ant-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Erik Hatcher <jakarta-...@ehatchersolutions.com>
Subject Re: [PATCH] Main.runBuild does not need to setSecurityManager
Date Mon, 10 Feb 2003 00:44:23 GMT
Any committers have thoughts on this patch?

It looks like a reasonable patch to apply, but I wanted to double-check.

	Erik


On Sunday, February 9, 2003, at 02:15  PM, Stu Halloway (DevelopMentor) 
wrote:
> Ant's runBuild makes an unnecessary call to setSecurityManager. This 
> causes problems when running Ant with security turned on because 
> that's a pretty sensitive permission to grant. :-)
>
> I found this problem while testing PermissionSniffer [1], which is a 
> prototype interactive SecurityManager. Sniffing out defects was an 
> unexpected side effect.
>
> Cheers,
> Stu
>
> [1] http://staff.develop.com/halloway/code/PermissionSniffer.html
>
> ----------------------------------------------------------
> Stuart Halloway         : staff.develop.com/halloway
> DevelopMentor           : www.develop.com
> Essential Java          : www.develop.com/courses/essjava
> ----------------------------------------------------------
> 	
> Index: jakarta-ant/src/main/org/apache/tools/ant/Main.java
> ===================================================================
> RCS file: 
> /home/cvspublic/jakarta-ant/src/main/org/apache/tools/ant/Main.java,v
> retrieving revision 1.78
> diff -u -r1.78 Main.java
> --- jakarta-ant/src/main/org/apache/tools/ant/Main.java	9 Feb 2003 
> 07:59:52 -0000	1.78
> +++ jakarta-ant/src/main/org/apache/tools/ant/Main.java	9 Feb 2003 
> 18:56:54 -0000
> @@ -559,18 +559,6 @@
>              PrintStream err = System.err;
>              PrintStream out = System.out;
>
> -            // use a system manager that prevents from System.exit()
> -            // only in JDK > 1.1
> -            SecurityManager oldsm = null;
> -            if (!JavaEnvUtils.isJavaVersion(JavaEnvUtils.JAVA_1_0) &&
> -                !JavaEnvUtils.isJavaVersion(JavaEnvUtils.JAVA_1_1)){
> -                oldsm = System.getSecurityManager();
> -
> -                //SecurityManager can not be installed here for 
> backwards
> -                //compatability reasons (PD). Needs to be loaded 
> prior to
> -                //ant class if we are going to implement it.
> -                //System.setSecurityManager(new 
> NoExitSecurityManager());
> -            }
>              try {
>                  project.setDefaultInputStream(System.in);
>                  System.setIn(new DemuxInputStream(project));
> @@ -611,12 +599,6 @@
>
>                  project.executeTargets(targets);
>              } finally {
> -                // put back the original security manager
> -                //The following will never eval to true. (PD)
> -                if (oldsm != null){
> -                    System.setSecurityManager(oldsm);
> -                }
> -
>                  System.setOut(out);
>                  System.setErr(err);
>              }
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: ant-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: ant-dev-help@jakarta.apache.org


Mime
View raw message