Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed JRubyClassLoader to not require protective domain access check #817

Closed
wants to merge 1 commit into from

Conversation

@ratnikov
Copy link
Contributor

@ratnikov ratnikov commented Jun 20, 2013

Loading protection domain requires an access check, and it seems like it's not necessary to actually provide one.

@BanzaiMan
Copy link
Member

@BanzaiMan BanzaiMan commented Jun 22, 2013

What is the issue that we are trying to solve?

@ratnikov
Copy link
Contributor Author

@ratnikov ratnikov commented Jun 22, 2013

I want to be able to load jruby with security manager but minimize
permissions I have to allow.
Calling Class#getProtectionDomain requires a
RuntimePermission("getProtectionDomain") and it seems to me that the
DEFAULT_DOMAIN is not really required (I think I even saw in one of the
implementations do exactly what I do: pass null).

Do you know of the reason it serves? From the original commit, it looked a
"just in case" kind of thing.

-- D

On Fri, Jun 21, 2013 at 11:35 PM, Hiro Asari notifications@github.com
wrote:

What is the issue that we are trying to solve?


Reply to this email directly or view it on GitHub.

@headius
Copy link
Member

@headius headius commented Jun 22, 2013

Passing null for the protection domain causes the classes to default to the system classloader's privileges. This prevents having sandbox child environments or environments with differing permissions in the same JVM.

We can modify the code to fall back on null if we can't acquire the protection domain, but we can't just pass null unconditionally.

@headius headius closed this in 1a2c1fe Jun 22, 2013
@headius
Copy link
Member

@headius headius commented Jun 22, 2013

If you have a test case you can give us that would fail without this patch, we'd love to incorporate it.

@ratnikov ratnikov deleted the ratnikov:fix-protective-domain branch Jun 24, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants