[SIS-320] Enable SIS to run is security-constrained environments - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Won't Fix
Affects Version/s: None
Fix Version/s: 1.2
Component/s: Metadata, Referencing, Storage, Utilities
Labels:
- Jigsaw

Description

Wraps some code necessary to SIS working in AccessController.doPrivileged(...) blocks. Examples:

String dir = AccessController.doPrivileged((PrivilegedAction<String>) () -> {
    return System.getenv("SIS_DATA");
});

We should not wrap all security-sensitive request for information, but only those that are needed for SIS working. Examples:

Environment variable value for SIS_DATA.
Property value for "java.naming.factory.initial", "derby.system.home".
Call to Field.setAccessible(true) in clone() methods for setting final fields.

Information for which we do not request privileged actions at this time:

MBean registration.
Property value for "java.home".
Call to Field.setAccessible(true) on deserialization for setting final transient fields.

Initial patch for SIS has been submitted by Guilhem Légal.

Attachments

Issue Links

is superceded by

SIS-525 Remove AccessController usage

Closed

Activity

People

Assignee:: Martin Desruisseaux

Reporter:: Martin Desruisseaux

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Mar/16 14:55

Updated:: 05/May/22 16:38

Resolved:: 05/May/22 16:38