changeset 9910:bb79460d72d8

8040059: Change default policy for extensions to no permission Reviewed-by: alanb, mullan, erikj
author mchung
date Fri, 09 May 2014 09:04:41 -0700
parents 7426549b1e3b
children ad7720938e7c
files make/CopyFiles.gmk src/share/classes/jdk/nio/zipfs/ZipFileSystem.java src/share/lib/security/java.policy src/windows/lib/security/java.policy test/TEST.groups test/jdk/nio/zipfs/Basic.java test/jdk/nio/zipfs/PathOps.java test/jdk/nio/zipfs/ZFSTests.java test/jdk/nio/zipfs/ZipFSTester.java test/jdk/nio/zipfs/test.policy test/jdk/nio/zipfs/test.policy.readonly test/lib/security/java.policy/Ext_AllPolicy.java test/lib/security/java.policy/Ext_AllPolicy.sh test/lib/security/java.policy/test.policy
diffstat 14 files changed, 142 insertions(+), 24 deletions(-) [+]
line wrap: on
line diff
--- a/make/CopyFiles.gmk	Fri May 09 12:06:13 2014 +0200
+++ b/make/CopyFiles.gmk	Fri May 09 09:04:41 2014 -0700
@@ -367,8 +367,24 @@
 POLICY_SRC := $(JDK_TOPDIR)/src/share/lib/security/java.policy
 POLICY_DST := $(JDK_OUTPUTDIR)/lib/security/java.policy
 
-$(POLICY_DST): $(POLICY_SRC)
-	$(call install-file)
+POLICY_SRC_LIST :=
+
+ifeq ($(OPENJDK_TARGET_OS), windows)
+  POLICY_SRC_LIST += $(JDK_TOPDIR)/src/$(OPENJDK_TARGET_OS)/lib/security/java.policy
+endif
+ifndef OPENJDK
+  ifneq (, $(filter $(OPENJDK_TARGET_OS), windows solaris))
+    POLICY_SRC_LIST += $(JDK_TOPDIR)/src/closed/$(OPENJDK_TARGET_OS)/lib/security/java.policy
+  endif
+endif
+
+POLICY_SRC_LIST += $(POLICY_SRC)
+
+$(POLICY_DST): $(POLICY_SRC_LIST)
+	$(MKDIR) -p $(@D)
+	$(RM) $@ $@.tmp
+	$(foreach f,$(POLICY_SRC_LIST),$(CAT) $(f) >> $@.tmp;)
+	$(MV) $@.tmp $@
 
 COPY_FILES += $(POLICY_DST)
 
--- a/src/share/classes/jdk/nio/zipfs/ZipFileSystem.java	Fri May 09 12:06:13 2014 +0200
+++ b/src/share/classes/jdk/nio/zipfs/ZipFileSystem.java	Fri May 09 09:04:41 2014 -0700
@@ -41,6 +41,8 @@
 import java.nio.file.spi.*;
 import java.security.AccessController;
 import java.security.PrivilegedAction;
+import java.security.PrivilegedActionException;
+import java.security.PrivilegedExceptionAction;
 import java.util.*;
 import java.util.concurrent.locks.ReadWriteLock;
 import java.util.concurrent.locks.ReentrantReadWriteLock;
@@ -110,7 +112,9 @@
         }
         // sm and existence check
         zfpath.getFileSystem().provider().checkAccess(zfpath, AccessMode.READ);
-        if (!Files.isWritable(zfpath))
+        boolean writeable = AccessController.doPrivileged(
+            (PrivilegedAction<Boolean>) () ->  Files.isWritable(zfpath));
+        if (!writeable)
             this.readOnly = true;
         this.zc = ZipCoder.get(nameEncoding);
         this.defaultdir = new ZipPath(this, getBytes(defaultDir));
@@ -262,9 +266,13 @@
         }
         beginWrite();                   // lock and sync
         try {
-            sync();
-            ch.close();                 // close the ch just in case no update
-        } finally {                     // and sync dose not close the ch
+            AccessController.doPrivileged((PrivilegedExceptionAction<Void>) () -> {
+                sync(); return null;
+            });
+            ch.close();                          // close the ch just in case no update
+        } catch (PrivilegedActionException e) {  // and sync dose not close the ch
+            throw (IOException)e.getException();
+        } finally {
             endWrite();
         }
 
