[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug classpath/25202] javax.security.auth.login.LoginException: no c
|
From: |
Raif S. Naffah |
|
Subject: |
Re: [Bug classpath/25202] javax.security.auth.login.LoginException: no configured modules for |
|
Date: |
Sun, 15 Jan 2006 15:43:26 +1100 |
|
User-agent: |
KMail/1.9.1 |
On Sunday 15 January 2006 14:15, Casey Marshall wrote:
> ...
> In the case of JAAS, to call e.g. `Configuration.refresh', you need
> the permission:
>
> javax.security.auth.AuthPermission ("refreshLoginConfiguration");
>
> ...and nothing else. Presumably this means you can call that method
> even if you don't have any `PropertyPermissions' granted to you.
one would call a refresh() after they successfully setup (and read a
config file). if they can not setup a config file (by creating a
LoginContext), they should not get a different result when they do a
refresh().
besides, which is more important, these are permissions for the
_implementors_ of Configuration not its users. so if there are
permissions to be bypassed (and i am not implying we should) it would
be those not the others.
> IOW,
> it doesn't make sense if GnuConfiguration.refresh throws a
> SecurityException if the caller has `AuthPermission
> ("refreshLoginConfiguration")' but doesn't have, say,
> `SecurityPermission
> ("getProperty.java.security.auth.login.config.url.N").' That this
> implementation requires other permissions to do its job isn't
> relevant.
see later.
> (I looked over the patch again, and see that you'll only throw a
> SecurityException in `processSecurityProperties.' The other methods
> just fail silently (except for debug output) which I think is the
> wrong thing to do.)
i changed it to be similar to the other lookup methods; i.e. catch all
the exceptions and continue looking in other places.
let's recap here the two approaches:
* in the proposed patch, for a user to be able to setup their own login
config modules they need:
A. at least one of the followings:
1. permission java.lang.SecurityPermission
"getProperty.java.security.auth.login.config.url.1",
"read";
2. permission java.util.PropertyPermission
"java.security.auth.login.config",
"read";
3. permission java.io.FilePermission
"${user.home}/.java.login.config",
"read";
B. in addition, if either A.1 or A.2 are allowed, and assuming they
reference files on "my.host.name" at port 80, or files on the local
machine (/var/data/ for example), one of the following additional
permissions are required:
1. permission java.netSocketPermission
"my.host.name:80",
"connect,accept,listen";
2. permission java.io.FilePermission
"/var/data/-",
"read";
* what you're saying is let's bypass the security manager checks for A.2
but leave the rest. is this an accurate assessment?
cheers;
rsn
pgpsNAf0wzOGW.pgp
Description: PGP signature