Bug ID: JDK-4066506 the VM disables certain access checks for locally loaded classes.

Type: Bug
Component: hotspot
Sub-Component: runtime
Affected Version: 1.0.2,1.1,1.1.1,1.1.2,1.1.3

Priority: P4
Status: Closed
Resolution: Fixed
OS:
generic,solaris_2.4,solaris_2.5,solaris_2.5.1,solaris_2.6,windows_nt generic,solaris_2.4,solaris_2.5,solaris_2.5.1,solaris_2.6,windows_nt
CPU: generic,x86,sparc

Submitted: 1997-07-22
Updated: 1999-01-15
Resolved: 1999-01-15

Versions (Unresolved/Resolved/Fixed)

The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.

Other
1.2.0 1.2beta3Fixed

As a workaround for a javac optimizer bug, the VM disables access checks for 
locally loaded classes. This includes accesses to private classes, private/
protected fields and methods.

This VM bug will be trivial to fix once javac optimizer is fixed so that it
no longer generates bad class files. We have to make sure that the fixed VM
won't break too much existing code.

==========================================================================
Another report:

Private members of a class may be accessed by
foreign classes which are compiled against stub
classes with public members of the same name.

public class Victim {
	private int off_limits = 1;
}

public class Attacker
{
    public static void main(String[] args)
    {
        Victim victim = new Victim();
        System.out.println("victim.off_limits=" + victim.off_limits);
        victim.off_limits = 0;
        System.out.println("victim.off_limits=" + victim.off_limits);
    }
}

public class Victim {
	// This is the stub class
	public int off_limits;
}
(1) compile Attacker with the stub Victim class around.  
(2) rename the stub Victim class compile the real Victim class
(3) run the Attacker with the real Victim class present, and you may read 
    and write to the off_limits member (variable or function).
==========================================================================

CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: generic FIXED IN: 1.2beta3 INTEGRATED IN: 1.2beta3

14-06-2004

PUBLIC COMMENTS As a workaround for a javac optimizer bug, the VM disables access checks for locally loaded classes. This includes accesses to private classes, private/ protected fields and methods. This VM bug will be trivial to fix once javac optimizer is fixed so that it no longer generates bad class files. We have to make sure that the fixed VM won't break too much existing code. The VM bug does not pose any security problem because only locally loaded code is allowed to bypass access checks. All network loaded code still goes through the full verifier.

10-06-2004

EVALUATION Will be fixed a few releases after javac is fixed. sheng.liang@Eng 1997-11-14 Fixed in 1.2 beta3. The old behavior can be recovered by compiling the VM using -DBROKEN_JAVAC. sheng.liang@Eng 1998-01-15

14-11-1997

Duplicate :	JDK-4016662 - IllegalAccessError is not thrown when a class that was declared public is change
Duplicate :	JDK-4007893 - Using private method from another class.
Duplicate :	JDK-4054010 - Modification of a private field in another class allowed by 1.1.1 VM.
Duplicate :	JDK-4060948 - access to another package superclass protected constructor is permitted
Relates :	JDK-4240383 - JCK 1.2.2 and 1.2a Lang tests are failing on trusted mode