@@ -281,8 +289,10 @@
         synchronized (tmppaths) {
             for (Path p: tmppaths) {
                 try {
-                    Files.deleteIfExists(p);
-                } catch (IOException x) {
+                    AccessController.doPrivileged(
+                        (PrivilegedExceptionAction<Boolean>)() -> Files.deleteIfExists(p));
+                } catch (PrivilegedActionException e) {
+                    IOException x = (IOException)e.getException();
                     if (ioe == null)
                         ioe = x;
                     else
--- a/src/share/lib/security/java.policy	Fri May 09 12:06:13 2014 +0200
+++ b/src/share/lib/security/java.policy	Fri May 09 09:04:41 2014 -0700
@@ -1,7 +1,39 @@
+// permissions required by each component
+grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
+        permission java.io.FilePermission "<<ALL FILES>>", "read,write,delete";
+        permission java.lang.RuntimePermission "fileSystemProvider";
+        permission java.util.PropertyPermission "*", "read";
+};
 
-// Standard extensions get all permissions by default
+grant codeBase "file:${java.home}/lib/ext/cldrdata.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
+        permission java.util.PropertyPermission "*", "read";
+};
 
-grant codeBase "file:${{java.ext.dirs}}/*" {
+grant codeBase "file:${java.home}/lib/ext/localedata.jar" {
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*";
+        permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*";
+        permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/dnsns.jar" {
+        permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/nashorn.jar" {
+        permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunec.jar" {
+        permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunjce_provider.jar" {
+        permission java.security.AllPermission;
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
         permission java.security.AllPermission;
 };
 
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/src/windows/lib/security/java.policy	Fri May 09 09:04:41 2014 -0700
@@ -0,0 +1,3 @@
+grant codeBase "file:${java.home}/lib/ext/sunmscapi.jar" {
+        permission java.security.AllPermission;
+};
--- a/test/TEST.groups	Fri May 09 12:06:13 2014 +0200
+++ b/test/TEST.groups	Fri May 09 09:04:41 2014 -0700
@@ -97,7 +97,8 @@
 
 jdk_nio = \
     java/nio \
-    sun/nio
+    sun/nio \
+    jdk/nio
 
 jdk_net = \
     java/net \
@@ -203,7 +204,6 @@
     com/sun/jndi \
     com/sun/corba \
     lib/testlibrary \
-    jdk/nio/zipfs \
     sample
 
 #
--- a/test/jdk/nio/zipfs/Basic.java	Fri May 09 12:06:13 2014 +0200
+++ b/test/jdk/nio/zipfs/Basic.java	Fri May 09 09:04:41 2014 -0700
@@ -31,8 +31,11 @@
 /**
  *
  * @test
- * @bug 8038500
+ * @bug 8038500 8040059
  * @summary Basic test for zip provider
+ *
+ * @run main Basic
+ * @run main/othervm/policy=test.policy Basic
  */
 
 public class Basic {
--- a/test/jdk/nio/zipfs/PathOps.java	Fri May 09 12:06:13 2014 +0200
+++ b/test/jdk/nio/zipfs/PathOps.java	Fri May 09 09:04:41 2014 -0700
@@ -29,8 +29,11 @@
 /**
  *
  * @test
- * @bug 8038500
+ * @bug 8038500 8040059
  * @summary Tests path operations for zip provider.
+ *
+ * @run main PathOps
+ * @run main/othervm/policy=test.policy.readonly PathOps
  */
 
 public class PathOps {
--- a/test/jdk/nio/zipfs/ZFSTests.java	Fri May 09 12:06:13 2014 +0200
+++ b/test/jdk/nio/zipfs/ZFSTests.java	Fri May 09 09:04:41 2014 -0700
@@ -22,8 +22,11 @@
  */
 
 /* @test
-   @bug 7156873
-   @summary ZipFileSystem regression tests
+ * @bug 7156873 8040059
+ * @summary ZipFileSystem regression tests
+ *
+ * @run main ZFSTests
+ * @run main/othervm/policy=test.policy ZFSTests
  */
 
