openjpa-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Albert Lee (JIRA)" <j...@apache.org>
Subject [jira] Updated: (OPENJPA-244) Java 2 Security enablement
Date Sun, 03 Jun 2007 15:43:15 GMT

     [ https://issues.apache.org/jira/browse/OPENJPA-244?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Albert Lee updated OPENJPA-244:
-------------------------------

    Attachment: J2DoPrivHelper.java

After looking into this Java 2 security issue, here is a proposal to correct the problem in
openjpa.

The goals of the enhancements are:

1) non-intrusive changes.
2) easy readability and future usages
3) sensitive to downstream security exposure
4) maintanence of the additional code.

Approach to the solution:
1) Create a static helper class J2DoPrivHelper.java in openjpa-lib\src\main\java\org\apache\openjpa\lib\util.
See attachment for the content. The purpose of this class is isolate Java 2 security related
code in one place for control and maintenance.
2) Each JDK functions that required doPrivileged encasement associated to a static method
in the helper class. The name of the method is closely related to the JDK function. If it
is an instance method, the first argument is the instance object. So far I have identified
24 JDK helper methods.
3) Where there is a usage of the security sensitive method call, it can be translated to one
of the helper method.
    E.g.
    a) From
            return _url.openStream();
         To
            return J2DoPrivHelper.openStream(_url);
    b) From
           ClassLoader loader = cls.getClassLoader();
         To
           ClassLoader loader = J2DoPrivHelper.getClassLoader(cls);
    c) From
            loader = ClassLoader.getSystemClassLoader();
         To
            loader = J2DoPrivHelper.getSystemClassLoader();

         To
4) These method call translations will be to the closest place where the doPriv is needed.
This will eliminate the possible security "leak" in the down stream code. E.g. callback to
unsecured code inside the doPriv encasement.
5) There are approximately 71 files affected, excluding test cases that use the same security
sensitive methods.
6) Document the permissions required by Java 2 security used in openjpa.
    E.g.
      permission java.lang.RuntimePermission  "getClassLoader";
      permission java.io.FilePermission       "<<ALL FILES>>",        "read";


I have a prototype of these changes and it is working in the WebSphere environment.

I am open for suggestions and ideas. I continue to work on this path unless I hear there is
any objection otherwise.

Thanks.
Albert Lee

> Java 2 Security enablement
> --------------------------
>
>                 Key: OPENJPA-244
>                 URL: https://issues.apache.org/jira/browse/OPENJPA-244
>             Project: OpenJPA
>          Issue Type: Bug
>    Affects Versions: 0.9.8
>            Reporter: Kevin Sutter
>         Attachments: J2DoPrivHelper.java
>
>
> Via some testing with the WebSphere Application Server, it's been discovered that we're
missing some doPriv blocks through out the OpenJPA code base.  This JIRA report will be used
to resolve these issues.  More specific examples will be posted later.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message