JDK-4252452 : Plugin in trusted mode omits some access control checks
  • Type: Bug
  • Component: deploy
  • Sub-Component: plugin
  • Affected Version: 1.2.2
  • Priority: P3
  • Status: Resolved
  • Resolution: Fixed
  • OS: solaris_2.5.1
  • CPU: sparc
  • Submitted: 1999-07-08
  • Updated: 1999-08-05
  • Resolved: 1999-08-05
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
Other
1.3.0 1.3Fixed
Related Reports
Relates :  
JDK-4240383 - JCK 1.2.2 and 1.2a Lang tests are failing on trusted mode
Relates :  
JDK-4240375 - JCK122 and 1.2a, vm tests are failing under trusted mode
Description

Name: dkC59003			Date: 07/08/99



JVM specification Second edition chapter 5.4.4 "Access Control" reads:

...
A field or method R is accessible to a class or interface D
if and only if any of the following conditions is true: 

    R is public.  

    R is protected and is declared in a class C, and D is
    either a subclass of C or C itself. 

    R is either protected or package private (that is, neither
    public nor protected nor private), and is declared by a
    class in the same runtime package as D.

    R is private and is declared in D. 
...

The following test shows that plugin allows access from class "BadClass" 
to private field "buf" in class "test".

The plugin is run on Solaris, Netscape 4.5, under trusted mode -
CLASSPATH=/home/akm/test/applet (test.class and BadClass.class are there).

The bug is not reproduced under untrusted mode.

Note, JDK (e.g. 1.3, 1.2.2) behaves the same way without -Xfuture option.

------------------------------- test.java -------------------------------

import java.applet.*;

public class test extends Applet {

  private static int buf = 1;

  public void init () {

	try {
		System.out.println(buf);
		BadClass.badMethod();
		System.out.println(buf);
	} catch (Throwable e) {
		System.out.println(e);
	}
  }
}

------------------------------- BadClass.jasm -------------------------------

class BadClass extends test
{

public static Method badMethod:"()V"
	stack 1 locals 0
{
		iconst_2;
		putstatic	Field test.buf:"I";
		return;
}
}

------------------------------- solApplet.html -------------------------------

<html>
<head>
<title>Test applet</title>
</head>
<body>

<EMBED type=application/x-java-applet
   width=1 height=1
   code=test.class
   java_codebase=/home/akm/test/applet
>
</body>
</html>

------------------------------- output -------------------------------

1
2

======================================================================

======================================================================
Comments
CONVERTED DATA BugTraq+ Release Management Values COMMIT TO FIX: generic FIXED IN: 1.3 INTEGRATED IN: 1.3
14-06-2004
EVALUATION I suspect this has been fixed as part of the "newjava" mode switch. SQE needs to verify this, however.
11-06-2004