 
--- a/test/jdk/nio/zipfs/ZipFSTester.java	Fri May 09 12:06:13 2014 +0200
+++ b/test/jdk/nio/zipfs/ZipFSTester.java	Fri May 09 09:04:41 2014 -0700
@@ -40,8 +40,10 @@
  *
  * @test
  * @bug 6990846 7009092 7009085 7015391 7014948 7005986 7017840 7007596
- *      7157656 8002390 7012868 7012856 8015728 8038500
+ *      7157656 8002390 7012868 7012856 8015728 8038500 8040059
  * @summary Test Zip filesystem provider
+ * @run main ZipFSTester
+ * @run main/othervm/policy=test.policy ZipFSTester
  */
 
 public class ZipFSTester {
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/nio/zipfs/test.policy	Fri May 09 09:04:41 2014 -0700
@@ -0,0 +1,16 @@
+grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
+    permission java.io.FilePermission "<<ALL FILES>>", "read,write";
+    permission java.lang.RuntimePermission "fileSystemProvider";
+    permission java.util.PropertyPermission "*", "read";
+};
+
+grant codeBase "file:${java.home}/lib/ext/sunpkcs11.jar" {
+    permission java.lang.RuntimePermission "accessClassInPackage.sun.security.*";
+};
+
+grant {
+    permission java.io.FilePermission "<<ALL FILES>>","read,write,delete";
+    permission java.util.PropertyPermission "test.jdk","read";
+    permission java.util.PropertyPermission "test.src","read";
+    permission java.util.PropertyPermission "user.dir","read";
+};
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/jdk/nio/zipfs/test.policy.readonly	Fri May 09 09:04:41 2014 -0700
@@ -0,0 +1,12 @@
+grant codeBase "file:${java.home}/lib/ext/zipfs.jar" {
+    permission java.io.FilePermission "<<ALL FILES>>", "read,write";
+    permission java.lang.RuntimePermission "fileSystemProvider";
+    permission java.util.PropertyPermission "*", "read";
+};
+
+grant {
+    permission java.io.FilePermission "<<ALL FILES>>","read";
+    permission java.util.PropertyPermission "test.jdk","read";
+    permission java.util.PropertyPermission "test.src","read";
+    permission java.util.PropertyPermission "user.dir","read";
+};
--- a/test/lib/security/java.policy/Ext_AllPolicy.java	Fri May 09 12:06:13 2014 +0200
+++ b/test/lib/security/java.policy/Ext_AllPolicy.java	Fri May 09 09:04:41 2014 -0700
@@ -30,12 +30,24 @@
 import java.security.*;
 
 public class Ext_AllPolicy {
-        public static void main (String[] args) {
-                FilePermission mine = new FilePermission("/tmp/bar", "read");
-                SecurityManager sm = System.getSecurityManager();
+    public static void main (String[] args) {
+        boolean allPerms = args.length == 1 && args[0].equals("AllPermission");
+        FilePermission mine = new FilePermission("/tmp/bar", "read");
+        SecurityManager sm = System.getSecurityManager();
 
-                if (sm != null) {
-                        sm.checkPermission(mine);
+        if (sm != null) {
+            try {
+                sm.checkPermission(mine);
+                if (!allPerms) {
+                    // Default has no privilege.
+                    throw new RuntimeException(mine + " expected to deny access");
                 }
+            } catch (AccessControlException e) {
+                if (allPerms) {
+                    // expected all permissions granted
+                    throw e;
+                }
+            }
         }
+    }
 }
--- a/test/lib/security/java.policy/Ext_AllPolicy.sh	Fri May 09 12:06:13 2014 +0200
+++ b/test/lib/security/java.policy/Ext_AllPolicy.sh	Fri May 09 09:04:41 2014 -0700
@@ -22,7 +22,7 @@
 #
 
 # @test
-# @bug 4215035
+# @bug 4215035 8040059
 # @summary standard extensions path is hard-coded in default system policy file
 #
 # @build Ext_AllPolicy
@@ -81,6 +81,9 @@
 
 rm Ext_AllPolicy.class
 ${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
-        -Djava.security.manager -Djava.ext.dirs="${TESTCLASSES}" Ext_AllPolicy
+        -Djava.security.manager -Djava.ext.dirs="${TESTCLASSES}" Ext_AllPolicy || exit 10
 
+${TESTJAVA}${FS}bin${FS}java ${TESTVMOPTS} \
+        -Djava.security.policy=${TESTSRC}${FS}test.policy \
+        -Djava.security.manager -Djava.ext.dirs="${TESTCLASSES}" Ext_AllPolicy AllPermission
 exit $?
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/test/lib/security/java.policy/test.policy	Fri May 09 09:04:41 2014 -0700
@@ -0,0 +1,3 @@
+grant codeBase "file:${{java.ext.dirs}}/*" {
+    permission java.security.AllPermission;
+};