[jira] [Commented] (SSHD-332) Nio2 & security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14056214#comment-14056214 ] Gaël Lalire commented on SSHD-332: -- You added AccessController.doPrivileged that should be ok, thanks. > Nio2 & security > --- > > Key: SSHD-332 > URL: https://issues.apache.org/jira/browse/SSHD-332 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.11.0 > Environment: Oracle Java 8 >Reporter: Gaël Lalire >Assignee: Guillaume Nodet > Fix For: 0.12.0 > > Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, > securesshd.zip > > Original Estimate: 96h > Remaining Estimate: 96h > > I don't know if it is a JVM bug or normal behavior but a ProtectionDomain > with no permission is associated with completionHandler thread by > sun.misc.InnocuousThread class. > As a result if a security manager is set all code in completionHandler has no > permission (event if policy grants all permission). > If the behavior of JVM is correct then you should add > AccessController.doPrivileged() when entering completionHandler. > You can also check if a SecurityManager is set and run without Nio2 as a > quick fix. > -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 & security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14056203#comment-14056203 ] Gaël Lalire commented on SSHD-332: -- I check your code and an AsynchronousChannelGroup is used. The associated ExecutorService is a fixed thread pool and should have normal permissions. Maybe JVM issue. > Nio2 & security > --- > > Key: SSHD-332 > URL: https://issues.apache.org/jira/browse/SSHD-332 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.11.0 > Environment: Oracle Java 8 >Reporter: Gaël Lalire >Assignee: Guillaume Nodet > Fix For: 0.12.0 > > Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, > securesshd.zip > > Original Estimate: 96h > Remaining Estimate: 96h > > I don't know if it is a JVM bug or normal behavior but a ProtectionDomain > with no permission is associated with completionHandler thread by > sun.misc.InnocuousThread class. > As a result if a security manager is set all code in completionHandler has no > permission (event if policy grants all permission). > If the behavior of JVM is correct then you should add > AccessController.doPrivileged() when entering completionHandler. > You can also check if a SecurityManager is set and run without Nio2 as a > quick fix. > -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 & security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14055224#comment-14055224 ] Gaël Lalire commented on SSHD-332: -- My version is newer java version "1.8.0_05" Java(TM) SE Runtime Environment (build 1.8.0_05-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.5-b02, mixed mode) I found the commit which avoid all permissions for NIO2 handler (6 month ago) in openjdk http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c4baa68f4e3a I think it is a JVM bug to use it for NIO2 handler. > Nio2 & security > --- > > Key: SSHD-332 > URL: https://issues.apache.org/jira/browse/SSHD-332 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.11.0 > Environment: Oracle Java 8 >Reporter: Gaël Lalire > Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, > securesshd.zip > > Original Estimate: 96h > Remaining Estimate: 96h > > I don't know if it is a JVM bug or normal behavior but a ProtectionDomain > with no permission is associated with completionHandler thread by > sun.misc.InnocuousThread class. > As a result if a security manager is set all code in completionHandler has no > permission (event if policy grants all permission). > If the behavior of JVM is correct then you should add > AccessController.doPrivileged() when entering completionHandler. > You can also check if a SecurityManager is set and run without Nio2 as a > quick fix. > -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 & security
