Bug ID: JDK-6419572 JMX implementations should be allowed to make permission checks even if no SecurityManager

JDK-6419572 : JMX implementations should be allowed to make permission checks even if no SecurityManager

Details

Type:	Enhancement	Submit Date:	2006-04-28
Status:	Resolved	Updated Date:	2010-07-29
Project Name:	JDK	Resolved Date:	2006-06-21
Component:	core-svc	OS:	generic
Sub-Component:	javax.management	CPU:	generic
Priority:	P3
Resolution:	Fixed
Affected Versions:	6
Fixed Versions:	6 (b89)

Related Reports

Sub Tasks

Description

The JMX spec says (in the PDF document and in the API documentation for javax.management.MBeanServer) that permission checks are made if and only if there is a non-null SecurityManager.

Comments

SUGGESTED FIX

Change this sentence in the Javadoc for MBeanServer:
 
"First, if there is no security manager (System.getSecurityManager() is null), then no checks are made."
 
to this:
 
"First, if there is no security manager (System.getSecurityManager() is null), then an implementation of this interface is free not to make any checks."
 
Likewise, in the security chapter of the JMX spec, change this:
 
"The security checks described in this chapter are only performed when there is a security manager. That is, if System.getSecurityManager() returns null, then no checks are performed."
 
to this:
 
"The security checks described in this chapter must be performed when there is a security manager.  That is, if System.getSecurityManager() does not return null, then authorization checks must be performed.  An implementation of the MBeanServer interface is free to perform the checks even if there is no security manager but it is not required to."

2006-06-06

EVALUATION

Spec-only change.  We cannot change the JDK so that it starts checking permissions even if there is no SecurityManager, at least not by default, since that would be incompatible.  We could provide another mechanism to ask for permission checks, but that is the subject of another RFE.

The most important outcome of this change would be that independent implementations could provide alternative mechanisms to ask for permission checks to be made.  Also, alternative MBeanServer implementations plugged in via the MBeanServerBuilder mechanism could make checks and remain compatible with the specification of the MBeanServer interface.

2006-04-28

SELECT A COUNTRY/REGION
Africa Operation Argentina Australia Austria Bahrain Bangladesh Belgium & Luxembourg Belize Bhutan Bolivia Bosnia & Herzegovina Brasil Brunei Bulgaria Cambodia Canada - English Canada - French Chile China Colombia	Costa Rica Croatia Cyprus Czech Republic Denmark Ecuador Egypt Estonia Finland France Germany Greece Guatemala Honduras Hong Kong Hungary India Indonesia Iraq Ireland	Israel Italy Japan Jordan Kazakhstan Korea Kuwait Laos Latvia Lebanon Lithuania Malaysia Maldives Malta Mexico Moldova Nepal Netherlands New Zealand Nicaragua	Norway Oman Pakistan Panama Paraguay Peru Philippines Poland Portugal Puerto Rico Qatar Romania Russia Saudi Arabia Serbia & Montenegro Singapore Slovakia Slovenia South Africa Spain	Sri Lanka Sweden Switzerland -- French Switzerland -- German Taiwan Thailand Turkey Ukraine United Arab Emirates United Kingdom United States Uruguay Venezuela Vietnam Yemen

Hardware and Software, Engineered to Work Together