Any security guys can help to look at this issue? thanks in advance. I
haven't found time to looked closer to find the cause yet, but it seems
a little serious.
Paulex Yang (JIRA) wrote:
[classlib][security] Harmony cannot read security policy file correctly
-----------------------------------------------------------------------
Key: HARMONY-1963
URL: http://issues.apache.org/jira/browse/HARMONY-1963
Project: Harmony
Issue Type: Bug
Components: Classlib
Environment: Harmony classlib + IBM VME, windows XP+sp2
Reporter: Paulex Yang
I created simple a java.policy file[1], and try to run SecurityManagerTest with
argument:
-Djava.security.manager -Dtest.bin.dir=<path to test bin directory>
-Djava.security.policy=<path to policy file>
public class SecurityManagerTest {
public static void main(String[] args) throws Exception{
System.out.println(System.getProperty("os.name")); //read access for
this property has been granted by default policy
System.out.println(System.getProperty("notexist")); // no access for
this property has been granted by default policy
}
}
RI prints:
Windows XP
null
Harmony prints:
Windows XP
K0319java.security.AccessControlException: Access denied
(java.util.PropertyPermission notexist read)
at
java.security.AccessController.checkPermission(AccessController.java:94)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:739)
at
java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:374)
at java.lang.System.getProperty(System.java:675)
at java.lang.System.getProperty(System.java:660)
at SecurityManagerTest.main(Unknown Source)
I got same results if add the content customized java.policy to default policy
file without specifying policy file in cmd line.
[1]
grant codeBase "file:${test.bin.dir}/-" {
permission java.security.AllPermission;
};
--
Paulex Yang
China Software Development Lab
IBM