prevent System.exit() calls (openhab#409)

Signed-off-by: Kai Kreuzer <kai@openhab.org>
GitOrigin-RevId: d3ffb2d

bundles/org.openhab.core/src/main/java/org/openhab/core/internal/CoreActivator.java

@@ -8,6 +8,8 @@
  */
 package org.openhab.core.internal;
 
+import java.security.Permission;
+
 import org.eclipse.smarthome.model.rule.runtime.RuleEngine;
 import org.osgi.framework.BundleActivator;
 import org.osgi.framework.BundleContext;
@@ -35,12 +37,23 @@ private void startRuleEngine(BundleContext context) throws InterruptedException
         // TODO: This should probably better be moved in a new bundle, so that the core bundle does
         // not have a (optional) dependency on model.rule.runtime anymore.
         try {
-            ServiceTracker<RuleEngine, RuleEngine> tracker = new ServiceTracker<>(context,
-                    RuleEngine.class, null);
+            ServiceTracker<RuleEngine, RuleEngine> tracker = new ServiceTracker<>(context, RuleEngine.class, null);
             tracker.open();
             tracker.waitForService(10000);
         } catch (NoClassDefFoundError e) {
         }
+
+        // see https://github.com/eclipse/smarthome/issues/6291
+        final SecurityManager securityManager = new SecurityManager() {
+            @Override
+            public void checkPermission(Permission permission) {
+                if (permission.getName().contains("exitVM")) {
+                    throw new SecurityException("Prevented System.exit() call.");
+                }
+            }
+        };
+        System.setSecurityManager(securityManager);
+
     }
 
     /*
@@ -51,6 +64,7 @@ private void startRuleEngine(BundleContext context) throws InterruptedException
      */
     @Override
     public void stop(BundleContext context) throws Exception {
+        System.setSecurityManager(null);
     }
 
 }