Description
Ignite sandbox returns a privileged proxy for Ignite and some other system interfaces. If the user implements one of these interfaces and gets via privileged proxy an instance of implemented class, privileged proxy for user class will be returned.
Reproducer:
public class PrivilegedProxyTest extends AbstractSandboxTest { public void testPrivelegedUserObject() throws Exception { grid(CLNT_FORBIDDEN_WRITE_PROP).getOrCreateCache(DEFAULT_CACHE_NAME).put(0, new TestIterator<>()); runForbiddenOperation(() -> grid(CLNT_FORBIDDEN_WRITE_PROP).compute().run(() -> { GridIterator<?> it = (GridIterator<?>)Ignition.localIgnite().cache(DEFAULT_CACHE_NAME).get(0); it.iterator(); }), AccessControlException.class); } public static class TestIterator<T> extends GridIterableAdapter<T> { public TestIterator() { super(Collections.emptyIterator()); } @Override public GridIterator<T> iterator() { controlAction(); return super.iterator(); } } }
Attachments
Issue Links
- links to