[ https://issues.apache.org/jira/browse/LOGGING-130?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12706299#action_12706299 ]
Matthew P. Del Buono edited comment on LOGGING-130 at 5/5/09 9:45 PM: ---------------------------------------------------------------------- I should clarify, the reason for the "tainted execution path" is due to the fact that the caller of HttpClient.<clinit> (hidden by "... 11 more") is untrusted (non-apache) code which I am trying to sandbox. None of the code in org.apache.** nor com.mmoui.manager.** nor java.** can contribute to this concept of "taint" as it is all trusted. was (Author: mpdelbuono): I should clarify, the reason for the "tainted execution path" is due to the fact that the caller of HttpClient.<clinit> (hidden by "... 11 more") is untrusted (non-apache) code which I am trying to sandbox. None of the code in org.apache.** nor com.mmoui.manager.** nor java.** can contribute to this concept of "taint." > Potential missing privileged block for class loader > --------------------------------------------------- > > Key: LOGGING-130 > URL: https://issues.apache.org/jira/browse/LOGGING-130 > Project: Commons Logging > Issue Type: Bug > Affects Versions: 1.1.1 > Environment: Windows 7 under Sun JRE 6 Update 13, 64-bit > Running Commons HttpClient 3,1 w/ Commons Logging 1.1.1 > Reporter: Matthew P. Del Buono > > When attempting to instantiate a HttpClient, a call to LogFactory.getLog() is > made. Going deeper, Commons Logging later attempts to make an unprivileged > call to java.lang.ClassLoader.getParent(). Under systems with an installed > SecurityManager (like mine), this may be forbidden. > In particular, this call will require the RuntimePermission getClassLoader. > In my particular case, I am attempting to sandbox specific segments of code, > and thus cannot grant this permission to the user of HttpClient (and, thus, > Commons Logging). However, I feel that Commons Logging should be able to > trust itself to make a self-checked call to ClassLoader.getParent(). > The stack trace for my situation (trimmed off to assist you) is as follows: > Caused by: org.apache.commons.logging.LogConfigurationException: > java.lang.SecurityException: Cannot request this permission from a tainted > execution path (Caused by java.lang.SecurityException: Cannot request this > permission from a tainted execution path) > at > org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:637) > at > org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:336) > at > org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:310) > at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:685) > at org.apache.commons.httpclient.HttpClient.<clinit>(HttpClient.java:66) > ... 11 more > Caused by: java.lang.SecurityException: Cannot request this permission from a > tainted execution path > at > com.mmoui.manager.MinionSecurityManager.verifyUntainted(MinionSecurityManager.java:507) > at > com.mmoui.manager.MinionSecurityManager.checkPermission(MinionSecurityManager.java:263) > at > com.mmoui.manager.MinionSecurityManager.checkPermission(MinionSecurityManager.java:474) > at java.lang.ClassLoader.getParent(ClassLoader.java:1233) > at > org.apache.commons.logging.impl.LogFactoryImpl.getLowestClassLoader(LogFactoryImpl.java:1327) > at > org.apache.commons.logging.impl.LogFactoryImpl.getBaseClassLoader(LogFactoryImpl.java:1247) > at > org.apache.commons.logging.impl.LogFactoryImpl.createLogFromClass(LogFactoryImpl.java:1048) > at > org.apache.commons.logging.impl.LogFactoryImpl.discoverLogImplementation(LogFactoryImpl.java:914) > at > org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:604) > ... 15 more > I feel that LogFactoryImpl.getLowestClassLoader's call to > java.lang.ClassLoader.getParent() should be wrapped by > AccessController.doPrivileged(). I can't think of any reason not to do this > currently. This would allow my application to trust Commons Logging and not > have to grant the RuntimePermission getClassLoader to the users of HttpClient. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.