[jira] [Commented] (SSHD-332) Nio2 security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14056203#comment-14056203 ] Gaël Lalire commented on SSHD-332: -- I check your code and an AsynchronousChannelGroup is used. The associated ExecutorService is a fixed thread pool and should have normal permissions. Maybe JVM issue. Nio2 security --- Key: SSHD-332 URL: https://issues.apache.org/jira/browse/SSHD-332 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Environment: Oracle Java 8 Reporter: Gaël Lalire Assignee: Guillaume Nodet Fix For: 0.12.0 Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, securesshd.zip Original Estimate: 96h Remaining Estimate: 96h I don't know if it is a JVM bug or normal behavior but a ProtectionDomain with no permission is associated with completionHandler thread by sun.misc.InnocuousThread class. As a result if a security manager is set all code in completionHandler has no permission (event if policy grants all permission). If the behavior of JVM is correct then you should add AccessController.doPrivileged() when entering completionHandler. You can also check if a SecurityManager is set and run without Nio2 as a quick fix. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14056214#comment-14056214 ] Gaël Lalire commented on SSHD-332: -- You added AccessController.doPrivileged that should be ok, thanks. Nio2 security --- Key: SSHD-332 URL: https://issues.apache.org/jira/browse/SSHD-332 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Environment: Oracle Java 8 Reporter: Gaël Lalire Assignee: Guillaume Nodet Fix For: 0.12.0 Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, securesshd.zip Original Estimate: 96h Remaining Estimate: 96h I don't know if it is a JVM bug or normal behavior but a ProtectionDomain with no permission is associated with completionHandler thread by sun.misc.InnocuousThread class. As a result if a security manager is set all code in completionHandler has no permission (event if policy grants all permission). If the behavior of JVM is correct then you should add AccessController.doPrivileged() when entering completionHandler. You can also check if a SecurityManager is set and run without Nio2 as a quick fix. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14055224#comment-14055224 ] Gaël Lalire commented on SSHD-332: -- My version is newer java version 1.8.0_05 Java(TM) SE Runtime Environment (build 1.8.0_05-b13) Java HotSpot(TM) 64-Bit Server VM (build 25.5-b02, mixed mode) I found the commit which avoid all permissions for NIO2 handler (6 month ago) in openjdk http://hg.openjdk.java.net/jdk8u/jdk8u/jdk/rev/c4baa68f4e3a I think it is a JVM bug to use it for NIO2 handler. Nio2 security --- Key: SSHD-332 URL: https://issues.apache.org/jira/browse/SSHD-332 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Environment: Oracle Java 8 Reporter: Gaël Lalire Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, securesshd.zip Original Estimate: 96h Remaining Estimate: 96h I don't know if it is a JVM bug or normal behavior but a ProtectionDomain with no permission is associated with completionHandler thread by sun.misc.InnocuousThread class. As a result if a security manager is set all code in completionHandler has no permission (event if policy grants all permission). If the behavior of JVM is correct then you should add AccessController.doPrivileged() when entering completionHandler. You can also check if a SecurityManager is set and run without Nio2 as a quick fix. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14047610#comment-14047610 ] Guillaume Nodet commented on SSHD-332: -- I can't reproduce the problem ... Nio2 security --- Key: SSHD-332 URL: https://issues.apache.org/jira/browse/SSHD-332 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Environment: Oracle Java 8 Reporter: Gaël Lalire Original Estimate: 96h Remaining Estimate: 96h I don't know if it is a JVM bug or normal behavior but a ProtectionDomain with no permission is associated with completionHandler thread by sun.misc.InnocuousThread class. As a result if a security manager is set all code in completionHandler has no permission (event if policy grants all permission). If the behavior of JVM is correct then you should add AccessController.doPrivileged() when entering completionHandler. You can also check if a SecurityManager is set and run without Nio2 as a quick fix. -- This message was sent by Atlassian JIRA (v6.2#6252)
[jira] [Commented] (SSHD-332) Nio2 security
[ https://issues.apache.org/jira/browse/SSHD-332?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=14047647#comment-14047647 ] Gaël Lalire commented on SSHD-332: -- I found a way to run sshd in secure env by using mina even in java 7 8 : sshd.setIoServiceFactoryFactory(new MinaServiceFactoryFactory()); However it can be interesting to know if Nio2 is misused or misimplemented. I attached a jar and its sources so you can reproduce the issue with below commands : java -jar securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar ssh -p 127.0.0.1 An exception should occurs on java side if Nio2 is available. Exception occurs at least with Oracle JDK8 on Mac OS X and OpenJDK7 on fedora. Nio2 security --- Key: SSHD-332 URL: https://issues.apache.org/jira/browse/SSHD-332 Project: MINA SSHD Issue Type: Bug Affects Versions: 0.11.0 Environment: Oracle Java 8 Reporter: Gaël Lalire Attachments: securesshd-0.0.1-SNAPSHOT-jar-with-dependencies.jar, securesshd.zip Original Estimate: 96h Remaining Estimate: 96h I don't know if it is a JVM bug or normal behavior but a ProtectionDomain with no permission is associated with completionHandler thread by sun.misc.InnocuousThread class. As a result if a security manager is set all code in completionHandler has no permission (event if policy grants all permission). If the behavior of JVM is correct then you should add AccessController.doPrivileged() when entering completionHandler. You can also check if a SecurityManager is set and run without Nio2 as a quick fix. -- This message was sent by Atlassian JIRA (v6.2#6252)