-
Notifications
You must be signed in to change notification settings - Fork 861
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EXPERIMENTAL: Remove SecurityManager #1353
base: master
Are you sure you want to change the base?
Changes from 1 commit
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -23,8 +23,7 @@ public Class<?> defineClass(String name, byte[] data) { | |
// Use our own protection domain for the generated classes. | ||
// TODO: we might want to use a separate protection domain for classes | ||
// compiled from scripts, based on where the script was loaded from. | ||
return super.defineClass( | ||
name, data, 0, data.length, SecurityUtilities.getProtectionDomain(getClass())); | ||
return super.defineClass(name, data, 0, data.length, getClass().getProtectionDomain()); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CHECKME: Would we need a protectionDomain at all? |
||
} | ||
|
||
@Override | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -488,10 +488,7 @@ static Class<?> loadAdapterClass(String className, byte[] classBytes) { | |
Class<?> domainClass = SecurityController.getStaticSecurityDomainClass(); | ||
if (domainClass == CodeSource.class || domainClass == ProtectionDomain.class) { | ||
// use the calling script's security domain if available | ||
ProtectionDomain protectionDomain = SecurityUtilities.getScriptProtectionDomain(); | ||
if (protectionDomain == null) { | ||
protectionDomain = JavaAdapter.class.getProtectionDomain(); | ||
} | ||
ProtectionDomain protectionDomain = JavaAdapter.class.getProtectionDomain(); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CHECKME: can this be simplified? |
||
if (domainClass == CodeSource.class) { | ||
staticDomain = protectionDomain == null ? null : protectionDomain.getCodeSource(); | ||
} else { | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -15,7 +15,6 @@ | |
import java.lang.reflect.Member; | ||
import java.lang.reflect.Method; | ||
import java.lang.reflect.Modifier; | ||
import java.security.AccessControlContext; | ||
import java.security.AllPermission; | ||
import java.security.Permission; | ||
import java.util.ArrayList; | ||
|
@@ -319,8 +318,7 @@ private void discoverAccessibleMethods( | |
if (isPublic(mods) || isProtected(mods) || includePrivate) { | ||
MethodSignature sig = new MethodSignature(method); | ||
if (!map.containsKey(sig)) { | ||
if (includePrivate && !method.isAccessible()) | ||
method.setAccessible(true); | ||
VMBridge.instance.tryToMakeAccessible(method); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. CHECKME: Do we need a VMBridge for java 11/17? |
||
map.put(sig, method); | ||
} | ||
} | ||
|
@@ -658,7 +656,7 @@ private Field[] getAccessibleFields(boolean includeProtected, boolean includePri | |
for (Field field : declared) { | ||
int mod = field.getModifiers(); | ||
if (includePrivate || isPublic(mod) || isProtected(mod)) { | ||
if (!field.isAccessible()) field.setAccessible(true); | ||
VMBridge.instance.tryToMakeAccessible(field); | ||
fieldsList.add(field); | ||
} | ||
} | ||
|
@@ -770,17 +768,16 @@ static JavaMembers lookupClass( | |
Scriptable scope, Class<?> dynamicType, Class<?> staticType, boolean includeProtected) { | ||
JavaMembers members; | ||
ClassCache cache = ClassCache.get(scope); | ||
Map<ClassCache.CacheKey, JavaMembers> ct = cache.getClassCacheMap(); | ||
Map<Class, JavaMembers> ct = cache.getClassCacheMap(); | ||
|
||
Class<?> cl = dynamicType; | ||
Object secCtx = getSecurityContext(); | ||
for (; ; ) { | ||
members = ct.get(new ClassCache.CacheKey(cl, secCtx)); | ||
members = ct.get(cl); | ||
if (members != null) { | ||
if (cl != dynamicType) { | ||
// member lookup for the original class failed because of | ||
// missing privileges, cache the result so we don't try again | ||
ct.put(new ClassCache.CacheKey(dynamicType, secCtx), members); | ||
ct.put(dynamicType, members); | ||
} | ||
return members; | ||
} | ||
|
@@ -811,11 +808,11 @@ static JavaMembers lookupClass( | |
} | ||
|
||
if (cache.isCachingEnabled()) { | ||
ct.put(new ClassCache.CacheKey(cl, secCtx), members); | ||
ct.put(cl, members); | ||
if (cl != dynamicType) { | ||
// member lookup for the original class failed because of | ||
// missing privileges, cache the result so we don't try again | ||
ct.put(new ClassCache.CacheKey(dynamicType, secCtx), members); | ||
ct.put(dynamicType, members); | ||
} | ||
} | ||
return members; | ||
|
@@ -830,24 +827,6 @@ private static JavaMembers createJavaMembers( | |
} | ||
} | ||
|
||
private static Object getSecurityContext() { | ||
Object sec = null; | ||
SecurityManager sm = System.getSecurityManager(); | ||
if (sm != null) { | ||
sec = sm.getSecurityContext(); | ||
if (sec instanceof AccessControlContext) { | ||
try { | ||
((AccessControlContext) sec).checkPermission(allPermission); | ||
// if we have allPermission, we do not need to store the | ||
// security object in the cache key | ||
return null; | ||
} catch (SecurityException e) { | ||
} | ||
} | ||
} | ||
return sec; | ||
} | ||
|
||
RuntimeException reportMemberNotFound(String memberName) { | ||
return Context.reportRuntimeErrorById( | ||
"msg.java.member.not.found", cl.getName(), memberName); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No security context -> We can revert this change #1019