Duplicate :
|
|
Relates :
|
|
Relates :
|
FULL PRODUCT VERSION : java version "1.8.0_66" Java(TM) SE Runtime Environment (build 1.8.0_66-b18) Java HotSpot(TM) 64-Bit Server VM (build 25.66-b18, mixed mode) ADDITIONAL OS VERSION INFORMATION : StackOverflowError during PolicyFile lookup A DESCRIPTION OF THE PROBLEM : Running a custom Security Manager works fine until a specific point. Then we get a StackOverflow when reading the policy file. This bug has been fixed for JDK 9 but not been backported to JDK 8: Former Bug Ticket JDK-8077418 Our Custom Security Manager catches the exception of of a security violation and only logs it. (like a dryrun) Please backport the fix to JDK 8. Until then working with a Custom Security Manager is not possible as it can lead to REGRESSION. Last worked in version 9 STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : This is an old bug. The fix has not been backported to jdk 8 but fixed in jdk 9: JDK-8077418 Run java security with a custom security manager (like the one we posted) and let it run some time. EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - Logging of the missing permission which caused the security exception ACTUAL - package de.kvb.common.security.manager; import java.security.AccessControlContext; import java.security.AccessControlException; import java.security.AccessController; import java.security.Permission; import java.security.PrivilegedAction; /** * Custom SecurityManager for logging access violations instead of throwing Exceptions */ public class KvbSecurityManager extends SecurityManager { public KvbSecurityManager() { } @Override public void checkPermission(Permission perm) { try { super.checkPermission(perm); } catch(AccessControlException e) { System.out.println(perm); } } } ERROR MESSAGES/STACK TRACES THAT OCCUR : package de.kvb.common.security.manager; import java.security.AccessControlContext; import java.security.AccessControlException; import java.security.AccessController; import java.security.Permission; import java.security.PrivilegedAction; /** * Custom SecurityManager for logging access violations instead of throwing Exceptions */ public class KvbSecurityManager extends SecurityManager { public KvbSecurityManager() { } @Override public void checkPermission(Permission perm) { try { super.checkPermission(perm); } catch(AccessControlException e) { System.out.println(perm); } } } REPRODUCIBILITY : This bug can be reproduced often. ---------- BEGIN SOURCE ---------- package de.kvb.common.security.manager; import java.security.AccessControlContext; import java.security.AccessControlException; import java.security.AccessController; import java.security.Permission; import java.security.PrivilegedAction; /** * Custom SecurityManager for logging access violations instead of throwing Exceptions */ public class KvbSecurityManager extends SecurityManager { public KvbSecurityManager() { } @Override public void checkPermission(Permission perm) { try { super.checkPermission(perm); } catch(AccessControlException e) { System.out.println(perm); } } } ---------- END SOURCE ---------- CUSTOMER SUBMITTED WORKAROUND : No workaround possible
|