[
https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14055169#comment-14055169
]
Guillaume Nodet commented on SSHD-332:
--
It seems to work correctly with jdk8 on os x for me:
{code}
gnodet:(git)mina-sshd[master]/sshd-core$ java -version
java version "1.8.0"
Java(TM) SE Runtime Environment (build 1.8.0-b132)
Java HotSpot(TM) 64-Bit Server VM (build 25.0-b70, mixed mode)
gnodet:(git)mina-sshd[master]/sshd-core$ java -jar
~/Downloads/securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar
19:28:39.483 [main] INFO o.a.sshd.common.util.SecurityUtils - BouncyCastle not
registered, using the default JCE provider
19:28:39.811 [main] DEBUG o.a.sshd.common.io.nio2.Nio2Acceptor - Creating
Nio2Acceptor
19:28:39.813 [main] DEBUG o.a.sshd.common.io.nio2.Nio2Acceptor - Binding
Nio2Acceptor to address 0.0.0.0/0.0.0.0:
19:28:42.000 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Creating IoSession on /127.0.0.1: from /127.0.0.1:63195
19:28:42.005 [pool-2-thread-1] INFO o.a.s.server.session.ServerSession -
Server session created from /127.0.0.1:63195
19:28:42.005 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 26 bytes
19:28:42.007 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.015 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession - Send
SSH_MSG_KEXINIT
19:28:42.016 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 480 bytes
19:28:42.016 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.017 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
1853 bytes
19:28:42.017 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession -
Client version string: SSH-2.0-OpenSSH_6.4
19:28:42.018 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession -
Received SSH_MSG_KEXINIT
19:28:42.018 [pool-2-thread-1] INFO o.a.s.server.session.ServerSession - Kex:
server->client aes128-ctr hmac-md5 none
19:28:42.018 [pool-2-thread-1] INFO o.a.s.server.session.ServerSession - Kex:
client->server aes128-ctr hmac-md5 none
19:28:42.034 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Read
80 bytes
19:28:42.034 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 -
Received SSH_MSG_KEXDH_INIT
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 - K_S:
00 00 00 07 73 73 68 2d 64 73 73 00 00 00 81 00 fd 7f 53 81 1d 75 12 29 52 df
4a 9c 2e ec e4 e7 f6 11 b7 52 3c ef 44 00 c3 1e 3f 80 b6 51 26 69 45 5d 40 22
51 fb 59 3d 8d 58 fa bf c5 f5 ba 30 f6 cb 9b 55 6c d7 81 3b 80 1d 34 6f f2 66
60 b7 6b 99 50 a5 a4 9f 9f e8 04 7b 10 22 c2 4f bb a9 d7 fe b7 c6 1b f8 3b 57
e7 c6 a8 a6 15 0f 04 fb 83 f6 d3 c5 1e c3 02 35 54 13 5a 16 91 32 f6 75 f3 ae
2b 61 d7 2a ef f2 22 03 19 9d d1 48 01 c7 00 00 00 15 00 97 60 50 8f 15 23 0b
cc b2 92 b9 82 a2 eb 84 0b f0 58 1c f5 00 00 00 81 00 f7 e1 a0 85 d6 9b 3d de
cb bc ab 5c 36 b8 57 b9 79 94 af bb fa 3a ea 82 f9 57 4c 0b 3d 07 82 67 51 59
57 8e ba d4 59 4f e6 71 07 10 81 80 b4 49 16 71 23 e8 4c 28 16 13 b7 cf 09 32
8c c8 a6 e1 3c 16 7a 8b 54 7c 8d 28 e0 a3 ae 1e 2b b3 a6 75 91 6e a3 7f 0b fa
21 35 62 f1 fb 62 7a 01 24 3b cc a4 f1 be a8 51 90 89 a8 83 df e1 5a e5 9f 06
92 8b 66 5e 80 7b 55 25 64 01 4c 3b fe cf 49 2a 00 00 00 81 00 f6 80 e5 dc c0
b7 da 01 54 0c ed 6d 32 49 41 8a d3 28 65 1f 25 9e 18 7f 76 90 72 91 5e cd 17
98 1e 8d 90 bf 48 47 cc b7 88 e1 f6 1c 6d 5b 45 2a 7d fd f8 06 33 48 9d 72 04
6d 92 1d f1 95 8d 0a 34 77 50 cf de 75 0e f3 2e b4 4c b9 8b e5 f6 40 9e 5b e7
fb 01 4e 25 e3 f9 ac 29 b7 6a 68 be 6c a3 95 5d 81 1c e4 8c 09 71 f0 00 ff f5
c9 8b 97 a0 19 2c 16 74 48 68 50 e8 77 8b 87 86 50 e3 3f
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 - f:
04 f9 34 65 6a b7 b4 25 a2 45 45 a0 2b c7 b5 9e 82 9b 21 29 4c 27 a5 8f 4c 4b
65 c2 8f b4 bb 07 89 ba 9a ad 80 d9 1d 38 22 4e b1 6a bd 18 5a e3 ca 50 25 99
6f 92 5e 1b b9 45 7d 42 63 75 bf 21 b2
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 -
sigH: 00 00 00 07 73 73 68 2d 64 73 73 00 00 00 28 4f 53 3e 51 64 51 52 df 7a
63 06 6f 77 c0 ba 4d 09 39 87 5c 90 22 6c 74 09 46 5f bc 04 a5 1a ba b7 c7 a6
26 cf b9 d0 56
19:28:42.039 [pool-2-thread-1] DEBUG org.apache.sshd.server.kex.ECDHP256 - Send
SSH_MSG_KEXDH_REPLY
19:28:42.039 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 584 bytes
19:28:42.039 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.040 [pool-2-thread-1] DEBUG o.a.s.server.session.ServerSession - Send
SSH_MSG_NEWKEYS
19:28:42.040 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Writing 16 bytes
19:28:42.040 [pool-2-thread-1] DEBUG o.a.sshd.common.io.nio2.Nio2Session -
Finished writing
19:28:42.043 [pool-2-thread-2] DEBUG o.a.sshd.common.io.nio2.Nio2Session - Rea
[jira] [Commented] (SSHD-332) Nio2 & security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14047647#comment-14047647 ] Gaël Lalire commented on SSHD-332: -- I found a way to run sshd in secure env by using mina even in java 7 & 8 : sshd.setIoServiceFactoryFactory(new MinaServiceFactoryFactory()); However it can be interesting to know if Nio2 is misused or misimplemented. I attached a jar and its sources so you can reproduce the issue with below commands : java -jar securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar ssh -p 127.0.0.1 An exception should occurs on java side if Nio2 is available. Exception occurs at least with Oracle JDK8 on Mac OS X and OpenJDK7 on fedora. > Nio2 & security > --- > > Key: SSHD-332 > URL: https://issues.apache.org/jira/browse/SSHD-332 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.11.0 > Environment: Oracle Java 8 >Reporter: Gaël Lalire > Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, > securesshd.zip > > Original Estimate: 96h > Remaining Estimate: 96h > > I don't know if it is a JVM bug or normal behavior but a ProtectionDomain > with no permission is associated with completionHandler thread by > sun.misc.InnocuousThread class. > As a result if a security manager is set all code in completionHandler has no > permission (event if policy grants all permission). > If the behavior of JVM is correct then you should add > AccessController.doPrivileged() when entering completionHandler. > You can also check if a SecurityManager is set and run without Nio2 as a > quick fix. > -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 & security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14047610#comment-14047610 ] Guillaume Nodet commented on SSHD-332: -- I can't reproduce the problem ... > Nio2 & security > --- > > Key: SSHD-332 > URL: https://issues.apache.org/jira/browse/SSHD-332 > Project: MINA SSHD > Issue Type: Bug >Affects Versions: 0.11.0 > Environment: Oracle Java 8 >Reporter: Gaël Lalire > Original Estimate: 96h > Remaining Estimate: 96h > > I don't know if it is a JVM bug or normal behavior but a ProtectionDomain > with no permission is associated with completionHandler thread by > sun.misc.InnocuousThread class. > As a result if a security manager is set all code in completionHandler has no > permission (event if policy grants all permission). > If the behavior of JVM is correct then you should add > AccessController.doPrivileged() when entering completionHandler. > You can also check if a SecurityManager is set and run without Nio2 as a > quick fix. > -- This message was sent by Atlassian JIRA (v6.2#6252)
