JDK-8169236 : JRE 8u112 attempts to run ICACLS.EXE on startup in Windows 10 Version 1607, build 14393
- Type: Bug
- Component: hotspot
- Sub-Component: svc-agent
- Affected Version: 8u102
- Priority: P3
- Status: Resolved
- Resolution: Fixed
- OS: windows_10
- CPU: x86_64
- Submitted: 2016-11-03
- Updated: 2018-01-17
- Resolved: 2016-11-30
The Version table provides details related to the release that this issue/RFE will be addressed.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.
To download the current JDK release, click here.
| JDK 8 |
|---|
8u152 b01Fixed  |
Related Reports
|
Relates :
|
Description
FULL PRODUCT VERSION : java version "1.8.0_112" Java(TM) SE Runtime Environment (build 1.8.0_112-b15) Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode) ADDITIONAL OS VERSION INFORMATION : Microsoft Windows [Version 10.0.14393] EXTRA RELEVANT SYSTEM CONFIGURATION : RES ONE Workspace A DESCRIPTION OF THE PROBLEM : When our application is started on a Windows computer where the system administrator has used RES ONE Workspace to revoke rights to create folders in C:\ProgramData and to run the Windows ICACLS.EXE command line tool users receive a security warning that running ICACLS.EXE is prohibited. Investigating with Process Monitor (*) shows that the JRE attempts to create the folder C:\ProgramData\Oracle\Java\.oracle_jre_usage. That fails because the rights have been revoked, but the JRE attempts to launch ICACLS.EXE to anyway. * https://technet.microsoft.com/en-us/sysinternals/processmonitor REGRESSION. Last worked in version 8u92 ADDITIONAL REGRESSION INFORMATION: java version "1.8.0_60" Java(TM) SE Runtime Environment (build 1.8.0_60-b27) Java HotSpot(TM) 64-Bit Server VM (build 25.60-b23, mixed mode) STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : In an elevated command prompt, remove user rights over C:\ProgramData and start Process Monitor: C:\>icacls ProgramData /remove builtin\users processed file: ProgramData Successfully processed 1 files; Failed processing 0 files C:\>procmon In another, non-admin, non-elevated command prompt: C:\>java -version EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - I would expect the Process Monitor output to contain a single failed attempt to create C:\ProgramData\Oracle, no other attempts to create folders below that, and especially no attempts to use ICACLS.EXE to manipulate folders and files that could not be created in the first place. ACTUAL - After a failed attempt to create C:\ProgramData\Oracle, attempts follow to create folders C:\ProgramData\Oracle\Java, C:\ProgramData\Oracle\Java\.oracle_jre_usage. After that ICACLS is run specifying the non-existing C:\ProgramData\Oracle\Java\.oracle_jre_usage as a parameter. Also an attempt is made to create C:\ProgramData\Oracle\Java\.oracle_jre_usage\5726f39adf56d625.timestamp. On systems managed with RES ONE Workspace the end user sees an alarming security warning about ICACLS.EXE. ERROR MESSAGES/STACK TRACES THAT OCCUR : 10:26:57.8336204 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage\5726f39adf56d625.timestamp PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8336898 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8337512 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8338272 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage PATH NOT FOUND Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0 10:26:57.8338790 java.exe 7764 CreateFile C:\ SUCCESS Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8339037 java.exe 7764 QueryDirectory C:\ProgramData SUCCESS Filter: ProgramData, 1: ProgramData 10:26:57.8339253 java.exe 7764 CloseFile C:\ SUCCESS 10:26:57.8339950 java.exe 7764 CreateFile C:\ProgramData ACCESS DENIED Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8340772 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8341406 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8341748 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java PATH NOT FOUND Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0 10:26:57.8342078 java.exe 7764 CreateFile C:\ SUCCESS Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8342314 java.exe 7764 QueryDirectory C:\ProgramData SUCCESS Filter: ProgramData, 1: ProgramData 10:26:57.8342524 java.exe 7764 CloseFile C:\ SUCCESS 10:26:57.8343201 java.exe 7764 CreateFile C:\ProgramData ACCESS DENIED Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8343927 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8344936 java.exe 7764 CreateFile C:\ProgramData\Oracle NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8345465 java.exe 7764 CreateFile C:\ProgramData\Oracle ACCESS DENIED Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0 10:26:57.8345884 java.exe 7764 CreateFile C:\ SUCCESS Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8346123 java.exe 7764 QueryDirectory C:\ProgramData SUCCESS Filter: ProgramData, 1: ProgramData 10:26:57.8346330 java.exe 7764 CloseFile C:\ SUCCESS 10:26:57.8346982 java.exe 7764 CreateFile C:\ProgramData ACCESS DENIED Desired Access: Read Data/List Directory, Synchronize, Disposition: Open, Options: Directory, Synchronous IO Non-Alert, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8348438 java.exe 7764 CreateFile C:\ProgramData\Oracle NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8349718 java.exe 7764 CreateFile C:\ProgramData SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8349957 java.exe 7764 QueryNetworkOpenInformationFile C:\ProgramData SUCCESS CreationTime: 16/07/2016 12:47:48, LastAccessTime: 03/11/2016 10:24:44, LastWriteTime: 03/11/2016 10:24:44, ChangeTime: 03/11/2016 10:24:44, AllocationSize: 01/01/1601 01:00:00, EndOfFile: 01/01/1601 01:00:00, FileAttributes: HD 10:26:57.8350073 java.exe 7764 CloseFile C:\ProgramData SUCCESS 10:26:57.8351089 java.exe 7764 CreateFile C:\ProgramData SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8351316 java.exe 7764 QueryNetworkOpenInformationFile C:\ProgramData SUCCESS CreationTime: 16/07/2016 12:47:48, LastAccessTime: 03/11/2016 10:24:44, LastWriteTime: 03/11/2016 10:24:44, ChangeTime: 03/11/2016 10:24:44, AllocationSize: 01/01/1601 01:00:00, EndOfFile: 01/01/1601 01:00:00, FileAttributes: HD 10:26:57.8351427 java.exe 7764 CloseFile C:\ProgramData SUCCESS 10:26:57.8352050 java.exe 7764 CreateFile C:\ProgramData\Oracle ACCESS DENIED Desired Access: Read Data/List Directory, Synchronize, Disposition: Create, Options: Directory, Synchronous IO Non-Alert, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0 10:26:57.8353006 java.exe 7764 CreateFile C:\ProgramData\Oracle NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8353669 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8360427 java.exe 7764 CreateFile C:\prog\jdk1.8.0_112\bin\icacls.exe REPARSE Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: <unknown> 10:26:57.8361391 java.exe 7764 CreateFile C:\prog\jdk1.8.0_112\bin\icacls.exe NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8362390 java.exe 7764 CreateFile C:\icacls.exe NAME NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a 10:26:57.8363451 java.exe 7764 CreateFile C:\Windows\System32\icacls.exe SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8363809 java.exe 7764 QueryBasicInformationFile C:\Windows\System32\icacls.exe SUCCESS CreationTime: 16/07/2016 12:42:23, LastAccessTime: 16/07/2016 12:42:23, LastWriteTime: 16/07/2016 12:42:23, ChangeTime: 23/09/2016 10:01:42, FileAttributes: A 10:26:57.8363932 java.exe 7764 CloseFile C:\Windows\System32\icacls.exe SUCCESS 10:26:57.8364978 java.exe 7764 