This is an automated email from the ASF dual-hosted git repository. markt pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push: new 0377504b83 Remove SecurityManager references from JULI 0377504b83 is described below commit 0377504b8394bbed872e50112e4f7c6b920eb282 Author: Mark Thomas <ma...@apache.org> AuthorDate: Thu Jan 12 19:21:14 2023 +0000 Remove SecurityManager references from JULI --- java/org/apache/juli/ClassLoaderLogManager.java | 117 ++++++------------------ java/org/apache/juli/FileHandler.java | 21 +---- 2 files changed, 31 insertions(+), 107 deletions(-) diff --git a/java/org/apache/juli/ClassLoaderLogManager.java b/java/org/apache/juli/ClassLoaderLogManager.java index b4ab262601..5fc80f62d1 100644 --- a/java/org/apache/juli/ClassLoaderLogManager.java +++ b/java/org/apache/juli/ClassLoaderLogManager.java @@ -18,15 +18,10 @@ package org.apache.juli; import java.io.File; import java.io.FileInputStream; -import java.io.FilePermission; import java.io.IOException; import java.io.InputStream; import java.net.URL; import java.net.URLClassLoader; -import java.security.AccessControlException; -import java.security.AccessController; -import java.security.Permission; -import java.security.PrivilegedAction; import java.util.Collections; import java.util.Enumeration; import java.util.HashMap; @@ -143,14 +138,7 @@ public class ClassLoaderLogManager extends LogManager { // Apply initial level for new logger final String levelString = getProperty(loggerName + ".level"); if (levelString != null) { - try { - AccessController.doPrivileged((PrivilegedAction<Void>) () -> { - logger.setLevel(Level.parse(levelString.trim())); - return null; - }); - } catch (IllegalArgumentException e) { - // Leave level set to null - } + logger.setLevel(Level.parse(levelString.trim())); } // Always instantiate parent loggers so that @@ -168,7 +156,7 @@ public class ClassLoaderLogManager extends LogManager { // Set parent logger Logger parentLogger = node.findParentLogger(); if (parentLogger != null) { - doSetParentLogger(logger, parentLogger); + logger.setParent(parentLogger); } // Tell children we are their new parent @@ -305,24 +293,14 @@ public class ClassLoaderLogManager extends LogManager { } @Override - public void readConfiguration() - throws IOException, SecurityException { - - checkAccess(); - + public void readConfiguration() throws IOException, SecurityException { readConfiguration(getClassLoader()); - } @Override - public void readConfiguration(InputStream is) - throws IOException, SecurityException { - - checkAccess(); + public void readConfiguration(InputStream is) throws IOException, SecurityException { reset(); - readConfiguration(is, getClassLoader()); - } @Override @@ -400,15 +378,11 @@ public class ClassLoaderLogManager extends LogManager { } ClassLoaderLogInfo info = classLoaderLoggers.get(classLoader); if (info == null) { - final ClassLoader classLoaderParam = classLoader; - AccessController.doPrivileged((PrivilegedAction<Void>) () -> { - try { - readConfiguration(classLoaderParam); - } catch (IOException e) { - // Ignore - } - return null; - }); + try { + readConfiguration(classLoader); + } catch (IOException e) { + // Ignore + } info = classLoaderLoggers.get(classLoader); } return info; @@ -427,45 +401,27 @@ public class ClassLoaderLogManager extends LogManager { InputStream is = null; // Special case for URL classloaders which are used in containers: // only look in the local repositories to avoid redefining loggers 20 times - try { - if (classLoader instanceof WebappProperties) { - if (((WebappProperties) classLoader).hasLoggingConfig()) { - is = classLoader.getResourceAsStream("logging.properties"); + if (classLoader instanceof WebappProperties) { + if (((WebappProperties) classLoader).hasLoggingConfig()) { + is = classLoader.getResourceAsStream("logging.properties"); + } + } else if (classLoader instanceof URLClassLoader) { + URL logConfig = ((URLClassLoader)classLoader).findResource("logging.properties"); + + if(null != logConfig) { + if(Boolean.getBoolean(DEBUG_PROPERTY)) { + System.err.println(getClass().getName() + + ".readConfiguration(): " + + "Found logging.properties at " + + logConfig); } - } else if (classLoader instanceof URLClassLoader) { - URL logConfig = ((URLClassLoader)classLoader).findResource("logging.properties"); - - if(null != logConfig) { - if(Boolean.getBoolean(DEBUG_PROPERTY)) { - System.err.println(getClass().getName() - + ".readConfiguration(): " - + "Found logging.properties at " - + logConfig); - } - is = classLoader.getResourceAsStream("logging.properties"); - } else { - if(Boolean.getBoolean(DEBUG_PROPERTY)) { - System.err.println(getClass().getName() - + ".readConfiguration(): " - + "Found no logging.properties"); - } - } - } - } catch (AccessControlException ace) { - // No permission to configure logging in context - // Log and carry on - ClassLoaderLogInfo info = classLoaderLoggers.get(ClassLoader.getSystemClassLoader()); - if (info != null) { - Logger log = info.loggers.get(""); - if (log != null) { - Permission perm = ace.getPermission(); - if (perm instanceof FilePermission && perm.getActions().equals("read")) { - log.warning("Reading " + perm.getName() + " is not permitted. See \"per context logging\" in the default catalina.policy file."); - } else { - log.warning("Reading logging.properties is not permitted in some context. See \"per context logging\" in the default catalina.policy file."); - log.warning("Original error was: " + ace.getMessage()); - } + is = classLoader.getResourceAsStream("logging.properties"); + } else { + if(Boolean.getBoolean(DEBUG_PROPERTY)) { + System.err.println(getClass().getName() + + ".readConfiguration(): " + + "Found no logging.properties"); } } } @@ -599,21 +555,6 @@ public class ClassLoaderLogManager extends LogManager { } - /** - * Set parent child relationship between the two specified loggers. - * - * @param logger The logger - * @param parent The parent logger - */ - protected static void doSetParentLogger(final Logger logger, - final Logger parent) { - AccessController.doPrivileged((PrivilegedAction<Void>) () -> { - logger.setParent(parent); - return null; - }); - } - - /** * System property replacement in the given string. * @@ -750,7 +691,7 @@ public class ClassLoaderLogManager extends LogManager { if (childNode.logger == null) { childNode.setParentLogger(parent); } else { - doSetParentLogger(childNode.logger, parent); + childNode.logger.setParent(parent); } } } diff --git a/java/org/apache/juli/FileHandler.java b/java/org/apache/juli/FileHandler.java index eb807c8c82..2fe8b22893 100644 --- a/java/org/apache/juli/FileHandler.java +++ b/java/org/apache/juli/FileHandler.java @@ -27,8 +27,6 @@ import java.io.UnsupportedEncodingException; import java.nio.file.DirectoryStream; import java.nio.file.Files; import java.nio.file.Path; -import java.security.AccessController; -import java.security.PrivilegedAction; import java.sql.Timestamp; import java.time.DateTimeException; import java.time.LocalDate; @@ -543,34 +541,19 @@ public class FileHandler extends Handler { protected static final class ThreadFactory implements java.util.concurrent.ThreadFactory { private final String namePrefix; - private final boolean isSecurityEnabled; private final ThreadGroup group; private final AtomicInteger threadNumber = new AtomicInteger(1); public ThreadFactory(final String namePrefix) { this.namePrefix = namePrefix; - SecurityManager s = System.getSecurityManager(); - if (s == null) { - this.isSecurityEnabled = false; - this.group = Thread.currentThread().getThreadGroup(); - } else { - this.isSecurityEnabled = true; - this.group = s.getThreadGroup(); - } + this.group = Thread.currentThread().getThreadGroup(); } @Override public Thread newThread(Runnable r) { Thread t = new Thread(group, r, namePrefix + threadNumber.getAndIncrement()); // Threads should not have as context classloader a webapp classloader - if (isSecurityEnabled) { - AccessController.doPrivileged((PrivilegedAction<Void>) () -> { - t.setContextClassLoader(ThreadFactory.class.getClassLoader()); - return null; - }); - } else { - t.setContextClassLoader(ThreadFactory.class.getClassLoader()); - } + t.setContextClassLoader(ThreadFactory.class.getClassLoader()); t.setDaemon(true); return t; } --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org