Uploaded image for project: 'Groovy'
  1. Groovy
  2. GROOVY-7626

Allow security managers to prevent system property access for Indy

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 2.4.6
    • None
    • None

    Description

      When using the "indy" setting, it tries to read a system property to enable logging.

      This change enables a JVM Security Manager to block this setting and therefore simply ignore the setting to use the default: do not log.

      From a security manager, you might otherwise catch a SecurityException containing:

      access denied ("java.util.PropertyPermission" "groovy.indy.logging" "read")

      Not only is this not recoverable, but the IndyInterface class will be inaccessible thereafter due to it being in a static block that fails (the dreaded NoClassDefFoundError).

      source: https://github.com/apache/incubator-groovy/pull/119

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            pascalschumacher Pascal Schumacher
            pascalschumacher Pascal Schumacher
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment