changeset 5433:51f162e60b8a

7169888: Narrowing resource definitions in JMX RMI connector Summary: CPU bug, we can't put offending calls outside doPrivileged, but narrow granted permissions. Reviewed-by: ahgross, fparain
author dsamersoff
date Fri, 15 Jun 2012 17:02:58 +0400
parents 2c7a8f9764cb
children 49c168b317a3
files src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java
diffstat 1 files changed, 32 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java	Thu Aug 02 13:48:22 2012 +0400
+++ b/src/share/classes/javax/management/remote/rmi/RMIConnectionImpl.java	Fri Jun 15 17:02:58 2012 +0400
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2002, 2008, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2002, 2012, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -39,11 +39,17 @@
 import java.rmi.MarshalledObject;
 import java.rmi.UnmarshalException;
 import java.rmi.server.Unreferenced;
+
 import java.security.AccessControlContext;
 import java.security.AccessController;
+import java.security.Permission;
+import java.security.PermissionCollection;
+import java.security.Permissions;
 import java.security.PrivilegedAction;
 import java.security.PrivilegedActionException;
 import java.security.PrivilegedExceptionAction;
+import java.security.ProtectionDomain;
+
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Map;
@@ -60,6 +66,7 @@
 import javax.management.MBeanException;
 import javax.management.MBeanInfo;
 import javax.management.MBeanRegistrationException;
+import javax.management.MBeanPermission;
 import javax.management.MBeanServer;
 import javax.management.NotCompliantMBeanException;
 import javax.management.NotificationFilter;
@@ -143,6 +150,7 @@
         this.mbeanServer = rmiServer.getMBeanServer();
 
         final ClassLoader dcl = defaultClassLoader;
+
         this.classLoaderWithRepository =
             AccessController.doPrivileged(
                 new PrivilegedAction<ClassLoaderWithRepository>() {
@@ -151,13 +159,29 @@
                                       mbeanServer.getClassLoaderRepository(),
                                       dcl);
                     }
-                });
+                },
+
+                withPermissions( new MBeanPermission("*", "getClassLoaderRepository"),
+                                 new RuntimePermission("createClassLoader"))
+            );
+
         serverCommunicatorAdmin = new
           RMIServerCommunicatorAdmin(EnvHelp.getServerConnectionTimeout(env));
 
         this.env = env;
     }
 
+    private static AccessControlContext withPermissions(Permission ... perms){
+        Permissions col = new Permissions();
+
+        for (Permission thePerm : perms ) {
+            col.add(thePerm);
+        }
+
+        final ProtectionDomain pd = new ProtectionDomain(null, col);
+        return new AccessControlContext( new ProtectionDomain[] { pd });
+    }
+
     private synchronized ServerNotifForwarder getServerNotifFwd() {
         // Lazily created when first use. Mainly when
         // addNotificationListener is first called.
@@ -1330,7 +1354,9 @@
                         public ClassLoader run() throws InstanceNotFoundException {
                             return mbeanServer.getClassLoader(name);
                         }
-                    });
+                    },
+                    withPermissions(new MBeanPermission("*", "getClassLoader"))
+            );
         } catch (PrivilegedActionException pe) {
             throw (InstanceNotFoundException) extractException(pe);
         }
@@ -1345,7 +1371,9 @@
                         public Object run() throws InstanceNotFoundException {
                             return mbeanServer.getClassLoaderFor(name);
                         }
-                    });
+                    },
+                    withPermissions(new MBeanPermission("*", "getClassLoaderFor"))
+            );
         } catch (PrivilegedActionException pe) {
             throw (InstanceNotFoundException) extractException(pe);
         }