Running with a security manager?

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|

Running with a security manager?

David Holmes
I want to run a test with a default security manager present. So I added
it to the @run:

@run main/othervm -Djava.security.manager TestReflectionAPI

But this breaks jtreg:

Exception in thread "main" java.security.AccessControlException: access
denied ("java.io.FilePermission"
"/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta"
"read")
        at
java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
        at
java.base/java.security.AccessController.checkPermission(AccessController.java:895)
        at
java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
        at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
        at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
        at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
        at java.base/java.io.FileReader.<init>(FileReader.java:58)
        at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)

So I presume I need some kind of policy file that gives jtreg necessary
permissions while trying to leave the actual test code with the normal
default permissions.

How do I do that?

Thanks,
David
Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

Peter
@run main/othervm/policy=policy/secure=java.lang.SecurityManager
TestReflectionAPI

Then create a policy file named policy.

Cheers,

Peter.

On 10/03/2018 2:16 PM, David Holmes wrote:

> I want to run a test with a default security manager present. So I
> added it to the @run:
>
> @run main/othervm -Djava.security.manager TestReflectionAPI
>
> But this breaks jtreg:
>
> Exception in thread "main" java.security.AccessControlException:
> access denied ("java.io.FilePermission"
> "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta"
> "read")
>     at
> java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>     at
> java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>     at
> java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>     at
> java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>     at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>     at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>     at java.base/java.io.FileReader.<init>(FileReader.java:58)
>     at
> com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>
> So I presume I need some kind of policy file that gives jtreg
> necessary permissions while trying to leave the actual test code with
> the normal default permissions.
>
> How do I do that?
>
> Thanks,
> David
>

Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

Peter
In reply to this post by David Holmes
This security manager creates a policy file, which you can then edit:

https://github.com/pfirmstone/JGDMS/blob/trunk/JGDMS/tools/security-policy-debug/src/main/java/org/apache/river/tool/SecurityPolicyWriter.java

Regards,

Peter.

On 10/03/2018 2:16 PM, David Holmes wrote:

> I want to run a test with a default security manager present. So I
> added it to the @run:
>
> @run main/othervm -Djava.security.manager TestReflectionAPI
>
> But this breaks jtreg:
>
> Exception in thread "main" java.security.AccessControlException:
> access denied ("java.io.FilePermission"
> "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta"
> "read")
>     at
> java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>     at
> java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>     at
> java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>     at
> java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>     at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>     at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>     at java.base/java.io.FileReader.<init>(FileReader.java:58)
>     at
> com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>
> So I presume I need some kind of policy file that gives jtreg
> necessary permissions while trying to leave the actual test code with
> the normal default permissions.
>
> How do I do that?
>
> Thanks,
> David
>

Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

Mandy Chung
In reply to this post by David Holmes
If you need to grant permission, you can do this:

* @run main/othervm/java.security.policy=<policy file> TestReflectionAPI

If no policy needed, you can set security manager (System::setSecurityManager) at the beginning of the test and run in othervm mode:
* @run main/othervm TestReflectionAPI

Mandy

On 3/9/18 8:16 PM, David Holmes wrote:
I want to run a test with a default security manager present. So I added it to the @run:

@run main/othervm -Djava.security.manager TestReflectionAPI

But this breaks jtreg:

Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta" "read")
    at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
    at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
    at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
    at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
    at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
    at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
    at java.base/java.io.FileReader.<init>(FileReader.java:58)
    at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)

So I presume I need some kind of policy file that gives jtreg necessary permissions while trying to leave the actual test code with the normal default permissions.

How do I do that?

Thanks,
David

Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

Weijun Wang
Or you can set policy to an empty file (maybe with a comment line). Unfortunately both secure and policy must have an argument.