CreateFile C:\Windows\System32\icacls.exe SUCCESS Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8365257 java.exe 7764 QueryBasicInformationFile C:\Windows\System32\icacls.exe SUCCESS CreationTime: 16/07/2016 12:42:23, LastAccessTime: 16/07/2016 12:42:23, LastWriteTime: 16/07/2016 12:42:23, ChangeTime: 23/09/2016 10:01:42, FileAttributes: A 10:26:57.8365371 java.exe 7764 CloseFile C:\Windows\System32\icacls.exe SUCCESS 10:26:57.8366264 java.exe 7764 CreateFile C:\Windows\System32\icacls.exe SUCCESS Desired Access: Read Data/List Directory, Execute/Traverse, Read Attributes, Synchronize, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, Delete, AllocationSize: n/a, OpenResult: Opened 10:26:57.8368431 java.exe 7764 CreateFileMapping C:\Windows\System32\icacls.exe FILE LOCKED WITH ONLY READERS SyncType: SyncTypeCreateSection, PageProtection: PAGE_EXECUTE|PAGE_NOCACHE 10:26:57.8369077 java.exe 7764 CreateFileMapping C:\Windows\System32\icacls.exe SUCCESS SyncType: SyncTypeOther 10:26:57.8369646 java.exe 7764 QuerySecurityFile C:\Windows\System32\icacls.exe SUCCESS Information: Label 10:26:57.8369930 java.exe 7764 QuerySecurityFile C:\Windows\System32\icacls.exe SUCCESS Information: Owner, Group, DACL, SACL, Label, Process Trust Label 10:26:57.8370041 java.exe 7764 QueryNameInformationFile C:\Windows\System32\icacls.exe SUCCESS Name: \Windows\System32\icacls.exe 10:26:57.8371651 java.exe 7764 Process Create C:\WINDOWS\SYSTEM32\icacls.exe SUCCESS PID: 1808, Command line: icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M 10:26:57.8374860 java.exe 7764 QuerySecurityFile C:\Windows\System32\icacls.exe SUCCESS Information: Owner, Group, DACL, SACL, Label, Process Trust Label 10:26:57.8375528 java.exe 7764 CreateFile C:\Windows\AppPatch\sysmain.sdb SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened 10:26:57.8376177 java.exe 7764 QueryBasicInformationFile C:\Windows\AppPatch\sysmain.sdb SUCCESS CreationTime: 30/09/2016 11:29:43, LastAccessTime: 30/09/2016 11:29:43, LastWriteTime: 15/09/2016 16:08:54, ChangeTime: 03/10/2016 20:21:19, FileAttributes: A 10:26:57.8376299 java.exe 7764 CloseFile C:\Windows\AppPatch\sysmain.sdb SUCCESS 10:26:57.8377090 java.exe 7764 CreateFile C:\Windows\AppPatch\apppatch64\sysmain.sdb SUCCESS Desired Access: Generic Read, Disposition: Open, Options: Synchronous IO Non-Alert, Non-Directory File, Attributes: N, ShareMode: Read, AllocationSize: n/a, OpenResult: Opened 10:26:57.8377659 java.exe 7764 QueryBasicInformationFile C:\Windows\AppPatch\apppatch64\sysmain.sdb SUCCESS CreationTime: 30/09/2016 11:28:33, LastAccessTime: 30/09/2016 11:28:33, LastWriteTime: 15/09/2016 16:02:34, ChangeTime: 03/10/2016 20:21:19, FileAttributes: A 10:26:57.8377775 java.exe 7764 CloseFile C:\Windows\AppPatch\apppatch64\sysmain.sdb SUCCESS 10:26:57.8378068 java.exe 7764 QueryBasicInformationFile C:\Windows\System32\icacls.exe SUCCESS CreationTime: 16/07/2016 12:42:23, LastAccessTime: 16/07/2016 12:42:23, LastWriteTime: 16/07/2016 12:42:23, ChangeTime: 23/09/2016 10:01:42, FileAttributes: A 10:26:57.8386380 java.exe 7764 CloseFile C:\Windows\System32\icacls.exe SUCCESS 10:26:57.8389093 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage\5726f39adf56d625.timestamp PATH NOT FOUND Desired Access: Generic Read/Write, Disposition: Create, Options: Synchronous IO Non-Alert, Non-Directory File, Open Reparse Point, Attributes: N, ShareMode: Read, Write, AllocationSize: 0 10:26:57.8390026 java.exe 7764 CreateFile C:\ProgramData\Oracle\Java\.oracle_jre_usage\5726f39adf56d625.timestamp PATH NOT FOUND Desired Access: Read Attributes, Disposition: Open, Options: Open Reparse Point, Attributes: n/a, ShareMode: Read, Write, Delete, AllocationSize: n/a REPRODUCIBILITY : This bug can be reproduced always.
Comments
|