Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WFLY-11357] add priv block to FileSystemXAResourceRegistry #62

Merged
merged 1 commit into from Jun 17, 2019
Merged

[WFLY-11357] add priv block to FileSystemXAResourceRegistry #62

merged 1 commit into from Jun 17, 2019

Conversation

baranowb
Copy link
Contributor

@baranowb baranowb commented Jan 2, 2019
edited

@jamezp
Copy link
Member

jamezp commented Jan 3, 2019

This should use the https://issues.jboss.org/browse/WFTC-53 JIRA.

dmlloyd
dmlloyd requested changes Jan 7, 2019
View reviewed changes
Copy link
Member

@dmlloyd dmlloyd left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In addition to needing a WFTC JIRA # in the PR and commit summary, this also seems to introduce a privileged block with no corresponding permission check. Can it be shown that this is secure?

@baranowb
Copy link
Contributor Author

baranowb commented Jan 8, 2019

WDYM? mkdir and open require r/w permission.
mkdir(): https://docs.oracle.com/javase/7/docs/api/java/io/File.html#mkdir()
FIleChannel.open(): https://docs.oracle.com/javase/7/docs/api/java/nio/channels/FileChannel.html#open(java.nio.file.Path,%20java.nio.file.OpenOption...)

@dmlloyd
Copy link
Member

dmlloyd commented Jan 8, 2019

Yes of course, but any time you add doPrivileged somewhere, you must also add a corresponding permission check to prevent malicious code from subverting it.

See http://word-bits.flurg.com/presentations/security-manager/index.html#/11 for more info.

@baranowb
Copy link
Contributor Author

baranowb commented Jan 9, 2019

You mean to proof it in case JDK classes were tampered with?

@dmlloyd
Copy link
Member

dmlloyd commented Jan 9, 2019

No... to prove that no unprivileged caller of XAResourceRegistryFile can take advantage of the added extra privilege in order to perform some malicious action.

@fl4via fl4via mentioned this pull request Jan 24, 2019
Merged
@chengfang chengfang merged commit 53a9bde into wildfly:1.1 Jun 17, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmlloyd dmlloyd dmlloyd requested changes

@fl4via fl4via fl4via approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
5 participants
@baranowb @jamezp @dmlloyd @fl4via @chengfang