Issue1188

classification
Title: Patch against trunk to handle SecurityExceptions
Type: crash Severity: normal
Components: Core, Library Versions:
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: fwierzbicki Nosy List: amak, fwierzbicki, jamesr, pjenvey, zyasoft
Priority: urgent Keywords: patch

Created on 2008-12-01.19:25:12 by jamesr, last changed 2009-04-22.03:05:53 by fwierzbicki.

Files
File name Uploaded Description Edit Remove
catch_security_exceptions.patch jamesr, 2008-12-01.19:25:12 Patch against svn trunk@67467
jython.patch jamesr, 2009-03-12.15:34:11 updated_path
Messages
msg3863 (view) Author: James Robinson (jamesr) Date: 2008-12-01.19:25:12
This patch adds handling for SecurityExceptions in places currently
lacking it.  SecurityExceptions can be thrown by many file-related and
other Java APIs when running Jython in a restricted container.

This patch fixes the issue noted in 1185 and 1186, although this is
against trunk and not 2.2.*.
msg4246 (view) Author: Jim Baker (zyasoft) Date: 2009-03-12.08:30:04
Review for 2.5.0
msg4249 (view) Author: James Robinson (jamesr) Date: 2009-03-12.15:34:10
Thanks for looking at this.  Here's an updated patch against svn
trunk@6093. Is there any way I can help get this landed?
msg4255 (view) Author: Frank Wierzbicki (fwierzbicki) Date: 2009-03-13.14:19:11
James Robinson: by updating the patch to trunk you have helped make sure
it gets a solid review (also zyasoft marking it as "high" means we will
review before we get to RC)
msg4453 (view) Author: Philip Jenvey (pjenvey) Date: 2009-04-06.01:42:53
What security policy was this made to run against? We have an incredibly 
simple test of starting up jython under a restricted policy in 
test_java_integration

Having that test do a little more would also be really helpful in 
getting this patch applied
msg4488 (view) Author: James Robinson (jamesr) Date: 2009-04-08.15:26:04
This is for the security policy in the Google App Engine.  It can
roughly be recreated by forbidding all write access to disk and read
access outside the working directory (which makes some
File.isDirectory() checks fail).  The additional changes are because
SecureClassLoader and Compiler are not on the JRE whitelist. 
Compiler.compileClass() is documented to be a no-op, so I do not think
removing it is an issue.  URLClassLoader should work just as well as
SecureClassLoader.
msg4565 (view) Author: Frank Wierzbicki (fwierzbicki) Date: 2009-04-22.03:05:52
I finally got a policy file together so I could test these fixes. 
Needless to say it is still difficult to do any sort of real testing
(especially using our regrtest suite) w/o being able to write to the
filesystem.  I have done some manual testing, but real testing of jython
in a write only environment is still a todo.  Thanks James Robinson!
History
Date User Action Args
2009-04-22 03:05:53fwierzbickisetstatus: open -> closed
resolution: fixed
messages: + msg4565
2009-04-11 22:26:34fwierzbickisetpriority: high -> urgent
assignee: fwierzbicki
2009-04-08 23:41:39amaksetnosy: + amak
2009-04-08 15:26:05jamesrsetmessages: + msg4488
2009-04-06 01:42:53pjenveysetnosy: + pjenvey
messages: + msg4453
2009-03-13 14:19:11fwierzbickisetnosy: + fwierzbicki
messages: + msg4255
2009-03-12 15:34:12jamesrsetfiles: + jython.patch
keywords: + patch
messages: + msg4249
2009-03-12 08:30:04zyasoftsetpriority: high
nosy: + zyasoft
messages: + msg4246
2008-12-01 19:25:12jamesrcreate