[Bug 596688] [NEW] code from privileged sources executed with restricted permissions

Sun, 20 Jun 2010 15:01:01 -0700 

Public bug reported:

When executing a Java applet or calling Java directly from Firefox
chrome:// code (e.g., Firefox extensions), the code should be granted
AllPermissions. Given that chrome:// code has shell execution
privileges, this is not a security hole. Permissions are handled
properly by the Sun NPRuntime Java plug-in, and were handled mostly
properly by the old OJI/LiveConnect plug-in.

Running the following from a Firefox overlay:

new
java.net.URLClassLoader(java.lang.reflect.Array.newInstance(java.lang.Class.forName("java.net.URL"),
0));

produces the following error in icedtea6-plugin-6b18-1.8-0ubuntu1

java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at 
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
        at 
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.lang.reflect.Constructor.newInstance(Constructor.java:532)
        at 
sun.applet.PluginAppletSecurityContext$6.run(PluginAppletSecurityContext.java:1050)
        at java.security.AccessController.doPrivileged(Native Method)
        at 
sun.applet.PluginAppletSecurityContext.handleMessage(PluginAppletSecurityContext.java:1047)
        at 
sun.applet.AppletSecurityContextManager.handleMessage(AppletSecurityContextManager.java:69)
        at 
sun.applet.PluginStreamHandler.handleMessage(PluginStreamHandler.java:273)
        at 
sun.applet.PluginMessageHandlerWorker.run(PluginMessageHandlerWorker.java:82)
Caused by: java.security.AccessControlException: access denied 
(java.lang.RuntimePermission createClassLoader)
        at 
java.security.AccessControlContext.checkPermission(AccessControlContext.java:342)
        at 
java.security.AccessController.checkPermission(AccessController.java:553)
        at java.lang.SecurityManager.checkPermission(SecurityManager.java:549)
        at 
net.sourceforge.jnlp.runtime.JNLPSecurityManager.checkPermission(JNLPSecurityManager.java:282)
        at 
java.lang.SecurityManager.checkCreateClassLoader(SecurityManager.java:611)
        at java.lang.ClassLoader.checkCreateClassLoader(ClassLoader.java:194)
        at java.lang.ClassLoader.<init>(ClassLoader.java:243)
        at java.security.SecureClassLoader.<init>(SecureClassLoader.java:94)
        at java.net.URLClassLoader.<init>(URLClassLoader.java:130)
        ... 10 more
Error on Java side: LiveConnectPermissionNeeded access denied 
(java.lang.RuntimePermission createClassLoader)

This same code executes without a hitch in the sun-java6-plugin-6.20dlj-
1ubuntu3. This is currently preventing the Zotero OpenOffice plug-in
from working on a default Ubuntu installation.

** Affects: openjdk-6 (Ubuntu)
     Importance: Undecided
         Status: New

-- 
code from privileged sources executed with restricted permissions
https://bugs.launchpad.net/bugs/596688
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to