--Max

> On Mar 10, 2018, at 2:37 PM, mandy chung <[hidden email]> wrote:
>
> If you need to grant permission, you can do this:
>
> * @run main/othervm/java.security.policy=<policy file> TestReflectionAPI
>
> If no policy needed, you can set security manager (System::setSecurityManager) at the beginning of the test and run in othervm mode:
> * @run main/othervm TestReflectionAPI
>
> Mandy
>
> On 3/9/18 8:16 PM, David Holmes wrote:
>> I want to run a test with a default security manager present. So I added it to the @run:
>>
>> @run main/othervm -Djava.security.manager TestReflectionAPI
>>
>> But this breaks jtreg:
>>
>> Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta" "read")
>>     at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>>     at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>>     at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>>     at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>>     at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>>     at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>>     at java.base/java.io.FileReader.<init>(FileReader.java:58)
>>     at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>>
>> So I presume I need some kind of policy file that gives jtreg necessary permissions while trying to leave the actual test code with the normal default permissions.
>>
>> How do I do that?
>>
>> Thanks,
>> David
>

Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

David Holmes
Thanks for all the responses.

On 10/03/2018 6:10 PM, Weijun Wang wrote:
> Or you can set policy to an empty file (maybe with a comment line). Unfortunately both secure and policy must have an argument.

Right. My issue is what policy do I have to set to make jtreg itself
work, regardless of what the test may or may not need? This seems to be
a problem to me - I don't know what permissions jtreg requires be added
to any policy.

Mandy's suggestion of just setting the security manager within the test
may be the way to go.

Thanks,
David

> --Max
>
>> On Mar 10, 2018, at 2:37 PM, mandy chung <[hidden email]> wrote:
>>
>> If you need to grant permission, you can do this:
>>
>> * @run main/othervm/java.security.policy=<policy file> TestReflectionAPI
>>
>> If no policy needed, you can set security manager (System::setSecurityManager) at the beginning of the test and run in othervm mode:
>> * @run main/othervm TestReflectionAPI
>>
>> Mandy
>>
>> On 3/9/18 8:16 PM, David Holmes wrote:
>>> I want to run a test with a default security manager present. So I added it to the @run:
>>>
>>> @run main/othervm -Djava.security.manager TestReflectionAPI
>>>
>>> But this breaks jtreg:
>>>
>>> Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta" "read")
>>>      at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>>>      at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>>>      at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>>>      at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>>>      at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>>>      at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>>>      at java.base/java.io.FileReader.<init>(FileReader.java:58)
>>>      at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>>>
>>> So I presume I need some kind of policy file that gives jtreg necessary permissions while trying to leave the actual test code with the normal default permissions.
>>>
>>> How do I do that?
>>>
>>> Thanks,
>>> David
>>
>
Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

David Holmes
On 10/03/2018 9:03 PM, David Holmes wrote:

> Thanks for all the responses.
>
> On 10/03/2018 6:10 PM, Weijun Wang wrote:
>> Or you can set policy to an empty file (maybe with a comment line).
>> Unfortunately both secure and policy must have an argument.
>
> Right. My issue is what policy do I have to set to make jtreg itself
> work, regardless of what the test may or may not need? This seems to be
> a problem to me - I don't know what permissions jtreg requires be added
> to any policy.
>
> Mandy's suggestion of just setting the security manager within the test
> may be the way to go.

No that requires I have a security manager to pass in. I just want to
enable the default security manager! This should not be that hard to do! :(

David

> Thanks,
> David
>
>> --Max
>>
>>> On Mar 10, 2018, at 2:37 PM, mandy chung <[hidden email]> wrote:
>>>
>>> If you need to grant permission, you can do this:
>>>
>>> * @run main/othervm/java.security.policy=<policy file> TestReflectionAPI
>>>
>>> If no policy needed, you can set security manager
>>> (System::setSecurityManager) at the beginning of the test and run in
>>> othervm mode:
>>> * @run main/othervm TestReflectionAPI
>>>
>>> Mandy
>>>
>>> On 3/9/18 8:16 PM, David Holmes wrote:
>>>> I want to run a test with a default security manager present. So I
>>>> added it to the @run:
>>>>
>>>> @run main/othervm -Djava.security.manager TestReflectionAPI
>>>>
>>>> But this breaks jtreg:
>>>>
>>>> Exception in thread "main" java.security.AccessControlException:
>>>> access denied ("java.io.FilePermission"
>>>> "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta"
>>>> "read")
>>>>      at
>>>> java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>>>>
>>>>      at
>>>> java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>>>>
>>>>      at
>>>> java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>>>>
>>>>      at
>>>> java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>>>>      at
>>>> java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>>>>      at
>>>> java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>>>>      at java.base/java.io.FileReader.<init>(FileReader.java:58)
>>>>      at
>>>> com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>>>>
>>>> So I presume I need some kind of policy file that gives jtreg
>>>> necessary permissions while trying to leave the actual test code
>>>> with the normal default permissions.
>>>>
>>>> How do I do that?
>>>>
>>>> Thanks,
>>>> David
>>>
>>
Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

Weijun Wang
If you set policy or secure in the @run line then jtreg will automatically add necessary permissions to your existing policy file to make it running.

--Max

> On Mar 10, 2018, at 7:06 PM, David Holmes <[hidden email]> wrote:
>
> On 10/03/2018 9:03 PM, David Holmes wrote:
>> Thanks for all the responses.
>> On 10/03/2018 6:10 PM, Weijun Wang wrote:
>>> Or you can set policy to an empty file (maybe with a comment line). Unfortunately both secure and policy must have an argument.
>> Right. My issue is what policy do I have to set to make jtreg itself work, regardless of what the test may or may not need? This seems to be a problem to me - I don't know what permissions jtreg requires be added to any policy.
>> Mandy's suggestion of just setting the security manager within the test may be the way to go.
>
> No that requires I have a security manager to pass in. I just want to enable the default security manager! This should not be that hard to do! :(
>
> David
>
>> Thanks,
>> David
>>> --Max
>>>
>>>> On Mar 10, 2018, at 2:37 PM, mandy chung <[hidden email]> wrote:
>>>>
>>>> If you need to grant permission, you can do this:
>>>>
>>>> * @run main/othervm/java.security.policy=<policy file> TestReflectionAPI
>>>>
>>>> If no policy needed, you can set security manager (System::setSecurityManager) at the beginning of the test and run in othervm mode:
>>>> * @run main/othervm TestReflectionAPI
>>>>
>>>> Mandy
>>>>
>>>> On 3/9/18 8:16 PM, David Holmes wrote:
>>>>> I want to run a test with a default security manager present. So I added it to the @run:
>>>>>
>>>>> @run main/othervm -Djava.security.manager TestReflectionAPI
>>>>>
>>>>> But this breaks jtreg:
>>>>>
>>>>> Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta" "read")
>>>>>      at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>>>>>      at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>>>>>      at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>>>>>      at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>>>>>      at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>>>>>      at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>>>>>      at java.base/java.io.FileReader.<init>(FileReader.java:58)
>>>>>      at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>>>>>
>>>>> So I presume I need some kind of policy file that gives jtreg necessary permissions while trying to leave the actual test code with the normal default permissions.
>>>>>
>>>>> How do I do that?
>>>>>
>>>>> Thanks,
>>>>> David
>>>>
>>>

Reply | Threaded
Open this post in threaded view
|

Re: Running with a security manager?

David Holmes
On 10/03/2018 10:43 PM, Weijun Wang wrote:
> If you set policy or secure in the @run line then jtreg will automatically add necessary permissions to your existing policy file to make it running.

I tried this for secure (which still fails) and then checked the jtreg
code - it only does that for policy:

         if (policyFN != null) {
             // add permission to read JTwork/classes by adding a grant
entry
             newPolicyFN = addGrantEntry(policyFN);
             javaProps.put("java.security.policy",
                           overrideSysPolicy ? "=" + newPolicyFN :
newPolicyFN);
         }

         if (secureCN != null) {
             javaProps.put("java.security.manager", secureCN);
         }
         else if (policyFN != null) {
             javaProps.put("java.security.manager", "default");
         }

So I simply defined an empty policy file and set /policy=empty.policy
and that appeared to achieve what I wanted.

But on further study of the options code is seems the above replaces the
system policy, which isn't really what I wanted. There an undocumented
/java.security.policy option which allows for overriding the system
policy or combining with them. If you specify:

/java.security.policy=my.policy

then overrideSysPolicy remains false and the policies presumably
combine. Whereas if you specify:

/java.security.policy==my.policy

then overrideSysPolicy is set true and my.policy will be the only
policy. This mirrors the behaviour of the java.security.policy property.

I use the former so that my empty policy, augmented with the permissions
jtreg added for itself, is then combined with the system default policy.

Thanks,
David

> --Max
>
>> On Mar 10, 2018, at 7:06 PM, David Holmes <[hidden email]> wrote:
>>
>> On 10/03/2018 9:03 PM, David Holmes wrote:
>>> Thanks for all the responses.
>>> On 10/03/2018 6:10 PM, Weijun Wang wrote:
>>>> Or you can set policy to an empty file (maybe with a comment line). Unfortunately both secure and policy must have an argument.
>>> Right. My issue is what policy do I have to set to make jtreg itself work, regardless of what the test may or may not need? This seems to be a problem to me - I don't know what permissions jtreg requires be added to any policy.
>>> Mandy's suggestion of just setting the security manager within the test may be the way to go.
>>
>> No that requires I have a security manager to pass in. I just want to enable the default security manager! This should not be that hard to do! :(
>>
>> David
>>
>>> Thanks,
>>> David
>>>> --Max
>>>>
>>>>> On Mar 10, 2018, at 2:37 PM, mandy chung <[hidden email]> wrote:
>>>>>
>>>>> If you need to grant permission, you can do this:
>>>>>
>>>>> * @run main/othervm/java.security.policy=<policy file> TestReflectionAPI
>>>>>
>>>>> If no policy needed, you can set security manager (System::setSecurityManager) at the beginning of the test and run in othervm mode:
>>>>> * @run main/othervm TestReflectionAPI
>>>>>
>>>>> Mandy
>>>>>
>>>>> On 3/9/18 8:16 PM, David Holmes wrote:
>>>>>> I want to run a test with a default security manager present. So I added it to the @run:
>>>>>>
>>>>>> @run main/othervm -Djava.security.manager TestReflectionAPI
>>>>>>
>>>>>> But this breaks jtreg:
>>>>>>
>>>>>> Exception in thread "main" java.security.AccessControlException: access denied ("java.io.FilePermission" "/export/users/dh198349/valhalla/repos/valhalla-exp/open/test/hotspot/jtreg/JTwork/runtime/Nestmates/reflectionAPI/TestReflectionAPI.d/main.2.jta" "read")
>>>>>>       at java.base/java.security.AccessControlContext.checkPermission(AccessControlContext.java:472)
>>>>>>       at java.base/java.security.AccessController.checkPermission(AccessController.java:895)
>>>>>>       at java.base/java.lang.SecurityManager.checkPermission(SecurityManager.java:335)
>>>>>>       at java.base/java.lang.SecurityManager.checkRead(SecurityManager.java:674)
>>>>>>       at java.base/java.io.FileInputStream.<init>(FileInputStream.java:147)
>>>>>>       at java.base/java.io.FileInputStream.<init>(FileInputStream.java:113)
>>>>>>       at java.base/java.io.FileReader.<init>(FileReader.java:58)
>>>>>>       at com.sun.javatest.regtest.agent.MainWrapper.main(MainWrapper.java:46)
>>>>>>
>>>>>> So I presume I need some kind of policy file that gives jtreg necessary permissions while trying to leave the actual test code with the normal default permissions.
>>>>>>
>>>>>> How do I do that?
>>>>>>
>>>>>> Thanks,
>>>>>> David
>>>>>
>>>>
>