United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-6512054 SUBJECTDOMAINCOMBINER DOES NOT COMBINE CODE-BASED GRANTS IN JAAS MODE
JDK-6512054 : SUBJECTDOMAINCOMBINER DOES NOT COMBINE CODE-BASED GRANTS IN JAAS MODE

Details
Type:
Bug
Submit Date:
2007-01-11
Status:
Closed
Updated Date:
2011-03-07
Project Name:
JDK
Resolved Date:
2011-03-07
Component:
security-libs
OS:
generic
Sub-Component:
java.security
CPU:
generic
Priority:
P2
Resolution:
Fixed
Affected Versions:
1.4.0,6
Fixed Versions:

Related Reports
Backport:
Backport:
Backport:
Backport:
Duplicate:

Sub Tasks

Description
This bug does not manifest itself with default settings as the bug is in SubjectDomainCombiner.combineJavaxPolicy (i.e. when JAAS policy provider is set).

The main issue is that when combineJavaxPolicy creates the new ProtectionDomains, it fails to take code-based grants into consideration. This was not an issue in JDK1.3 as SecureClassLoader sets static (code-based) Permissions at load time (thus ProtectionDomain.getPermissions() + javax.security.auth.Policy.getPolicy().getPermissions() would suffice), but with dynamic policy support in JDK1.4 we now have an issue as [1] ProtectionDomain.getPermissions() by default returns an empty PermisisonCollection instance and [2] javax.security.auth.Policy.getPolicy().getPermissions() only evaluates principal-based grants [3] combineJavaxPolicy constructs ProtectionDomain instances using the 2-arg argument(i.e. staticPermissions field would be set to true), so when AccessControlContext calls ProtectionDomain.implies (in AccessControlContext.checkPermission) the Policy is not consulted at all.

The net effect is that code-based grants (even 'universal grants' that apply to all code sources and principals) are ignored during the combination process.

  To reproduce this, simply set JAAS policy provider and then add a 'universal grant' to the effective java.policy, then in the test code perform a Subject.doAsPrivileged (or Subject.doAs) with a AccessController.checkPermission for the aforementioned 'universal grant'. The checkPermission call will pass by default (using Java2 provider) and fail when JAAS policy provider is set.

                                    

Comments
EVALUATION

This is a bug. Fix will likely be implemented as described in 6511709.
                                     
2007-01-16



Hardware and Software, Engineered to Work Together