M
Mike Matthews
I'm investigating the java security features for possible use in an
application I am writing.
One area that I have been experimenting with is extending the
SecurityManager class and overriding the checkPermission(Permission
perm) method.
When I do this and call
System.setSecurityManager( new TestSecurityManager() );
I get the following exception:
java.lang.ExceptionInInitializerError
at java.lang.System.setSecurityManager0(System.java:242)
at java.lang.System.setSecurityManager(System.java:211)
at test.TestMain.main(TestMain.java:45)
Caused by: java.security.AccessControlException: access denied
(java.security.SecurityPermission
getProperty.networkaddress.cache.ttl)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.security.Security.getProperty(Security.java:1213)
at sun.net.InetAddressCachePolicy$1.run(InetAddressCachePolicy.java:81)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.InetAddressCachePolicy.<clinit>(InetAddressCachePolicy.java:77)
... 3 more
java.security.AccessControlException: access denied
(java.util.logging.LoggingPermission control)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.util.logging.LogManager.checkAccess(LogManager.java:759)
at java.util.logging.LogManager.reset(LogManager.java:466)
at java.util.logging.LogManager$Cleaner.run(LogManager.java:175)
Exception in thread "main"
If I grant myself access to java.security.SecurityPermission
getProperty.networkaddress.cache.ttl
I get:
java.lang.ExceptionInInitializerError
at java.lang.System.setSecurityManager0(System.java:242)
at java.lang.System.setSecurityManager(System.java:211)
at test.TestMain.main(TestMain.java:45)
Caused by: java.security.AccessControlException: access denied
(java.util.PropertyPermission sun.net.inetaddr.ttl read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1291)
at java.lang.System.getProperty(System.java:572)
at java.lang.Integer.getInteger(Integer.java:772)
at java.lang.Integer.getInteger(Integer.java:689)
at sun.security.action.GetIntegerAction.run(GetIntegerAction.java:90)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.InetAddressCachePolicy.<clinit>(InetAddressCachePolicy.java:94)
... 3 more
java.security.AccessControlException: access denied
(java.util.logging.LoggingPermission control)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.util.logging.LogManager.checkAccess(LogManager.java:759)
at java.util.logging.LogManager.reset(LogManager.java:466)
at java.util.logging.LogManager$Cleaner.run(LogManager.java:175)
Exception in thread "main"
If I grant myself java.security.AllPermission then the problem goes
away but this seems pointless.
I get these exceptions even if my overriding method simply calls:
super().checkPermission(perm);
which is what's really bothering me.
If I choose not to override checkPermission(Permission perm) at all in
my SecurityManager class then I get none of these exceptions.
I'm new to the java security packages so any information would be
gratefully received.
application I am writing.
One area that I have been experimenting with is extending the
SecurityManager class and overriding the checkPermission(Permission
perm) method.
When I do this and call
System.setSecurityManager( new TestSecurityManager() );
I get the following exception:
java.lang.ExceptionInInitializerError
at java.lang.System.setSecurityManager0(System.java:242)
at java.lang.System.setSecurityManager(System.java:211)
at test.TestMain.main(TestMain.java:45)
Caused by: java.security.AccessControlException: access denied
(java.security.SecurityPermission
getProperty.networkaddress.cache.ttl)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.security.Security.getProperty(Security.java:1213)
at sun.net.InetAddressCachePolicy$1.run(InetAddressCachePolicy.java:81)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.InetAddressCachePolicy.<clinit>(InetAddressCachePolicy.java:77)
... 3 more
java.security.AccessControlException: access denied
(java.util.logging.LoggingPermission control)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.util.logging.LogManager.checkAccess(LogManager.java:759)
at java.util.logging.LogManager.reset(LogManager.java:466)
at java.util.logging.LogManager$Cleaner.run(LogManager.java:175)
Exception in thread "main"
If I grant myself access to java.security.SecurityPermission
getProperty.networkaddress.cache.ttl
I get:
java.lang.ExceptionInInitializerError
at java.lang.System.setSecurityManager0(System.java:242)
at java.lang.System.setSecurityManager(System.java:211)
at test.TestMain.main(TestMain.java:45)
Caused by: java.security.AccessControlException: access denied
(java.util.PropertyPermission sun.net.inetaddr.ttl read)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.lang.SecurityManager.checkPropertyAccess(SecurityManager.java:1291)
at java.lang.System.getProperty(System.java:572)
at java.lang.Integer.getInteger(Integer.java:772)
at java.lang.Integer.getInteger(Integer.java:689)
at sun.security.action.GetIntegerAction.run(GetIntegerAction.java:90)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.InetAddressCachePolicy.<clinit>(InetAddressCachePolicy.java:94)
... 3 more
java.security.AccessControlException: access denied
(java.util.logging.LoggingPermission control)
at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
at java.security.AccessController.checkPermission(AccessController.java:401)
at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
at test.TestSecurityManager.checkPermission(TestSecurityManager.java:40)
at java.util.logging.LogManager.checkAccess(LogManager.java:759)
at java.util.logging.LogManager.reset(LogManager.java:466)
at java.util.logging.LogManager$Cleaner.run(LogManager.java:175)
Exception in thread "main"
If I grant myself java.security.AllPermission then the problem goes
away but this seems pointless.
I get these exceptions even if my overriding method simply calls:
super().checkPermission(perm);
which is what's really bothering me.
If I choose not to override checkPermission(Permission perm) at all in
my SecurityManager class then I get none of these exceptions.
I'm new to the java security packages so any information would be
gratefully received.