue Type: Bug
> Components: File Install
> Affects Versions: fileinstall-3.5.0
> Environment: any with security enabled
> Reporter: Raymond Augé
> Fix For: fileinstall-3.5.2
>
>
> The following stack trace shows ConfigInstaller's permission leaking and
> failing for configadmin (the caller)
> {code}
> java.security.AccessControlException: access denied
> ("java.util.PropertyPermission" "felix.fileinstall.enableConfigSave" "read")
> at
> java.security.AccessControlContext.checkPermission(AccessControlContext.java:372)
> at
> org.eclipse.osgi.internal.permadmin.EquinoxSecurityManager.internalCheckPermission(EquinoxSecurityManager.java:117)
> at
> com.liferay.portal.security.pacl.PortalSecurityManagerImpl$PermissionAction.run(PortalSecurityManagerImpl.java:1465)
> at
> com.liferay.portal.security.pacl.PortalSecurityManagerImpl$PermissionAction.run(PortalSecurityManagerImpl.java:1451)
> at java.security.AccessController.doPrivileged(Native Method)
> at
> com.liferay.portal.security.pacl.PortalSecurityManagerImpl.checkPermission(PortalSecurityManagerImpl.java:331)
> at
> java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1298)
> at
> org.eclipse.osgi.internal.framework.BundleContextImpl.getProperty(BundleContextImpl.java:117)
> at
> org.apache.felix.fileinstall.internal.ConfigInstaller.shouldSaveConfig(ConfigInstaller.java:163)
> at
> org.apache.felix.fileinstall.internal.ConfigInstaller.configurationEvent(ConfigInstaller.java:93)
> at
> org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.sendEvent(ConfigurationManager.java:2046)
> at
> org.apache.felix.cm.impl.ConfigurationManager$FireConfigurationEvent.run(ConfigurationManager.java:2014)
> at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:131)
> at org.apache.felix.cm.impl.UpdateThread$1.run(UpdateThread.java:128)
> at java.security.AccessController.doPrivileged(Native Method)
> at org.apache.felix.cm.impl.UpdateThread.run0(UpdateThread.java:127)
> at org.apache.felix.cm.impl.UpdateThread.run(UpdateThread.java:110)
> at java.lang.Thread.run(Thread.java:745)
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
